r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0c35c3ec659d3a26ea97e68d787bb043
d97e3672244efec5b7814f2d8a734cd1a9387854
4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9024
Expires: Mon, 30 Jan 2023 18:21:24 GMT
Date: Mon, 30 Jan 2023 15:51:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5eb7c9bc996a0ff420e58af45526f053
8c2614832b8efe1c9da0bbd465d6f3f172d95a9e
c085cf277dd0429fe15e4a4bce5595636e9f2204d5a8e77220f8bf88adf4068f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C085CF277DD0429FE15E4A4BCE5595636E9F2204D5A8E77220F8BF88ADF4068F"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4370
Expires: Mon, 30 Jan 2023 17:03:50 GMT
Date: Mon, 30 Jan 2023 15:51:00 GMT
Connection: keep-alive
ca-psost-trackpost.info/
149.28.209.72200 OK 675 B IP 149.28.209.72:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF, LF line terminators
Hash 55aa5f2da838a7acabe0480b3d2dd70b
a5c61d1ed551de4eb758ec07a923e86f694669ae
43f33a9d22001c55f41df723c891d845f2a3e9663f4b40ea494c13443c62f556
Analyzer Verdict Alert openphish Canada Post
fortinet Phishing
GET / HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:00 GMT
Content-Type: text/html
Last-Modified: Fri, 25 Nov 2022 20:50:33 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63812a99-46a"
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 30 Jan 2023 15:35:44 GMT
content-type: application/json
age: 916
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 09ee4b0fe6cf4ca5ed31b24452338d00
7e62b6e20f0d4737f4a8d94f9818a0883027839e
56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3493
Expires: Mon, 30 Jan 2023 16:49:13 GMT
Date: Mon, 30 Jan 2023 15:51:00 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: eo3TVcMnFtP+Yr2o6Q2AJJOW4LxnZD6ysaAIY21Bi3895x7rULOtqXwV8zZIPuqaAGhBhodrFncvO7Ggay/LwQ==
x-amz-request-id: ZYFQQE0919E7FYZ9
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 30 Jan 2023 15:50:47 GMT
age: 13
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 15:51:00 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ca-psost-trackpost.info/config/urlConfig.json
149.28.209.72200 OK 866 B URL HTTP/1.1 ca-psost-trackpost.info/config/urlConfig.json
IP 149.28.209.72:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 7a6b3d75b3937638fc6e90d0265bd67e
8f057c6fec92865f9de2963b6db2d955204876a7
a7e3b70758a98e9f6b14b6789e225f6a45eea862a1342ff256d35dc2e4b46243
Analyzer Verdict Alert openphish Canada Post
fortinet Phishing
GET /config/urlConfig.json HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:00 GMT
Content-Type: application/json
Content-Length: 866
Last-Modified: Fri, 27 Jan 2023 17:49:49 GMT
Connection: keep-alive
ETag: "63d40ebd-362"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
ca-psost-trackpost.info/static/js/axios.js
149.28.209.72200 OK 13 kB URL HTTP/1.1 ca-psost-trackpost.info/static/js/axios.js
IP 149.28.209.72:0
Hash 7d3300678434578e76a4cda306a8793d
284997dc01edabb76d995e8549d51be4eafd97d8
e44023ec5b4670d9e61b61b46f137c95b8aea4aee23cc5625cfd1e11ca7f2d32
Analyzer Verdict Alert openphish Canada Post
fortinet Phishing
GET /static/js/axios.js HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:00 GMT
Content-Type: application/javascript
Last-Modified: Sat, 10 Nov 2018 04:07:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5be65996-a6f0"
Expires: Tue, 31 Jan 2023 03:51:00 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ca-psost-trackpost.info/static/js/jquery-ui.js
149.28.209.72200 OK 624 B URL HTTP/1.1 ca-psost-trackpost.info/static/js/jquery-ui.js
IP 149.28.209.72:0
File type ASCII text, with very long lines (1004), with CRLF, LF line terminators
Hash 50d1d3e6a19d119fc8e5a55063210b49
0d310757b4881c17ac27e59c10034eb38b9941a3
1c34ca4c862f42398d5751e763b9b2d87a8173bd2c6d94ef54d1e24bbfda0e1e
Analyzer Verdict Alert openphish Canada Post
fortinet Phishing
GET /static/js/jquery-ui.js HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:00 GMT
Content-Type: application/javascript
Last-Modified: Thu, 03 Nov 2022 22:07:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63643ba0-5c7"
Expires: Tue, 31 Jan 2023 03:51:00 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ca-psost-trackpost.info/static/js/redConfig.js
149.28.209.72200 OK 4.7 kB URL HTTP/1.1 ca-psost-trackpost.info/static/js/redConfig.js
IP 149.28.209.72:0
File type ASCII text, with very long lines (6264), with CRLF, LF line terminators
Hash 0bafbe6dbf7e3bc5d07af0e38f2c9548
0cf070d3d65ea078140bfa10a0b9a4295a50e37b
cad78ccb6b303604dac04de50d92b629b567627b5093bcf18d94306aa3f46ac8
Analyzer Verdict Alert openphish Canada Post
fortinet Phishing
GET /static/js/redConfig.js HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:00 GMT
Content-Type: application/javascript
Last-Modified: Fri, 06 Jan 2023 16:49:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63b85136-2d25"
Expires: Tue, 31 Jan 2023 03:51:00 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 30 Jan 2023 15:41:41 GMT
age: 559
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ca-psost-trackpost.info/static/image/loading-icon-transparent-background-12.jpg
149.28.209.72200 OK 82 kB URL HTTP/1.1 ca-psost-trackpost.info/static/image/loading-icon-transparent-background-12.jpg
IP 149.28.209.72:0
File type GIF image data, version 89a, 630 x 637\012- data
Hash 9e0373c2b4410c49439dfd822c5fd16e
427f86c03751b7e107fd282bbe32be18fc2e0898
05eb745176d79ec27d52d544582483fc4d0f6378c7ed2060be24dfc4e8990668
Analyzer Verdict Alert openphish Canada Post
GET /static/image/loading-icon-transparent-background-12.jpg HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:00 GMT
Content-Type: image/jpeg
Content-Length: 81572
Last-Modified: Sat, 08 Oct 2022 12:01:27 GMT
Connection: keep-alive
ETag: "63416697-13ea4"
Expires: Wed, 01 Mar 2023 15:51:00 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3138
Expires: Mon, 30 Jan 2023 16:43:18 GMT
Date: Mon, 30 Jan 2023 15:51:00 GMT
Connection: keep-alive
push.services.mozilla.com/
54.201.77.8101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.201.77.8:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 31XmepBJS0K9HYjJJTdQNQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: HZ8ROt0KEo638w5YVcGoQ7UgM6Y=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3a1fd286f6f850efb2c7fda0512cec43
286a39d6979c6544c897db374578bfdd8de83375
bead635d11d168b5c2c48d917bf5dede31b480d6ddec2ef585126f1bb713ef9f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BEAD635D11D168B5C2C48D917BF5DEDE31B480D6DDEC2EF585126F1BB713EF9F"
Last-Modified: Mon, 30 Jan 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21536
Expires: Mon, 30 Jan 2023 21:49:57 GMT
Date: Mon, 30 Jan 2023 15:51:01 GMT
Connection: keep-alive
ziqicvv145.top/click/queryIp
149.28.206.39200 OK 12 B URL HTTP/2 ziqicvv145.top/click/queryIp
IP 149.28.206.39:0
File type ASCII text, with no line terminators
Hash 35b0bce9d250429df012c0426f88d0bd
f81d80af9cbeb0011316fbba3da8002b32251f7a
da9add592d7eb9cca7705cb4870d7fd4e9718ccd51486c4261a727a8d566960d
Analyzer Verdict Alert quad9 Sinkholed
GET /click/queryIp HTTP/1.1
Host: ziqicvv145.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: http://ca-psost-trackpost.info
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 15:51:01 GMT
content-type: text/plain;charset=UTF-8
content-length: 12
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, DELETE
access-control-max-age: 3600
access-control-allow-headers: *
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-cache: MISS
X-Firefox-Spdy: h2
ca-psost-trackpost.info/favicon.ico
149.28.209.72404 Not Found 146 B URL HTTP/1.1 ca-psost-trackpost.info/favicon.ico
IP 149.28.209.72:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
openphish Canada Post
GET /favicon.ico HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 30 Jan 2023 15:51:01 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12016
Expires: Mon, 30 Jan 2023 19:11:18 GMT
Date: Mon, 30 Jan 2023 15:51:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12016
Expires: Mon, 30 Jan 2023 19:11:18 GMT
Date: Mon, 30 Jan 2023 15:51:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12016
Expires: Mon, 30 Jan 2023 19:11:18 GMT
Date: Mon, 30 Jan 2023 15:51:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12016
Expires: Mon, 30 Jan 2023 19:11:18 GMT
Date: Mon, 30 Jan 2023 15:51:02 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3e04b9eaf7449828136ad59e4c9d69f1
b820be4ed885dcf288eb6460c57e1fa7b1c7c476
df75cf7183d401a19655aab025d08ad2c498573c88b32e9b258d951d2993b936
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7679
x-amzn-requestid: 0c7983d5-6040-44e9-b394-21c3784702a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkEtEfHoAMFaNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6ea-54c55dbd09ca642048af8916;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Wx-qjsrMLYpLmE-8QmpR46BeRySbUGL2Rrr6LqhEQ8jaEEj_6Aj0qg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:52:09 GMT
age: 64733
etag: "b820be4ed885dcf288eb6460c57e1fa7b1c7c476"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 65c02d8a1b0d6a210cb2a649c5c67469
027dbc7a104c922904f067ed15d696c363c11774
89d5443a1d313c632d09a583ef602aa4645a16986076387329f434262d15b0a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10997
x-amzn-requestid: a6fac0ab-1acf-4808-8785-3b4ec5e32edf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj30FX7IAMFa5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e698-005109ec2e76529e793678d6;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: skGKI_MWvDwpAbGibUcr8wTlimgoPU9ZYhEHltd3uhdJZ_GoNznVAA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:53:08 GMT
age: 64674
etag: "027dbc7a104c922904f067ed15d696c363c11774"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fe31ee140c2fd62e616c8a1edc9e78bb
7aa5fbdc8156514770ae620e81f1afef1c77890f
799af4bf9fa07ed27ebdc9d1a3344ee8a2b6529f076c263495b93290c47a1cc4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8464
x-amzn-requestid: bf2cf356-ebb1-469b-ba35-a79bb009cad6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj3qGeboAMFzNw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e697-7c96841f52b6a96d1b0eaf34;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: UNub7Gd4S0ogn5EJhtJVu8q1qML5_4eL2lIPQXiAuXy_q-XiR4s-5w==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:55:21 GMT
etag: "7aa5fbdc8156514770ae620e81f1afef1c77890f"
content-type: image/jpeg
age: 64541
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3be81f83687ddb6c93d3ff3c09a9dba2
50a48e737310d3f31840db4301b25927fbcc12c5
e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9167
x-amzn-requestid: f644ca78-a07a-43d1-96e4-95bcdecff7fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPGLfFtOIAMFp7w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf83e2-202ca7160544acd24259bd5d;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:08:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xRwqrWS66l4qJfg2HnGphN1dbrIUod9XKW3zTk_-Km9AQRPyV2UqWg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 20:46:17 GMT
age: 68685
etag: "50a48e737310d3f31840db4301b25927fbcc12c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55e9b24d-3c7c-46d8-89b7-084483cc3d1d.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55e9b24d-3c7c-46d8-89b7-084483cc3d1d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5190c0bdc6abe0ee258e9f8c20ddaf51
d60f280f8a742480527dbc32d08f321f972d4fcf
874b38a04aa3736e65aaef72da2cc2efceb208618267107a495bdfe51ec58e58
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55e9b24d-3c7c-46d8-89b7-084483cc3d1d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12507
x-amzn-requestid: 85c9adcd-b997-48ca-bbfb-ccdeaf3e8cfb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhklyFaJoAMFqKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e7be-2bcdd8c353d8429d2b1e95f6;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:40:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UDJKl99GiUxTW_EgWFDjLaJZbKFhfaJR-XRLsbQphwHuCXczDlxrDA==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:54:37 GMT
age: 64585
etag: "d60f280f8a742480527dbc32d08f321f972d4fcf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 51aa950d5eed7b90cab6632107092edc
e4388ced02e5576867e77547496dec1ac2338ef7
588830e5f725e8e56270565e40f817f2658b0ee7c0425d138e5f65a17ff40483
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9457
x-amzn-requestid: 7c48e5ca-2128-43da-ba83-fd91568af1ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkBOGHVoAMFQtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6d4-1b850ffd543f51f92dec3894;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: soTFEnYjNcti77h3FpnztwzR7ypv68NbyoI6DxS0NhU412ykFsWAgA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:00:38 GMT
age: 64224
etag: "e4388ced02e5576867e77547496dec1ac2338ef7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ziqicvv145.top/websocket/123
149.28.206.39101 0 B URL HTTP/1.1 ziqicvv145.top/websocket/123
IP 149.28.206.39:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
quad9 Sinkholed
GET /websocket/123 HTTP/1.1
Host: ziqicvv145.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: http://ca-psost-trackpost.info
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: lO3g5PLC7Tcso3rYlnqDQg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101
Server: nginx
Date: Mon, 30 Jan 2023 15:51:02 GMT
Connection: upgrade
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE
Access-Control-Max-Age: 3600
Access-Control-Allow-Headers: *
Upgrade: websocket
Sec-WebSocket-Accept: mbFGm0xA/IjL7zxH+wG/VHx986o=
Sec-WebSocket-Extensions: permessage-deflate
ca-psost-trackpost.info/static/css/foundation-config.css
149.28.209.72200 OK 27 B URL HTTP/1.1 ca-psost-trackpost.info/static/css/foundation-config.css
IP 149.28.209.72:0
File type ASCII text, with no line terminators
Hash 235e981df1f4eedaa0589ffda58717d6
d7e9f36ce7e793910b1cb8b3df49c60cd162a4f9
6ab579f7452650aa72688543ccc21851e03c767a3f04669321da4476e4f50ba0
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
openphish Canada Post
GET /static/css/foundation-config.css HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:03 GMT
Content-Type: text/css
Content-Length: 27
Last-Modified: Fri, 07 Oct 2022 03:49:13 GMT
Connection: keep-alive
ETag: "633fa1b9-1b"
Expires: Tue, 31 Jan 2023 03:51:03 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
assets.adobedtm.com/0ccf8b9a711f/6e634e5f652e/1c7f9426f7af/EXceb9b11658e548b18c0f3a95e66448d9-libraryCode_source.min.js
2.18.172.233200 OK 29 kB URL HTTP/2 assets.adobedtm.com/0ccf8b9a711f/6e634e5f652e/1c7f9426f7af/EXceb9b11658e548b18c0f3a95e66448d9-libraryCode_source.min.js
IP 2.18.172.233:0
File type ASCII text, with very long lines (32768)
Hash beaf841b85c6a0cea46a5faf24a23c54
dabd8d0257ecc070e7e8544f166c130f736e1612
e90f34e6c4463463d9c68bf0280045cc60f80520d06952d12a4f2995c92ee654
GET /0ccf8b9a711f/6e634e5f652e/1c7f9426f7af/EXceb9b11658e548b18c0f3a95e66448d9-libraryCode_source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "eb5315909d9d5f494122df5708d196df:1664809790.809023"
last-modified: Mon, 03 Oct 2022 15:09:50 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Mon, 30 Jan 2023 16:51:03 GMT
date: Mon, 30 Jan 2023 15:51:03 GMT
content-length: 28612
access-control-allow-origin: http://ca-psost-trackpost.info
timing-allow-origin: *
X-Firefox-Spdy: h2
ca-psost-trackpost.info/static/css/normalize.css
149.28.209.72200 OK 938 B URL HTTP/1.1 ca-psost-trackpost.info/static/css/normalize.css
IP 149.28.209.72:0
File type ASCII text, with very long lines (2011)
Hash 80166666091c7169edc8d019c99ef67a
c0ad2934841466c77fb9850c35c4a64a45c04989
3237e2c4c116522dc47769b94a5ed0ad4b4d2e53db3958c24b93cc33f60e5541
Analyzer Verdict Alert openphish Canada Post
GET /static/css/normalize.css HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:03 GMT
Content-Type: text/css
Last-Modified: Fri, 07 Oct 2022 03:49:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"633fa1b9-7dc"
Expires: Tue, 31 Jan 2023 03:51:03 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash ba2ca6af7b23ce2e11aa4f9d86e66269
212aef55d64b6add292dcf6241b16e7c93d1bae2
f163a94d190f5aeeb05b2e344bc8e1544d9701772b08585e9c92b529c8652b3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 15:51:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash ba2ca6af7b23ce2e11aa4f9d86e66269
212aef55d64b6add292dcf6241b16e7c93d1bae2
f163a94d190f5aeeb05b2e344bc8e1544d9701772b08585e9c92b529c8652b3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 15:51:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash ba2ca6af7b23ce2e11aa4f9d86e66269
212aef55d64b6add292dcf6241b16e7c93d1bae2
f163a94d190f5aeeb05b2e344bc8e1544d9701772b08585e9c92b529c8652b3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 15:51:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash ba2ca6af7b23ce2e11aa4f9d86e66269
212aef55d64b6add292dcf6241b16e7c93d1bae2
f163a94d190f5aeeb05b2e344bc8e1544d9701772b08585e9c92b529c8652b3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 15:51:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=AW-10937558046&l=dataLayer&cx=c
142.250.74.72200 OK 65 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-10937558046&l=dataLayer&cx=c
IP 142.250.74.72:0
File type ASCII text, with very long lines (2919)
Hash 18c4b7104e0b925271165f07f005570a
aed8d90ebe340ded8c4fc781a4017fa8df1a988b
613d2cd074330162698213220cbb1eed811d92e86b34586e2430f5992046d02f
GET /gtag/js?id=AW-10937558046&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 30 Jan 2023 15:51:04 GMT
expires: Mon, 30 Jan 2023 15:51:04 GMT
cache-control: private, max-age=900
last-modified: Mon, 30 Jan 2023 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 64753
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=AW-1011747518&l=dataLayer&cx=c
142.250.74.72200 OK 51 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-1011747518&l=dataLayer&cx=c
IP 142.250.74.72:0
File type ASCII text, with very long lines (1759)
Hash 3c3500b5bae60b8ef658b76ebf53b809
6a61d1abc18146332529a68210060521ff0a72bf
c4761a323320d70d0e72c126d26048707ff6f9be65c3ee6b33ef705d1f919396
GET /gtag/js?id=AW-1011747518&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 30 Jan 2023 15:51:04 GMT
expires: Mon, 30 Jan 2023 15:51:04 GMT
cache-control: private, max-age=900
last-modified: Mon, 30 Jan 2023 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 50789
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=DC-12182971&l=dataLayer&cx=c
142.250.74.72200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=DC-12182971&l=dataLayer&cx=c
IP 142.250.74.72:0
File type ASCII text, with very long lines (1759)
Hash a08657557d7f37f973de2986e6aec00a
e6859850f56cdcac4afd4cc257f93daf021c4917
ba83ef4a7a9f6034b14e799c6273e4ff5f9ac02ebdc814f3a6307ddec9514eeb
GET /gtag/js?id=DC-12182971&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 30 Jan 2023 15:51:04 GMT
expires: Mon, 30 Jan 2023 15:51:04 GMT
cache-control: private, max-age=900
last-modified: Mon, 30 Jan 2023 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44316
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ziqicvv145.top/click/queryIp
149.28.206.39200 OK 12 B URL HTTP/2 ziqicvv145.top/click/queryIp
IP 149.28.206.39:0
File type ASCII text, with no line terminators
Hash 35b0bce9d250429df012c0426f88d0bd
f81d80af9cbeb0011316fbba3da8002b32251f7a
da9add592d7eb9cca7705cb4870d7fd4e9718ccd51486c4261a727a8d566960d
Analyzer Verdict Alert quad9 Sinkholed
GET /click/queryIp HTTP/1.1
Host: ziqicvv145.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: http://ca-psost-trackpost.info
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 15:51:03 GMT
content-type: text/plain;charset=UTF-8
content-length: 12
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, DELETE
access-control-max-age: 3600
access-control-allow-headers: *
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-cache: MISS
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=DC-9852050
142.250.74.72200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=DC-9852050
IP 142.250.74.72:0
File type ASCII text, with very long lines (1759)
Hash 08b4498a10dd4bdc4f3998978ee83e3e
6f3cf4aade14c9a3abb93529f11e24a153db50dc
b7b2303fe78e8585a15163c7c74ce74493fc72bcf5f7b50920ab008ae12179ac
GET /gtag/js?id=DC-9852050 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 30 Jan 2023 15:51:04 GMT
expires: Mon, 30 Jan 2023 15:51:04 GMT
cache-control: private, max-age=900
last-modified: Mon, 30 Jan 2023 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44320
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ca-psost-trackpost.info/static/js/modernizr.js
149.28.209.72200 OK 5.4 kB URL HTTP/1.1 ca-psost-trackpost.info/static/js/modernizr.js
IP 149.28.209.72:0
File type Unicode text, UTF-8 text, with very long lines (12268)
Hash 620e2f0279217361ec79634f33397d86
eb0dbb2295d69f67c1325119c35364e7e793051c
822949963d69bf2d1b80a5531106dd24abcddbd8d72244c9825ff8c6921350c5
Analyzer Verdict Alert openphish Canada Post
fortinet Phishing
GET /static/js/modernizr.js HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:04 GMT
Content-Type: application/javascript
Last-Modified: Sat, 08 Oct 2022 05:40:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63410d32-30f0"
Expires: Tue, 31 Jan 2023 03:51:04 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ca-psost-trackpost.info/static/css/foundation.css
149.28.209.72200 OK 16 kB URL HTTP/1.1 ca-psost-trackpost.info/static/css/foundation.css
IP 149.28.209.72:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 2b4f736edb02a2d3225e9f1e1988de05
caa30eeed59aa2761ea9782842692e1b5c0bda6f
5dc5f968411573f18898eb8997ccb5f7f50664ba7857c3852f8b9601eb34018b
Analyzer Verdict Alert openphish Canada Post
GET /static/css/foundation.css HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:03 GMT
Content-Type: text/css
Last-Modified: Fri, 07 Oct 2022 03:49:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"633fa1b9-18d9e"
Expires: Tue, 31 Jan 2023 03:51:03 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ca-psost-trackpost.info/static/css/stylesheet.css
149.28.209.72200 OK 37 kB URL HTTP/1.1 ca-psost-trackpost.info/static/css/stylesheet.css
IP 149.28.209.72:0
File type Unicode text, UTF-8 text, with very long lines (559)
Hash 41895382996f7c83fff3c6d3749ca434
be55e1b902e2fba2f024ddc35f159371b2d6dcba
48fcd77a5c38ea687a5b8ffd26115eca6d58fad68edee4831c9d2f7f608e2bb7
Analyzer Verdict Alert openphish Canada Post
GET /static/css/stylesheet.css HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:03 GMT
Content-Type: text/css
Last-Modified: Sat, 08 Oct 2022 04:38:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6340feab-29454"
Expires: Tue, 31 Jan 2023 03:51:03 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ca-psost-trackpost.info/static/js/jquery.cookie.js
149.28.209.72200 OK 782 B URL HTTP/1.1 ca-psost-trackpost.info/static/js/jquery.cookie.js
IP 149.28.209.72:0
File type ASCII text, with very long lines (1261)
Hash 65b13ef019045d6557c573c88f28f082
9081639d408336fdccc3c798113009feed186ec6
be6290f5e43d722a1c850ae31c00e4637ceefe0a6f83a95f8de160aa612616cb
Analyzer Verdict Alert openphish Canada Post
fortinet Phishing
GET /static/js/jquery.cookie.js HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:04 GMT
Content-Type: application/javascript
Last-Modified: Fri, 07 Oct 2022 03:49:15 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"633fa1bb-584"
Expires: Tue, 31 Jan 2023 03:51:04 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ca-psost-trackpost.info/static/css/cpc-main%20(2).css
149.28.209.72200 OK 76 kB URL HTTP/1.1 ca-psost-trackpost.info/static/css/cpc-main%20(2).css
IP 149.28.209.72:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 4199bd631d6a2e24a91baa2a98ca1bdd
842216334b3fa9b47eda1e7d1c2f2ac597d37186
dfbac2762b1f30446a765e44b9826e1e55fb7b8162a939ddbd711eb1dc5acbae
Analyzer Verdict Alert openphish Canada Post
GET /static/css/cpc-main%20(2).css HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:03 GMT
Content-Type: text/css
Last-Modified: Sat, 08 Oct 2022 04:37:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6340fea5-7398a"
Expires: Tue, 31 Jan 2023 03:51:03 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ca-psost-trackpost.info/static/js/foundation.min.js
149.28.209.72200 OK 30 kB URL HTTP/1.1 ca-psost-trackpost.info/static/js/foundation.min.js
IP 149.28.209.72:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (32024)
Hash cdb7f25d78b94883e8cd25c46e1b1cbf
81bfaa4b802b02d6e1b39760b73248099fe2626d
0022b08861e2122f664d6065329206b92773f9840d924fe725d0556b34790c21
Analyzer Verdict Alert openphish Canada Post
fortinet Phishing
GET /static/js/foundation.min.js HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:04 GMT
Content-Type: application/javascript
Last-Modified: Fri, 07 Oct 2022 03:49:15 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"633fa1bb-190a5"
Expires: Tue, 31 Jan 2023 03:51:04 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ca-psost-trackpost.info/static/js/jquery.js
149.28.209.72200 OK 42 kB URL HTTP/1.1 ca-psost-trackpost.info/static/js/jquery.js
IP 149.28.209.72:0
File type ASCII text, with very long lines (65451)
Hash 7100e477b7ab4f7731b2903c6ccd2271
c985b08b149c0b8ceda5d598837d169fee5eaa94
670c9861fa579d28035a80d3224c9aedc66debf6f937434c15ea3fc5fbed4920
Analyzer Verdict Alert openphish Canada Post
fortinet Phishing
GET /static/js/jquery.js HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:04 GMT
Content-Type: application/javascript
Last-Modified: Fri, 07 Oct 2022 03:49:15 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"633fa1bb-1b16c"
Expires: Tue, 31 Jan 2023 03:51:04 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 75bf326700e29b1b06e57fb96ee2b064
4f979f28905b65637a058cd44be6c25bb51a42e4
385f7a9c4112c4d674264d02229719e7f82e7039e681db8aaa6685ebab2be0c1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 15:51:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;0,900;1,300;1,400;1,500;1,700;1,900&display=swap
142.250.74.106200 OK 1.5 kB URL HTTP/2 fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;0,900;1,300;1,400;1,500;1,700;1,900&display=swap
IP 142.250.74.106:0
Hash 9ec16d8cd2daee697e8dcd8e6cfc7ee5
841e200ebadb842538724bf2e61105b4d80cc556
0690f43793f7b23da2bc4d2198e4ca2395642c05aa171301cf19157604afbc95
GET /css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;0,900;1,300;1,400;1,500;1,700;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 30 Jan 2023 15:51:04 GMT
date: Mon, 30 Jan 2023 15:51:04 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ca-psost-trackpost.info/static/css/cpc-main.css
149.28.209.72200 OK 76 kB URL HTTP/1.1 ca-psost-trackpost.info/static/css/cpc-main.css
IP 149.28.209.72:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 631b46ba49ec324cd1a6127a7873e53f
429cc46345279731d694e4231789defd2d0baa62
b1293daba9d908a481c6b200679809b82d014e91079333a4ca4276ab63b8ab5a
Analyzer Verdict Alert openphish Canada Post
GET /static/css/cpc-main.css HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:04 GMT
Content-Type: text/css
Last-Modified: Fri, 07 Oct 2022 03:49:15 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"633fa1bb-72162"
Expires: Tue, 31 Jan 2023 03:51:04 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ca-psost-trackpost.info/static/js/lottie.min.js
149.28.209.72200 OK 74 kB URL HTTP/1.1 ca-psost-trackpost.info/static/js/lottie.min.js
IP 149.28.209.72:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 56f4bae8e7b7031e05ea602a02bd589e
46234044c562309c63c2652728596525404c0afa
ac851207fe3cd69cea005f1edd82e98458155cf085ddb0969d5227622bb4fa79
Analyzer Verdict Alert openphish Canada Post
fortinet Phishing
GET /static/js/lottie.min.js HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:04 GMT
Content-Type: application/javascript
Last-Modified: Sat, 08 Oct 2022 05:40:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63410d60-3d0a4"
Expires: Tue, 31 Jan 2023 03:51:04 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ca-psost-trackpost.info/static/js/vueConfig.js
149.28.209.72200 OK 2.5 kB URL HTTP/1.1 ca-psost-trackpost.info/static/js/vueConfig.js
IP 149.28.209.72:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 51978329db5881b315ba96345fde6fee
be0f2be4ac6d8328e2670b3f3f044f9e2d543a86
a5a31304e60bc1aefbba641085ef9f7fd316f369e9db8c06aabace0a94a56db3
Analyzer Verdict Alert urlquery suspicious Suspicious - Suspicious JS code
openphish Canada Post
fortinet Phishing
GET /static/js/vueConfig.js HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:04 GMT
Content-Type: application/javascript
Last-Modified: Wed, 30 Nov 2022 21:37:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6387cd2b-1ee3"
Expires: Tue, 31 Jan 2023 03:51:04 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ca-psost-trackpost.info/static/js/satelliteLib-f2fc6f00da802a0747b6ffed3c12e3931bfca496.js
149.28.209.72200 OK 170 kB URL HTTP/1.1 ca-psost-trackpost.info/static/js/satelliteLib-f2fc6f00da802a0747b6ffed3c12e3931bfca496.js
IP 149.28.209.72:0
File type ASCII text, with very long lines (32768)
Size 170 kB (170099 bytes)
Hash a6dd2b9055ecaec8955c790d07276b27
837962debab34c8f2921efd69340a7c758ae97dd
fabc061344746e382061f1dd723bca58998d7d69905af1f29fa93b6bbad767f0
Analyzer Verdict Alert openphish Canada Post
fortinet Phishing
GET /static/js/satelliteLib-f2fc6f00da802a0747b6ffed3c12e3931bfca496.js HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:04 GMT
Content-Type: application/javascript
Last-Modified: Sat, 08 Oct 2022 05:40:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63410d47-9ebd6"
Expires: Tue, 31 Jan 2023 03:51:04 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ca-psost-trackpost.info/static/js/vue.js
149.28.209.72200 OK 106 kB URL HTTP/1.1 ca-psost-trackpost.info/static/js/vue.js
IP 149.28.209.72:0
Size 106 kB (106238 bytes)
Hash d4ce685cbfa2a0de0dd3ee71988a8ace
9b4b763ca91208270f22e697299131367d1412b3
84289d8b7aff01fdc412e73113bde839f969527db14bcf687b587528d14e3dca
Analyzer Verdict Alert openphish Canada Post
fortinet Phishing
GET /static/js/vue.js HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:04 GMT
Content-Type: application/javascript
Last-Modified: Thu, 13 May 2021 06:21:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"609cc560-53883"
Expires: Tue, 31 Jan 2023 03:51:04 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ca-psost-trackpost.info/static/css/css2.css
149.28.209.72200 OK 1.0 kB URL HTTP/1.1 ca-psost-trackpost.info/static/css/css2.css
IP 149.28.209.72:0
Hash a836d30e1cf3d619c024f2a0e5d6e708
62f2df3d6520e8dd35252b67f4320391ea6fb3bf
fc7f7623c6268f573bc706a9754c7fa69f50639f9d93c0f5ee97530c7bbd3ccd
Analyzer Verdict Alert openphish Canada Post
GET /static/css/css2.css HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/static/css/cpc-main.css
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:04 GMT
Content-Type: text/css
Last-Modified: Fri, 07 Oct 2022 03:49:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"633fa1b9-4cb7"
Expires: Tue, 31 Jan 2023 03:51:04 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ca-psost-trackpost.info/static/js/jquery-ui.min.js
149.28.209.72200 OK 80 kB URL HTTP/1.1 ca-psost-trackpost.info/static/js/jquery-ui.min.js
IP 149.28.209.72:0
File type Unicode text, UTF-8 text, with very long lines (64399)
Hash 75251ba3c765c6d2cb2f5a2f152f5bd9
27c646fd9b1a852f73763fc336aa79039997fd10
9e7341b19d91f9a418f50188d882c1849891fee9f7f0dbe913bdf03103cfc00b
Analyzer Verdict Alert openphish Canada Post
fortinet Phishing
GET /static/js/jquery-ui.min.js HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:04 GMT
Content-Type: application/javascript
Last-Modified: Sat, 08 Oct 2022 04:38:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6340fea9-3e46c"
Expires: Tue, 31 Jan 2023 03:51:04 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ca-psost-trackpost.info/static/js/jfe.f416ea91ef499f820360.js
149.28.209.72200 OK 78 kB URL HTTP/1.1 ca-psost-trackpost.info/static/js/jfe.f416ea91ef499f820360.js
IP 149.28.209.72:0
File type Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Hash d7ad130dcd087cb1659c4e67ad14b8aa
2753009cd3bca3eb5f3e8cb981e95056e066f2b2
52df7146e42423415006a6d28955b11e0aa991457c88f20885489fbc6ce3bfb7
Analyzer Verdict Alert openphish Canada Post
fortinet Phishing
GET /static/js/jfe.f416ea91ef499f820360.js HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:04 GMT
Content-Type: application/javascript
Last-Modified: Sat, 08 Oct 2022 04:38:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6340feab-40015"
Expires: Tue, 31 Jan 2023 03:51:04 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ca-psost-trackpost.info/static/js/1.7b453d1ffcbf890fcba8.chunk.js
149.28.209.72200 OK 372 kB URL HTTP/1.1 ca-psost-trackpost.info/static/js/1.7b453d1ffcbf890fcba8.chunk.js
IP 149.28.209.72:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 372 kB (371739 bytes)
Hash 3c3f21845d4acb5482e31fcb3f9e79ec
ed0afd4b655c4d3e98319de8521ee937995b4552
1ae8d28b3ae2985a810e9011c369f7e596699c5bc27f7cc053d43ee68d0716de
Analyzer Verdict Alert openphish Canada Post
fortinet Phishing
GET /static/js/1.7b453d1ffcbf890fcba8.chunk.js HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:04 GMT
Content-Type: application/javascript
Last-Modified: Sat, 08 Oct 2022 04:37:59 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6340fea7-251750"
Expires: Tue, 31 Jan 2023 03:51:04 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ca-psost-trackpost.info/static/js/cpc.bundle.js
149.28.209.72200 OK 371 kB URL HTTP/1.1 ca-psost-trackpost.info/static/js/cpc.bundle.js
IP 149.28.209.72:0
File type Unicode text, UTF-8 text, with very long lines (320), with CRLF line terminators
Size 371 kB (370810 bytes)
Hash fac6530aed83b8221635ebdcf568354d
2f23813c3842ac9a84650caa061cae48cf5561aa
58b8e4d533f2c5d04c15e009889366461867e21717d92c79135a34ce23835699
Analyzer Verdict Alert openphish Canada Post
fortinet Phishing
GET /static/js/cpc.bundle.js HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:04 GMT
Content-Type: application/javascript
Last-Modified: Sat, 08 Oct 2022 06:22:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6341171b-183d8c"
Expires: Tue, 31 Jan 2023 03:51:04 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/search.svg
104.88.13.190200 OK 218 B URL HTTP/1.1 www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/search.svg
IP 104.88.13.190:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (320), with no line terminators
Hash d3a621feba2c9afadc8e74c4f71021e1
5364a043f80e5dcbc81b81e86d406eedfc1b69a4
9616a4bbe31bf59f3ec6fd4a9f237bfb89d3424a45238b625b7f1620377d5401
GET /cpc/assets/cpc/img/icons/search.svg HTTP/1.1
Host: www.canadapost-postescanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: image/svg+xml
ETag: "5a78a621-140"
Last-Modified: Mon, 05 Feb 2018 18:44:49 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
content-security-policy-report-only: object-src 'none'; connect-src 'self' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.cpggpc.ca https://www.google-analytics.com https://siteintercept.qualtrics.com https://www.facebook.com https://sslstats.canadapost.ca https://*.wistia.com https://dpm.demdex.net https://csi.gstatic.com https://adservice.google.com https://*.googlesyndication.com https://*.g.doubleclick.net https://maps.googleapis.com https://vmss.boldchat.com https://www.linkedin.com https://canadapost.tt.omtrdc.net https://services.postcodeanywhere.co.uk https://embedwistia-a.akamaihd.net https://cdn.cookielaw.org https://geolocation.onetrust.com; font-src 'self' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://fonts.gstatic.com https://*.arcgis.com; form-action 'self' https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.canadapost.ca https://*.epost.ca https://www.facebook.com https://google.com; frame-ancestors 'self' https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.canadapost.ca; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.epost.ca https://*.cpggpc.ca https://www.adobetag.com https://assets.adobedtm.com https://siteintercept.qualtrics.com https://zn0xleir6swszany9-canadapostdigital.siteintercept.qualtrics.com https://connect.facebook.net https://snap.licdn.com https://z.moatads.com https://static.ads-twitter.com https://www.googletagmanager.com https://www.google.com https://www.googletagservices.com https://*.google-analytics.com https://*.googleadservices.com https://www.gstatic.com https://*.googlesyndication.com https://adservice.google.com https://adservice.google.ca https://maps.googleapis.com https://cdn.ampproject.org https://*.doubleclick.net https://*.twitter.com https://cdn.syndication.twimg.com https://dpm.demdex.net https://*.wistia.com https://*.frontlinesvc.com https://*.arcgis.com https://www.linkedin.com https://vmss.boldchat.com https://sb.scorecardresearch.com https://www.rnengage.com https://sjs.bizographics.com https://www.instagram.com https://secure.adnxs.com https://app.five9.com https://cdn.cookielaw.org; style-src 'self' 'unsafe-inline' https://*.frontlinesvc.com https://fonts.googleapis.com https://translate.googleapis.com https://*.twitter.com https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.epost.ca https://*.arcgis.com https://*.arcgisonline.com https://app.five9.com; report-uri https://www.canadapost-postescanada.ca/cwc/components/rs/csp-reports;
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
Cache-Control: max-age=86400, private
Expires: Mon, 03 Oct 2022 08:27:21 GMT
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
Content-Security-Policy: frame-ancestors 'self'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubdomains; preload
Content-Encoding: gzip
Content-Length: 218
Date: Mon, 30 Jan 2023 15:51:05 GMT
Connection: keep-alive
Vary: Accept-Encoding
ca-psost-trackpost.info/static/picture/shop-category-block-coins.svg
149.28.209.72200 OK 978 B URL HTTP/1.1 ca-psost-trackpost.info/static/picture/shop-category-block-coins.svg
IP 149.28.209.72:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (978), with no line terminators
Hash 28597a7a91ead0b1bfbac7e30b0f5659
b97593f0388a94ce9c46825d39ffcd043e12c35e
04013b0bbd7ae5f1c38ca17e50c6ea4374368918243076980230fe2d98fe8fe6
Analyzer Verdict Alert openphish Canada Post
fortinet Phishing
GET /static/picture/shop-category-block-coins.svg HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:05 GMT
Content-Type: image/svg+xml
Content-Length: 978
Last-Modified: Fri, 07 Oct 2022 03:47:09 GMT
Connection: keep-alive
ETag: "633fa13d-3d2"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
ca-psost-trackpost.info/static/picture/shop-category-block-envelopes.svg
149.28.209.72200 OK 883 B URL HTTP/1.1 ca-psost-trackpost.info/static/picture/shop-category-block-envelopes.svg
IP 149.28.209.72:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (883), with no line terminators
Hash f7b9ce15a21e30755c429ffbf72092d0
819702fc30803b0f8ce5a86c65693859eb2114a8
bee384181e8ffc1765701d86552bf38bb6f0228aa9fcd4354462efe692a14bf4
Analyzer Verdict Alert openphish Canada Post
fortinet Phishing
GET /static/picture/shop-category-block-envelopes.svg HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:05 GMT
Content-Type: image/svg+xml
Content-Length: 883
Last-Modified: Fri, 07 Oct 2022 03:47:09 GMT
Connection: keep-alive
ETag: "633fa13d-373"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
ca-psost-trackpost.info/static/picture/shop-category-block-whats-new.svg
149.28.209.72200 OK 1.8 kB URL HTTP/1.1 ca-psost-trackpost.info/static/picture/shop-category-block-whats-new.svg
IP 149.28.209.72:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1803), with no line terminators
Hash b6b00bc8678cc26a702070e52ad96bdc
e8e126cb83332459cf9777eda1df9dc7f085c2a6
2111a37a157ff9231eed7f260dd37bbbe9620d4ede3ebd4ddc0cd3238bdfc926
Analyzer Verdict Alert openphish Canada Post
fortinet Phishing
GET /static/picture/shop-category-block-whats-new.svg HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:05 GMT
Content-Type: image/svg+xml
Content-Length: 1803
Last-Modified: Fri, 07 Oct 2022 03:47:09 GMT
Connection: keep-alive
ETag: "633fa13d-70b"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
ca-psost-trackpost.info/static/picture/shop-category-block-collectors.svg
149.28.209.72200 OK 1.7 kB URL HTTP/1.1 ca-psost-trackpost.info/static/picture/shop-category-block-collectors.svg
IP 149.28.209.72:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1719), with no line terminators
Hash 5bdd6a99939b87fb646920444332d0cf
3e53938f9e44e2372d3f224b96c5f0253fdb8173
875e98981f653123e3cec0ae315378c3e280fd085e8ab66f452b14db3154b7b2
Analyzer Verdict Alert openphish Canada Post
fortinet Phishing
GET /static/picture/shop-category-block-collectors.svg HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:05 GMT
Content-Type: image/svg+xml
Content-Length: 1719
Last-Modified: Fri, 07 Oct 2022 03:47:09 GMT
Connection: keep-alive
ETag: "633fa13d-6b7"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
ca-psost-trackpost.info/static/picture/shop-category-block-stamps.svg
149.28.209.72200 OK 3.8 kB URL HTTP/1.1 ca-psost-trackpost.info/static/picture/shop-category-block-stamps.svg
IP 149.28.209.72:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (3764), with no line terminators
Hash b59d048724c83a84e6b70bc78bce6f85
7c5a50d95e5eb97a63429aac22e375f38279e227
cdd40b8aecbe584983f804e210686028723295c5759c43b8fe98d5d041a79175
Analyzer Verdict Alert openphish Canada Post
fortinet Phishing
GET /static/picture/shop-category-block-stamps.svg HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:05 GMT
Content-Type: image/svg+xml
Content-Length: 3764
Last-Modified: Fri, 07 Oct 2022 03:47:09 GMT
Connection: keep-alive
ETag: "633fa13d-eb4"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
www.canadapost-postescanada.ca/cpc/assets/cpc/img/logos/cpc-logo.svg
104.88.13.190200 OK 596 B URL HTTP/1.1 www.canadapost-postescanada.ca/cpc/assets/cpc/img/logos/cpc-logo.svg
IP 104.88.13.190:0
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 35e0327b728d928883474512393beb8e
656ecb91567dbb32d230ee7f71f7b456d8ac8bcf
308fe8cfe51bc024628469a45302dba968554bfb6ce201c8b801084d03a909d6
GET /cpc/assets/cpc/img/logos/cpc-logo.svg HTTP/1.1
Host: www.canadapost-postescanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: image/svg+xml
ETag: "61264d50-3aa"
Last-Modified: Wed, 25 Aug 2021 14:01:52 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
content-security-policy-report-only: object-src 'none'; connect-src 'self' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.cpggpc.ca https://www.google-analytics.com https://siteintercept.qualtrics.com https://www.facebook.com https://sslstats.canadapost.ca https://*.wistia.com https://dpm.demdex.net https://csi.gstatic.com https://adservice.google.com https://*.googlesyndication.com https://*.g.doubleclick.net https://maps.googleapis.com https://vmss.boldchat.com https://www.linkedin.com https://canadapost.tt.omtrdc.net https://services.postcodeanywhere.co.uk https://embedwistia-a.akamaihd.net https://cdn.cookielaw.org https://geolocation.onetrust.com; font-src 'self' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://fonts.gstatic.com https://*.arcgis.com; form-action 'self' https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.canadapost.ca https://*.epost.ca https://www.facebook.com https://google.com; frame-ancestors 'self' https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.canadapost.ca; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.epost.ca https://*.cpggpc.ca https://www.adobetag.com https://assets.adobedtm.com https://siteintercept.qualtrics.com https://zn0xleir6swszany9-canadapostdigital.siteintercept.qualtrics.com https://connect.facebook.net https://snap.licdn.com https://z.moatads.com https://static.ads-twitter.com https://www.googletagmanager.com https://www.google.com https://www.googletagservices.com https://*.google-analytics.com https://*.googleadservices.com https://www.gstatic.com https://*.googlesyndication.com https://adservice.google.com https://adservice.google.ca https://maps.googleapis.com https://cdn.ampproject.org https://*.doubleclick.net https://*.twitter.com https://cdn.syndication.twimg.com https://dpm.demdex.net https://*.wistia.com https://*.frontlinesvc.com https://*.arcgis.com https://www.linkedin.com https://vmss.boldchat.com https://sb.scorecardresearch.com https://www.rnengage.com https://sjs.bizographics.com https://www.instagram.com https://secure.adnxs.com https://app.five9.com https://cdn.cookielaw.org; style-src 'self' 'unsafe-inline' https://*.frontlinesvc.com https://fonts.googleapis.com https://translate.googleapis.com https://*.twitter.com https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.epost.ca https://*.arcgis.com https://*.arcgisonline.com https://app.five9.com; report-uri https://www.canadapost-postescanada.ca/cwc/components/rs/csp-reports;
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
Cache-Control: max-age=86400, private
Expires: Mon, 25 Jul 2022 18:35:15 GMT
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
Content-Security-Policy: frame-ancestors 'self'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubdomains; preload
Content-Encoding: gzip
Content-Length: 596
Date: Mon, 30 Jan 2023 15:51:06 GMT
Connection: keep-alive
Vary: Accept-Encoding
www.canadapost-postescanada.ca/cpc/assets/cpc/img/logos/cpc-main-logo.svg
104.88.13.190200 OK 4.0 kB URL HTTP/1.1 www.canadapost-postescanada.ca/cpc/assets/cpc/img/logos/cpc-main-logo.svg
IP 104.88.13.190:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (730)
Hash 2e0020e9411f9d2999f092af7ff3b670
c0bf90c645d6e9c70d3bd5205ac14c31fac2f48d
4e9d7a76d49638fcf5ad9a0cfa66ba0016a88289de64ba001d2185ab9d6bb06e
GET /cpc/assets/cpc/img/logos/cpc-main-logo.svg HTTP/1.1
Host: www.canadapost-postescanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: image/svg+xml
ETag: "591a0e84-3037"
Last-Modified: Mon, 15 May 2017 20:24:36 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
content-security-policy-report-only: object-src 'none'; connect-src 'self' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.cpggpc.ca https://www.google-analytics.com https://siteintercept.qualtrics.com https://www.facebook.com https://sslstats.canadapost.ca https://*.wistia.com https://dpm.demdex.net https://csi.gstatic.com https://adservice.google.com https://*.googlesyndication.com https://*.g.doubleclick.net https://maps.googleapis.com https://vmss.boldchat.com https://www.linkedin.com https://canadapost.tt.omtrdc.net https://services.postcodeanywhere.co.uk https://embedwistia-a.akamaihd.net https://cdn.cookielaw.org https://geolocation.onetrust.com; font-src 'self' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://fonts.gstatic.com https://*.arcgis.com; form-action 'self' https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.canadapost.ca https://*.epost.ca https://www.facebook.com https://google.com; frame-ancestors 'self' https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.canadapost.ca; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.epost.ca https://*.cpggpc.ca https://www.adobetag.com https://assets.adobedtm.com https://siteintercept.qualtrics.com https://zn0xleir6swszany9-canadapostdigital.siteintercept.qualtrics.com https://connect.facebook.net https://snap.licdn.com https://z.moatads.com https://static.ads-twitter.com https://www.googletagmanager.com https://www.google.com https://www.googletagservices.com https://*.google-analytics.com https://*.googleadservices.com https://www.gstatic.com https://*.googlesyndication.com https://adservice.google.com https://adservice.google.ca https://maps.googleapis.com https://cdn.ampproject.org https://*.doubleclick.net https://*.twitter.com https://cdn.syndication.twimg.com https://dpm.demdex.net https://*.wistia.com https://*.frontlinesvc.com https://*.arcgis.com https://www.linkedin.com https://vmss.boldchat.com https://sb.scorecardresearch.com https://www.rnengage.com https://sjs.bizographics.com https://www.instagram.com https://secure.adnxs.com https://app.five9.com https://cdn.cookielaw.org; style-src 'self' 'unsafe-inline' https://*.frontlinesvc.com https://fonts.googleapis.com https://translate.googleapis.com https://*.twitter.com https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.epost.ca https://*.arcgis.com https://*.arcgisonline.com https://app.five9.com; report-uri https://www.canadapost-postescanada.ca/cwc/components/rs/csp-reports;
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
Cache-Control: max-age=86400, private
Expires: Mon, 25 Jul 2022 13:24:35 GMT
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
Content-Security-Policy: frame-ancestors 'self'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubdomains; preload
Content-Encoding: gzip
Content-Length: 3967
Date: Mon, 30 Jan 2023 15:51:06 GMT
Connection: keep-alive
Vary: Accept-Encoding
ca-psost-trackpost.info/static/image/close-flyout-icon.svg
149.28.209.72200 OK 1.5 kB URL HTTP/1.1 ca-psost-trackpost.info/static/image/close-flyout-icon.svg
IP 149.28.209.72:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (891)
Hash ceaa99d3f29c0cd210fbdf61b3435b53
e5748710c5c6af4375495e3af5da262eaf13271a
3b32ecbf286ae6d8c12c252927c9c171f45889613030eb0e7eb0bf661089b91c
Analyzer Verdict Alert openphish Canada Post
fortinet Phishing
GET /static/image/close-flyout-icon.svg HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:06 GMT
Content-Type: image/svg+xml
Content-Length: 1482
Last-Modified: Sat, 08 Oct 2022 04:38:01 GMT
Connection: keep-alive
ETag: "6340fea9-5ca"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
ca-psost-trackpost.info/static/image/Close_blue.svg
149.28.209.72200 OK 708 B URL HTTP/1.1 ca-psost-trackpost.info/static/image/Close_blue.svg
IP 149.28.209.72:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 400d0f83ea0c8493076fc1bd68d55731
c12c87a179cd1fa14bdb7d8cf143c5cf4d49e517
3cea71796f7a5d132fb97811a66e8a3e70a9b7bae01294367dc3923b792ab528
Analyzer Verdict Alert openphish Canada Post
fortinet Phishing
GET /static/image/Close_blue.svg HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:06 GMT
Content-Type: image/svg+xml
Content-Length: 708
Last-Modified: Sat, 08 Oct 2022 04:38:01 GMT
Connection: keep-alive
ETag: "6340fea9-2c4"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
ca-psost-trackpost.info/static/image/Print.svg
149.28.209.72200 OK 511 B URL HTTP/1.1 ca-psost-trackpost.info/static/image/Print.svg
IP 149.28.209.72:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (511), with no line terminators
Hash 59594d02cb93f106f3fa53f2aa364b62
7e9ad85afb475d59629dadb80012a555080d6b3b
50537f4b4a252e311cdc7e25fb9f73e478a028f4e9aaec84136547a3e7067d9e
Analyzer Verdict Alert openphish Canada Post
fortinet Phishing
GET /static/image/Print.svg HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:06 GMT
Content-Type: image/svg+xml
Content-Length: 511
Last-Modified: Sat, 08 Oct 2022 04:38:01 GMT
Connection: keep-alive
ETag: "6340fea9-1ff"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
www.canadapost-postescanada.ca/cpc/assets/cpc/img/logos/gov-canada-logo.svg
104.88.13.190200 OK 5.4 kB URL HTTP/1.1 www.canadapost-postescanada.ca/cpc/assets/cpc/img/logos/gov-canada-logo.svg
IP 104.88.13.190:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2441)
Hash ed4c001a38b9e079830758efbf9a0ced
bc4158764d06af7321d77a931dc453f108889ef0
3c2f6ed4f5727f5b86d9582177d6f67959ca9c541bf9003c0fd851fb0c782360
GET /cpc/assets/cpc/img/logos/gov-canada-logo.svg HTTP/1.1
Host: www.canadapost-postescanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: image/svg+xml
ETag: "5935cc58-37b3"
Last-Modified: Mon, 05 Jun 2017 21:25:44 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
content-security-policy-report-only: object-src 'none'; connect-src 'self' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.cpggpc.ca https://www.google-analytics.com https://siteintercept.qualtrics.com https://www.facebook.com https://sslstats.canadapost.ca https://*.wistia.com https://dpm.demdex.net https://csi.gstatic.com https://adservice.google.com https://*.googlesyndication.com https://*.g.doubleclick.net https://maps.googleapis.com https://vmss.boldchat.com https://www.linkedin.com https://canadapost.tt.omtrdc.net https://services.postcodeanywhere.co.uk https://embedwistia-a.akamaihd.net https://cdn.cookielaw.org https://geolocation.onetrust.com; font-src 'self' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://fonts.gstatic.com https://*.arcgis.com; form-action 'self' https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.canadapost.ca https://*.epost.ca https://www.facebook.com https://google.com; frame-ancestors 'self' https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.canadapost.ca; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.epost.ca https://*.cpggpc.ca https://www.adobetag.com https://assets.adobedtm.com https://siteintercept.qualtrics.com https://zn0xleir6swszany9-canadapostdigital.siteintercept.qualtrics.com https://connect.facebook.net https://snap.licdn.com https://z.moatads.com https://static.ads-twitter.com https://www.googletagmanager.com https://www.google.com https://www.googletagservices.com https://*.google-analytics.com https://*.googleadservices.com https://www.gstatic.com https://*.googlesyndication.com https://adservice.google.com https://adservice.google.ca https://maps.googleapis.com https://cdn.ampproject.org https://*.doubleclick.net https://*.twitter.com https://cdn.syndication.twimg.com https://dpm.demdex.net https://*.wistia.com https://*.frontlinesvc.com https://*.arcgis.com https://www.linkedin.com https://vmss.boldchat.com https://sb.scorecardresearch.com https://www.rnengage.com https://sjs.bizographics.com https://www.instagram.com https://secure.adnxs.com https://app.five9.com https://cdn.cookielaw.org; style-src 'self' 'unsafe-inline' https://*.frontlinesvc.com https://fonts.googleapis.com https://translate.googleapis.com https://*.twitter.com https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.epost.ca https://*.arcgis.com https://*.arcgisonline.com https://app.five9.com; report-uri https://www.canadapost-postescanada.ca/cwc/components/rs/csp-reports;
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
Cache-Control: max-age=86400, private
Expires: Mon, 25 Jul 2022 18:35:17 GMT
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
Content-Security-Policy: frame-ancestors 'self'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubdomains; preload
Content-Encoding: gzip
Content-Length: 5388
Date: Mon, 30 Jan 2023 15:51:06 GMT
Connection: keep-alive
Vary: Accept-Encoding
ca-psost-trackpost.info/static/image/cpc_logo_bw-en.jpg
149.28.209.72200 OK 3.1 kB URL HTTP/1.1 ca-psost-trackpost.info/static/image/cpc_logo_bw-en.jpg
IP 149.28.209.72:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 161x38, components 3\012- data
Hash f1b73d030eef5e9c2b3aae63da1a2435
f2dcbaed286966d12a752b6c68cbd074bf22a49d
8778541b024cec5dcf0f32e316595d7e30654b7018971fc1cc60da2cd26e9fd0
Analyzer Verdict Alert openphish Canada Post
GET /static/image/cpc_logo_bw-en.jpg HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:06 GMT
Content-Type: image/jpeg
Content-Length: 3119
Last-Modified: Sat, 08 Oct 2022 04:38:01 GMT
Connection: keep-alive
ETag: "6340fea9-c2f"
Expires: Wed, 01 Mar 2023 15:51:06 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
ca-psost-trackpost.info/static/image/%E5%9C%86%E5%BD%A2%E6%89%93%E5%8F%89.png
149.28.209.72200 OK 8.0 kB URL HTTP/1.1 ca-psost-trackpost.info/static/image/%E5%9C%86%E5%BD%A2%E6%89%93%E5%8F%89.png
IP 149.28.209.72:0
File type PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Hash 2543ef723fe7dd2e4ce0c4d14957a72f
fc964b1d0528a8d2208594a12cd70a154f2817b4
715d0f83bd1c2bb1ca69eba72dc36ac7565d0051e5edba5d93ecc6b3cd3b0938
Analyzer Verdict Alert openphish Canada Post
GET /static/image/%E5%9C%86%E5%BD%A2%E6%89%93%E5%8F%89.png HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:06 GMT
Content-Type: image/png
Content-Length: 7964
Last-Modified: Sat, 08 Oct 2022 14:43:34 GMT
Connection: keep-alive
ETag: "63418c96-1f1c"
Expires: Wed, 01 Mar 2023 15:51:06 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 81552288bbf68d56287235714f4ff5ab
ce6ce06b1e15f76ef30296a54e2b4520f5d861a8
8a39a876a49e880f31cb2c92563213de594b823302fbf945a737fd7787a19dd6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5638
Cache-Control: max-age=143393
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 15:51:06 GMT
Etag: "63d75e85-1d7"
Expires: Wed, 01 Feb 2023 07:40:59 GMT
Last-Modified: Mon, 30 Jan 2023 06:07:01 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0C4E3704533345770A490D44%40AdobeOrg&d_nsid=0&ts=1675093878695
52.213.167.16302 Found 0 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0C4E3704533345770A490D44%40AdobeOrg&d_nsid=0&ts=1675093878695
IP 52.213.167.16:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0C4E3704533345770A490D44%40AdobeOrg&d_nsid=0&ts=1675093878695 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: http://ca-psost-trackpost.info
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://ca-psost-trackpost.info
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-1-v045-06601d6e7.edge-irl1.demdex.com 1 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0C4E3704533345770A490D44%40AdobeOrg&d_nsid=0&ts=1675093878695
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=22593485903356419041919252840180650956; Max-Age=15552000; Expires=Sat, 29 Jul 2023 15:51:06 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: N3VlBEt9S/w=
Content-Length: 0
Connection: keep-alive
ca-psost-trackpost.info/static/image/Plus.svg
149.28.209.72200 OK 625 B URL HTTP/1.1 ca-psost-trackpost.info/static/image/Plus.svg
IP 149.28.209.72:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash cf306c53d124dd8b0f173f1d7a6d8814
b1d7e24006bb3bb43862ff92f6e528ed7337fe4a
eb53bd4dea7062e9a7eb7b5cc56576ac7d773142684850caa93c6f4ae2104a40
Analyzer Verdict Alert openphish Canada Post
fortinet Phishing
GET /static/image/Plus.svg HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:06 GMT
Content-Type: image/svg+xml
Content-Length: 625
Last-Modified: Sat, 08 Oct 2022 04:38:01 GMT
Connection: keep-alive
ETag: "6340fea9-271"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
ca-psost-trackpost.info/static/image/close_grey.svg
149.28.209.72200 OK 603 B URL HTTP/1.1 ca-psost-trackpost.info/static/image/close_grey.svg
IP 149.28.209.72:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 228dc68149f7ddab9538072399fb18be
5e1f78ff530db5de8747937cc2e62e8df7ec252d
8754aadb1e4a2ae34539fa890aef276dcce219c3a22de8f6fa5c7a89e7edc523
Analyzer Verdict Alert openphish Canada Post
fortinet Phishing
GET /static/image/close_grey.svg HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:06 GMT
Content-Type: image/svg+xml
Content-Length: 603
Last-Modified: Sat, 08 Oct 2022 04:38:01 GMT
Connection: keep-alive
ETag: "6340fea9-25b"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
ca-psost-trackpost.info/static/image/Received_by_canada_post_Grey.svg
149.28.209.72200 OK 860 B URL HTTP/1.1 ca-psost-trackpost.info/static/image/Received_by_canada_post_Grey.svg
IP 149.28.209.72:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (860), with no line terminators
Hash 13c507080c11b20becc09f28c65bca0a
17cd4852529c504634750c896f587cb5363379f3
3c568826d3e3d38ef5f552a8076054e17558571c496d0251d1394d92873ec6d8
Analyzer Verdict Alert openphish Canada Post
fortinet Phishing
GET /static/image/Received_by_canada_post_Grey.svg HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:06 GMT
Content-Type: image/svg+xml
Content-Length: 860
Last-Modified: Sat, 08 Oct 2022 04:38:01 GMT
Connection: keep-alive
ETag: "6340fea9-35c"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
ca-psost-trackpost.info/static/picture/cpc-mobile-en.png
149.28.209.72200 OK 135 kB URL HTTP/1.1 ca-psost-trackpost.info/static/picture/cpc-mobile-en.png
IP 149.28.209.72:0
File type PNG image data, 1132 x 1757, 8-bit colormap, non-interlaced\012- data
Size 135 kB (135308 bytes)
Hash cc7a0c5fe4f373d17dbac9ec522f823e
361aa3d44c9fd47df9bfd3075784e56ed0a296dc
9176bc77a8611ebbe903a9ac0385c27cc8219bd2586b81e7cdce4a3d44d4cb64
Analyzer Verdict Alert openphish Canada Post
GET /static/picture/cpc-mobile-en.png HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:05 GMT
Content-Type: image/png
Content-Length: 135308
Last-Modified: Fri, 07 Oct 2022 03:47:10 GMT
Connection: keep-alive
ETag: "633fa13e-2108c"
Expires: Wed, 01 Mar 2023 15:51:05 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
ca-psost-trackpost.info/static/image/search.svg
149.28.209.72200 OK 320 B URL HTTP/1.1 ca-psost-trackpost.info/static/image/search.svg
IP 149.28.209.72:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (320), with no line terminators
Hash 251094ec25cfdd8a820ffd758d2a281a
fa37e27aae09872b1b719eeec3313b09e711453e
3228f4cd6fd28ef733c3d98079f3478b1c4cb3338dcd7b95658ba731b817e113
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /static/image/search.svg HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/static/css/cpc-main.css
Cookie: AMCV_0C4E3704533345770A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C19388%7CvVersion%7C5.2.0; _gcl_au=1.1.2031797809.1675093879; s_vnc7=1675698678754%26vn%3D1; s_ivc=true
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:06 GMT
Content-Type: image/svg+xml
Content-Length: 320
Last-Modified: Sat, 08 Oct 2022 04:38:00 GMT
Connection: keep-alive
ETag: "6340fea8-140"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
ca-psost-trackpost.info/track-reperage/assets/images/page-actions/Share.svg
149.28.209.72404 Not Found 146 B URL HTTP/1.1 ca-psost-trackpost.info/track-reperage/assets/images/page-actions/Share.svg
IP 149.28.209.72:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /track-reperage/assets/images/page-actions/Share.svg HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
Cookie: AMCV_0C4E3704533345770A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C19388%7CvVersion%7C5.2.0; _gcl_au=1.1.2031797809.1675093879; s_vnc7=1675698678754%26vn%3D1; s_ivc=true
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 30 Jan 2023 15:51:06 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
ca-psost-trackpost.info/track-reperage/assets/images/page-actions/Print.svg
149.28.209.72404 Not Found 146 B URL HTTP/1.1 ca-psost-trackpost.info/track-reperage/assets/images/page-actions/Print.svg
IP 149.28.209.72:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /track-reperage/assets/images/page-actions/Print.svg HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
Cookie: AMCV_0C4E3704533345770A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C19388%7CvVersion%7C5.2.0; _gcl_au=1.1.2031797809.1675093879; s_vnc7=1675698678754%26vn%3D1; s_ivc=true
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 30 Jan 2023 15:51:06 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
ca-psost-trackpost.info/track-reperage/assets/images/track2.0/common/track-icon-desktop.svg
149.28.209.72404 Not Found 146 B URL HTTP/1.1 ca-psost-trackpost.info/track-reperage/assets/images/track2.0/common/track-icon-desktop.svg
IP 149.28.209.72:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /track-reperage/assets/images/track2.0/common/track-icon-desktop.svg HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
Cookie: AMCV_0C4E3704533345770A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C19388%7CvVersion%7C5.2.0; _gcl_au=1.1.2031797809.1675093879; s_vnc7=1675698678754%26vn%3D1; s_ivc=true
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 30 Jan 2023 15:51:06 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
ca-psost-trackpost.info/static/image/brand-chevron-red.svg
149.28.209.72200 OK 1.1 kB URL HTTP/1.1 ca-psost-trackpost.info/static/image/brand-chevron-red.svg
IP 149.28.209.72:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 39a3ade5f7505af85a38dccfea0d5b19
6d93041b5bf569d8cfbc3473aac6cc7b0c40af7d
991f5c8bc42c5dee505acf9c3143a2c2ee48aa9555cdc11bd573e9f3cd48444e
Analyzer Verdict Alert openphish Canada Post
fortinet Phishing
GET /static/image/brand-chevron-red.svg HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/static/css/cpc-main.css
Cookie: AMCV_0C4E3704533345770A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C19388%7CvVersion%7C5.2.0; _gcl_au=1.1.2031797809.1675093879; s_vnc7=1675698678754%26vn%3D1; s_ivc=true
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:06 GMT
Content-Type: image/svg+xml
Content-Length: 1104
Last-Modified: Fri, 07 Oct 2022 03:48:47 GMT
Connection: keep-alive
ETag: "633fa19f-450"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
ca-psost-trackpost.info/static/font/KFOmCnqEu92Fr1Mu4mxK.woff2
149.28.209.72200 OK 16 kB URL HTTP/1.1 ca-psost-trackpost.info/static/font/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 149.28.209.72:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /static/font/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/static/css/css2.css
Cookie: AMCV_0C4E3704533345770A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C19388%7CvVersion%7C5.2.0; _gcl_au=1.1.2031797809.1675093879; s_vnc7=1675698678754%26vn%3D1; s_ivc=true
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:06 GMT
Content-Type: font/woff2
Content-Length: 15744
Last-Modified: Fri, 07 Oct 2022 03:49:11 GMT
Connection: keep-alive
ETag: "633fa1b7-3d80"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
ziqicvv145.top/click/addClick?ip=91.90.42.154
149.28.206.39200 OK 0 B URL HTTP/2 ziqicvv145.top/click/addClick?ip=91.90.42.154
IP 149.28.206.39:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
quad9 Sinkholed
OPTIONS /click/addClick?ip=91.90.42.154 HTTP/1.1
Host: ziqicvv145.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: ip,sink,sinks
Referer: http://ca-psost-trackpost.info/
Origin: http://ca-psost-trackpost.info
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 15:51:06 GMT
content-type: text/plain;charset=utf-8
content-length: 0
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, DELETE
access-control-max-age: 3600
access-control-allow-headers: *
X-Firefox-Spdy: h2
ca-psost-trackpost.info/static/font/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
149.28.209.72200 OK 16 kB URL HTTP/1.1 ca-psost-trackpost.info/static/font/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 149.28.209.72:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /static/font/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/static/css/css2.css
Cookie: AMCV_0C4E3704533345770A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C19388%7CvVersion%7C5.2.0; _gcl_au=1.1.2031797809.1675093879; s_vnc7=1675698678754%26vn%3D1; s_ivc=true
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:06 GMT
Content-Type: font/woff2
Content-Length: 15860
Last-Modified: Fri, 07 Oct 2022 03:49:12 GMT
Connection: keep-alive
ETag: "633fa1b8-3df4"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
ca-psost-trackpost.info/static/image/111.png
149.28.209.72200 OK 68 kB URL HTTP/1.1 ca-psost-trackpost.info/static/image/111.png
IP 149.28.209.72:0
File type PNG image data, 1170 x 504, 8-bit/color RGB, non-interlaced\012- data
Hash e6e0980ecb75f16bfa5d2b28aa67d9ce
aa0903896a7b9984fcdddada738469dc242dca93
bf3ab92e138d570b33b6eddf3bb7cdb72fc5931b65e1b8c4e04624ccf4e5ff59
Analyzer Verdict Alert openphish Canada Post
GET /static/image/111.png HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
Cookie: AMCV_0C4E3704533345770A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C19388%7CvVersion%7C5.2.0; _gcl_au=1.1.2031797809.1675093879; s_vnc7=1675698678754%26vn%3D1; s_ivc=true
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:06 GMT
Content-Type: image/png
Content-Length: 68279
Last-Modified: Sat, 15 Oct 2022 11:06:21 GMT
Connection: keep-alive
ETag: "634a942d-10ab7"
Expires: Wed, 01 Mar 2023 15:51:06 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
ca-psost-trackpost.info/static/image/find-postal-code.svg
149.28.209.72200 OK 1.1 kB URL HTTP/1.1 ca-psost-trackpost.info/static/image/find-postal-code.svg
IP 149.28.209.72:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1147), with no line terminators
Hash c7c0adc5000742135f3458d603012282
cc1b266806a457b99a486d52ac2b06df193b01da
6b27644cfd8f56e0e8d2a572c5dfafd4ee830bea895d8ca74b1db6eec6039604
Analyzer Verdict Alert openphish Canada Post
fortinet Phishing
GET /static/image/find-postal-code.svg HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/static/css/cpc-main.css
Cookie: AMCV_0C4E3704533345770A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C19388%7CvVersion%7C5.2.0; _gcl_au=1.1.2031797809.1675093879; s_vnc7=1675698678754%26vn%3D1; s_ivc=true
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:06 GMT
Content-Type: image/svg+xml
Content-Length: 1147
Last-Modified: Fri, 07 Oct 2022 03:48:47 GMT
Connection: keep-alive
ETag: "633fa19f-47b"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
ca-psost-trackpost.info/static/font/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
149.28.209.72200 OK 16 kB URL HTTP/1.1 ca-psost-trackpost.info/static/font/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 149.28.209.72:0
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /static/font/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/static/css/css2.css
Cookie: AMCV_0C4E3704533345770A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C19388%7CvVersion%7C5.2.0; _gcl_au=1.1.2031797809.1675093879; s_vnc7=1675698678754%26vn%3D1; s_ivc=true
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:06 GMT
Content-Type: font/woff2
Content-Length: 15740
Last-Modified: Fri, 07 Oct 2022 03:49:11 GMT
Connection: keep-alive
ETag: "633fa1b7-3d7c"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
ca-psost-trackpost.info/static/font/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
149.28.209.72200 OK 16 kB URL HTTP/1.1 ca-psost-trackpost.info/static/font/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 149.28.209.72:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Analyzer Verdict Alert openphish Canada Post
fortinet Phishing
GET /static/font/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/static/css/css2.css
Cookie: AMCV_0C4E3704533345770A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C19388%7CvVersion%7C5.2.0; _gcl_au=1.1.2031797809.1675093879; s_vnc7=1675698678754%26vn%3D1; s_ivc=true
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:06 GMT
Content-Type: font/woff2
Content-Length: 15920
Last-Modified: Fri, 07 Oct 2022 03:49:12 GMT
Connection: keep-alive
ETag: "633fa1b8-3e30"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
ca-psost-trackpost.info/static/image/find-rate.svg
149.28.209.72200 OK 1.1 kB URL HTTP/1.1 ca-psost-trackpost.info/static/image/find-rate.svg
IP 149.28.209.72:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1135), with no line terminators
Hash 577bdfdf841bb1c10c7ab0c479ed9859
3dee137ee84971d2b1deecf9a76d0aaf8656f75a
552497213e931bd4aa121cd449e905fa2f8502513dc7c286f8c1af92e3d0e6fa
Analyzer Verdict Alert openphish Canada Post
fortinet Phishing
GET /static/image/find-rate.svg HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/static/css/cpc-main.css
Cookie: AMCV_0C4E3704533345770A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C19388%7CvVersion%7C5.2.0; _gcl_au=1.1.2031797809.1675093879; s_vnc7=1675698678754%26vn%3D1; s_ivc=true
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:06 GMT
Content-Type: image/svg+xml
Content-Length: 1135
Last-Modified: Fri, 07 Oct 2022 03:48:48 GMT
Connection: keep-alive
ETag: "633fa1a0-46f"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0C4E3704533345770A490D44%40AdobeOrg&d_nsid=0&ts=1675093878695
52.213.167.16200 OK 124 B URL HTTP/1.1 dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0C4E3704533345770A490D44%40AdobeOrg&d_nsid=0&ts=1675093878695
IP 52.213.167.16:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1f6783349ac4177ec3b3845fd520dca6
d84e7a43a8c8ff6f1a568ad6cb4162767f5b32b7
64bc30aa6a9d9e5396bb67c6af32c31f5ca6610641f0bdea10d759281df6adca
GET /id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0C4E3704533345770A490D44%40AdobeOrg&d_nsid=0&ts=1675093878695 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ca-psost-trackpost.info
Content-Type: application/x-www-form-urlencoded
Referer: http://ca-psost-trackpost.info/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://ca-psost-trackpost.info
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-1-v045-0d492e21d.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-Error: 172
X-TID: g6TV9QnqT9g=
Content-Length: 124
Connection: keep-alive
ca-psost-trackpost.info/static/font/KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2
149.28.209.72200 OK 18 kB URL HTTP/1.1 ca-psost-trackpost.info/static/font/KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2
IP 149.28.209.72:0
File type Web Open Font Format (Version 2), TrueType, length 17508, version 1.0\012- data
Hash 7fbdfaab6bd8b191496ffe1ef1b9e748
e9e592f8498d489d8000f3a4cfb1bb447f251edd
bb8007225d94a099cddbade7ea904667c0dd0b68d5e30778e5c6257589ab94d1
Analyzer Verdict Alert openphish Canada Post
fortinet Phishing
GET /static/font/KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2 HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/static/css/css2.css
Cookie: AMCV_0C4E3704533345770A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C19388%7CvVersion%7C5.2.0; _gcl_au=1.1.2031797809.1675093879; s_vnc7=1675698678754%26vn%3D1; s_ivc=true
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:06 GMT
Content-Type: font/woff2
Content-Length: 17508
Last-Modified: Fri, 07 Oct 2022 03:49:09 GMT
Connection: keep-alive
ETag: "633fa1b5-4464"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
ca-psost-trackpost.info/static/image/find-post-office.svg
149.28.209.72200 OK 1.1 kB URL HTTP/1.1 ca-psost-trackpost.info/static/image/find-post-office.svg
IP 149.28.209.72:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1140), with no line terminators
Hash c2fa7516c9abc5a9ab0affa7c8148a63
df137bbd8260c50a49ce3726696be932b7860679
66071c6705a89c7ff973ad106f61ae55f8081923b51689520c453e1aebb8e7d3
Analyzer Verdict Alert openphish Canada Post
fortinet Phishing
GET /static/image/find-post-office.svg HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/static/css/cpc-main.css
Cookie: AMCV_0C4E3704533345770A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C19388%7CvVersion%7C5.2.0; _gcl_au=1.1.2031797809.1675093879; s_vnc7=1675698678754%26vn%3D1; s_ivc=true
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:07 GMT
Content-Type: image/svg+xml
Content-Length: 1140
Last-Modified: Fri, 07 Oct 2022 03:48:47 GMT
Connection: keep-alive
ETag: "633fa19f-474"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
ca-psost-trackpost.info/static/image/mail-forwarding.svg
149.28.209.72200 OK 803 B URL HTTP/1.1 ca-psost-trackpost.info/static/image/mail-forwarding.svg
IP 149.28.209.72:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (803), with no line terminators
Hash 6c51c8a192d556f649ffc8b14cf7f1f9
626a445445bf5be1f4c12d8c7916dc9cd8930cb8
11db2b0607f4e4d55117df626221e2e23c77e35cc57b534e977a1d05dc7e69f5
Analyzer Verdict Alert openphish Canada Post
fortinet Phishing
GET /static/image/mail-forwarding.svg HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/static/css/cpc-main.css
Cookie: AMCV_0C4E3704533345770A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C19388%7CvVersion%7C5.2.0; _gcl_au=1.1.2031797809.1675093879; s_vnc7=1675698678754%26vn%3D1; s_ivc=true
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:07 GMT
Content-Type: image/svg+xml
Content-Length: 803
Last-Modified: Fri, 07 Oct 2022 03:48:48 GMT
Connection: keep-alive
ETag: "633fa1a0-323"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
ca-psost-trackpost.info/static/image/epost.svg
149.28.209.72200 OK 587 B URL HTTP/1.1 ca-psost-trackpost.info/static/image/epost.svg
IP 149.28.209.72:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (587), with no line terminators
Hash 11cb8eaf9a92df06b1bc4f6347100d04
609d2a9d4df4c36adac58c364dd1a5779a617201
f0e23afc228f2fc756c46aaaae1f441ee03b419897e200c53e539da3fe7c93fe
Analyzer Verdict Alert openphish Canada Post
fortinet Phishing
GET /static/image/epost.svg HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/static/css/cpc-main.css
Cookie: AMCV_0C4E3704533345770A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C19388%7CvVersion%7C5.2.0; _gcl_au=1.1.2031797809.1675093879; s_vnc7=1675698678754%26vn%3D1; s_ivc=true
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:07 GMT
Content-Type: image/svg+xml
Content-Length: 587
Last-Modified: Fri, 07 Oct 2022 03:48:48 GMT
Connection: keep-alive
ETag: "633fa1a0-24b"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
ca-psost-trackpost.info/static/image/scrolling-indicator.svg
149.28.209.72200 OK 220 B URL HTTP/1.1 ca-psost-trackpost.info/static/image/scrolling-indicator.svg
IP 149.28.209.72:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash 7464b8174a305a3aa0ad8317538caf1d
fdf15e429bfd22c5f6138d3a1bb7260e111e2fa6
e8d84700f1ed0ab8f2ef90183686c59f2eea8b1008a78dc1d7ae078895332beb
Analyzer Verdict Alert openphish Canada Post
fortinet Phishing
GET /static/image/scrolling-indicator.svg HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/static/css/cpc-main.css
Cookie: AMCV_0C4E3704533345770A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C19388%7CvVersion%7C5.2.0; _gcl_au=1.1.2031797809.1675093879; s_vnc7=1675698678754%26vn%3D1; s_ivc=true
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:07 GMT
Content-Type: image/svg+xml
Content-Length: 220
Last-Modified: Fri, 07 Oct 2022 03:48:48 GMT
Connection: keep-alive
ETag: "633fa1a0-dc"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
ca-psost-trackpost.info/static/image/brand-chevron-white.svg
149.28.209.72200 OK 1.2 kB URL HTTP/1.1 ca-psost-trackpost.info/static/image/brand-chevron-white.svg
IP 149.28.209.72:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (333), with CRLF line terminators
Hash fb356da8afbad48f50b17fdabbc8ceb0
e797b0583d992aabe46a9261d7be679cd8122822
8c0a7e53af884b81aedfeb0b535e847dbdfbb0199967d9f78a03ec620bd8e92f
Analyzer Verdict Alert openphish Canada Post
fortinet Phishing
GET /static/image/brand-chevron-white.svg HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/static/css/cpc-main.css
Cookie: AMCV_0C4E3704533345770A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C19388%7CvVersion%7C5.2.0; _gcl_au=1.1.2031797809.1675093879; s_vnc7=1675698678754%26vn%3D1; s_ivc=true; s_gpv_url=http%3A%2F%2Fca-psost-trackpost.info%2F
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:07 GMT
Content-Type: image/svg+xml
Content-Length: 1168
Last-Modified: Fri, 07 Oct 2022 03:49:04 GMT
Connection: keep-alive
ETag: "633fa1b0-490"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
ca-psost-trackpost.info/static/image/brand-chevron-grey.svg
149.28.209.72200 OK 1.3 kB URL HTTP/1.1 ca-psost-trackpost.info/static/image/brand-chevron-grey.svg
IP 149.28.209.72:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (309)
Hash 6d7569fea8f4259321b42daf0c5f0670
64b65a15cbc889f251eb77da80b5c901d388291f
8d5590bca2e8b963428a4e8c7e6d051f6cfff34fa7a73c8a772d6c9a0af81d71
Analyzer Verdict Alert openphish Canada Post
fortinet Phishing
GET /static/image/brand-chevron-grey.svg HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/static/css/cpc-main.css
Cookie: AMCV_0C4E3704533345770A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C19388%7CvVersion%7C5.2.0; _gcl_au=1.1.2031797809.1675093879; s_vnc7=1675698678754%26vn%3D1; s_ivc=true; s_gpv_url=http%3A%2F%2Fca-psost-trackpost.info%2F
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:07 GMT
Content-Type: image/svg+xml
Content-Length: 1260
Last-Modified: Fri, 07 Oct 2022 03:49:04 GMT
Connection: keep-alive
ETag: "633fa1b0-4ec"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8c2aa612a0efe481a1865a8c2780c74a
eada21de6357992dab228cfd37504c0b823883a1
6701f0842dfe02df1aaba87973ccaee9397f90e6f65058bfa67616415e9ef62b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 158
Cache-Control: max-age=141154
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 15:51:07 GMT
Etag: "63d76b2f-1d7"
Expires: Wed, 01 Feb 2023 07:03:41 GMT
Last-Modified: Mon, 30 Jan 2023 07:01:03 GMT
Server: ECS (amb/6BA1)
X-Cache: HIT
Content-Length: 471
ca-psost-trackpost.info/static/image/chevron_mobile_right-blue.svg
149.28.209.72200 OK 222 B URL HTTP/1.1 ca-psost-trackpost.info/static/image/chevron_mobile_right-blue.svg
IP 149.28.209.72:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash 0feff4f3ba9552a19e1cdcad8a2a45d1
3c3f92fd946e068c8b105643404e5ca7468ba8c6
decb01d424c855f55ee43eda45c3785e23472dfc507f0d060c598489b7040fd1
Analyzer Verdict Alert openphish Canada Post
fortinet Phishing
GET /static/image/chevron_mobile_right-blue.svg HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/static/css/cpc-main.css
Cookie: AMCV_0C4E3704533345770A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C19388%7CvVersion%7C5.2.0; _gcl_au=1.1.2031797809.1675093879; s_vnc7=1675698678754%26vn%3D1; s_ivc=true; s_gpv_url=http%3A%2F%2Fca-psost-trackpost.info%2F
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:07 GMT
Content-Type: image/svg+xml
Content-Length: 222
Last-Modified: Fri, 07 Oct 2022 03:48:43 GMT
Connection: keep-alive
ETag: "633fa19b-de"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
sslstats.canadapost.ca/id?d_visid_ver=5.2.0&d_fieldgroup=MC&mcorgid=0C4E3704533345770A490D44%40AdobeOrg&ts=1675093879809
13.37.25.97200 OK 48 B URL HTTP/2 sslstats.canadapost.ca/id?d_visid_ver=5.2.0&d_fieldgroup=MC&mcorgid=0C4E3704533345770A490D44%40AdobeOrg&ts=1675093879809
IP 13.37.25.97:0
File type JSON data\012- , ASCII text, with no line terminators
Hash f14365269f598500e6f55f8037758335
03262cc4373081984e28e09e858462c3b9fbe732
55fbc9c4d2f5ead0583a8d51fbe23a77c040ae17dbcc5e941123706e9f2b8a50
GET /id?d_visid_ver=5.2.0&d_fieldgroup=MC&mcorgid=0C4E3704533345770A490D44%40AdobeOrg&ts=1675093879809 HTTP/1.1
Host: sslstats.canadapost.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: http://ca-psost-trackpost.info
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://ca-psost-trackpost.info
access-control-allow-credentials: true
date: Mon, 30 Jan 2023 15:51:07 GMT
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: AMCV_0C4E3704533345770A490D44%40AdobeOrg=0%7CMCMID%7C78556272190061460143186853407448392106; Path=/; Domain=canadapost.ca; Max-Age=63072000; Expires=Wed, 29 Jan 2025 15:51:51 GMT;
s_ecid=MCMID%7C78556272190061460143186853407448392106; Path=/; Domain=canadapost.ca; Max-Age=63072000; Expires=Wed, 29 Jan 2025 15:51:51 GMT; SameSite=Lax;
vary: Origin
content-type: application/x-javascript;charset=utf-8
content-length: 48
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ca-psost-trackpost.info/static/image/shop-category-block-chevron.svg
149.28.209.72200 OK 2.9 kB URL HTTP/1.1 ca-psost-trackpost.info/static/image/shop-category-block-chevron.svg
IP 149.28.209.72:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (488)
Hash 6bda13bc88f619c9eb20733baa13ff1e
7b640d2d73f21265fc55809e7ebd3cae58116e02
5f9056158496f81761fb1e62051f485b9974826c79ff3305a5d3122745002943
Analyzer Verdict Alert openphish Canada Post
fortinet Phishing
GET /static/image/shop-category-block-chevron.svg HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/static/css/cpc-main.css
Cookie: AMCV_0C4E3704533345770A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C19388%7CvVersion%7C5.2.0; _gcl_au=1.1.2031797809.1675093879; s_vnc7=1675698678754%26vn%3D1; s_ivc=true; s_gpv_url=http%3A%2F%2Fca-psost-trackpost.info%2F
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:07 GMT
Content-Type: image/svg+xml
Content-Length: 2872
Last-Modified: Fri, 07 Oct 2022 03:48:43 GMT
Connection: keep-alive
ETag: "633fa19b-b38"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=0C4E3704533345770A490D44%40AdobeOrg&d_nsid=0&d_mid=78556272190061460143186853407448392106&ts=1675093880064
52.213.167.16200 OK 308 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=0C4E3704533345770A490D44%40AdobeOrg&d_nsid=0&d_mid=78556272190061460143186853407448392106&ts=1675093880064
IP 52.213.167.16:0
File type JSON data\012- , ASCII text, with very long lines (364), with no line terminators
Hash bf0bc7056efae8144e79917105bde645
a20db692df173b3877c9eced0197e15898fc59be
c58799cf69c4dae35034242a75f3c1bac6fa440a4f31055f66713c8b3b5ef8a1
GET /id?d_visid_ver=5.2.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=0C4E3704533345770A490D44%40AdobeOrg&d_nsid=0&d_mid=78556272190061460143186853407448392106&ts=1675093880064 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: http://ca-psost-trackpost.info
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://ca-psost-trackpost.info
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-1-v045-0a637d725.edge-irl1.demdex.com 3 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=78577308428195401613184455666019831989; Max-Age=15552000; Expires=Sat, 29 Jul 2023 15:51:07 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: GmCDA7HRTKI=
Content-Length: 308
Connection: keep-alive
ca-psost-trackpost.info/static/image/chevron_large_left.svg
149.28.209.72200 OK 265 B URL HTTP/1.1 ca-psost-trackpost.info/static/image/chevron_large_left.svg
IP 149.28.209.72:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash 54eb1c92830c423deb57876b83b636f7
e24fae66504fc670c3a46d431ecfe4df39d03041
cbacedf66149d8492b3f3cd6fdff06eb907684a5ca57ea56b8900699c6ae30c4
Analyzer Verdict Alert openphish Canada Post
fortinet Phishing
GET /static/image/chevron_large_left.svg HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/static/css/cpc-main.css
Cookie: AMCV_0C4E3704533345770A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C19388%7CvVersion%7C5.2.0; _gcl_au=1.1.2031797809.1675093879; s_vnc7=1675698678754%26vn%3D1; s_ivc=true; s_gpv_url=http%3A%2F%2Fca-psost-trackpost.info%2F
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:07 GMT
Content-Type: image/svg+xml
Content-Length: 265
Last-Modified: Fri, 07 Oct 2022 03:48:43 GMT
Connection: keep-alive
ETag: "633fa19b-109"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
ca-psost-trackpost.info/static/image/ctype-banner-personal.jpg
149.28.209.72200 OK 142 kB URL HTTP/1.1 ca-psost-trackpost.info/static/image/ctype-banner-personal.jpg
IP 149.28.209.72:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x832, components 3\012- data
Size 142 kB (141461 bytes)
Hash 6dc4c4886a7a35d66d28018f779f1fa5
1bf4c6b0f50c5944646b97c9b6870ecdf98af059
3452a6d6792bde10208b5479c5fb3a38cfff05a90b0f4fc7601d8dde011b7a7c
Analyzer Verdict Alert openphish Canada Post
GET /static/image/ctype-banner-personal.jpg HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/static/css/cpc-main.css
Cookie: AMCV_0C4E3704533345770A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C19388%7CvVersion%7C5.2.0; _gcl_au=1.1.2031797809.1675093879; s_vnc7=1675698678754%26vn%3D1; s_ivc=true; s_gpv_url=http%3A%2F%2Fca-psost-trackpost.info%2F
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:07 GMT
Content-Type: image/jpeg
Content-Length: 141461
Last-Modified: Fri, 07 Oct 2022 03:48:48 GMT
Connection: keep-alive
ETag: "633fa1a0-22895"
Expires: Wed, 01 Mar 2023 15:51:07 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
canadapost.demdex.net/dest5.html?d_nsid=0
34.241.134.251200 OK 2.8 kB URL HTTP/1.1 canadapost.demdex.net/dest5.html?d_nsid=0
IP 34.241.134.251:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Hash ccbdcb1e84c241950763ec4cd516cdfc
55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12
GET /dest5.html?d_nsid=0 HTTP/1.1
Host: canadapost.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Mon, 30 Jan 2023 15:51:07 GMT
DCS: dcs-prod-irl1-2-v045-07bcfe959.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Wed, 9 Nov 2022 04:23:32 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: uUFQ+584THQ=
Content-Length: 2791
Connection: keep-alive
stats.canadapost.ca/b/ss/canadapostcapool/1/JS-2.5.0-LCXS/s11320044913381?AQB=1&ndh=1&pf=1&t=30%2F0%2F2023%2015%3A51%3A20%201%200&mid=78556272190061460143186853407448392106&aamlh=6&ce=UTF-8&ns=canadapost&cdp=2&fpCookieDomainPeriods=2&pageName=cpc.ca%3A%20%3E%20en%20%3E%20common%20%3E%20common%20%3E%20Mailing%20and%20shipping%20for%20Personal%20and%20Business&g=http%3A%2F%2Fca-psost-trackpost.info%2F&c.&getVisitNum=4.2&endOfDatePeriod=1.2&.c&cc=CAD&ch=common&server=ca-psost-trackpost.info&events=event96%3D16&aamb=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&h1=common&c3=D%3DpageName&v3=D%3DpageName&c8=ca-psost-trackpost.info&c9=D%3DpageName&v9=D%3DpageName&c10=D%3DpageName&v10=D%3DpageName&c11=D%3DpageName&v11=D%3DpageName&c13=D%3DpageName&v13=D%3DpageName&c14=common&v14=common&c15=en&v15=en&c16=standard&v16=standard&c17=anonymous&v17=anonymous&c24=ca-psost-trackpost.info&v24=ca-psost-trackpost.info&v30=D%3Dv122&c34=10%3A30&v34=10%3A30&c35=Monday&v35=Monday&c36=weekday&v36=weekday&v37=First%20Visit&c39=New&v39=New&c56=None&v56=D%3Dc56&v69=D%3DUser-Agent&c70=D%3Dv70&v70=http%3A%2F%2Fca-psost-trackpost.info%2F&c72=16&v85=Monday%202023-1-30&v122=anonymous&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=0C4E3704533345770A490D44%40AdobeOrg&AQE=1
15.236.125.10200 OK 43 B URL HTTP/1.1 stats.canadapost.ca/b/ss/canadapostcapool/1/JS-2.5.0-LCXS/s11320044913381?AQB=1&ndh=1&pf=1&t=30%2F0%2F2023%2015%3A51%3A20%201%200&mid=78556272190061460143186853407448392106&aamlh=6&ce=UTF-8&ns=canadapost&cdp=2&fpCookieDomainPeriods=2&pageName=cpc.ca%3A%20%3E%20en%20%3E%20common%20%3E%20common%20%3E%20Mailing%20and%20shipping%20for%20Personal%20and%20Business&g=http%3A%2F%2Fca-psost-trackpost.info%2F&c.&getVisitNum=4.2&endOfDatePeriod=1.2&.c&cc=CAD&ch=common&server=ca-psost-trackpost.info&events=event96%3D16&aamb=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&h1=common&c3=D%3DpageName&v3=D%3DpageName&c8=ca-psost-trackpost.info&c9=D%3DpageName&v9=D%3DpageName&c10=D%3DpageName&v10=D%3DpageName&c11=D%3DpageName&v11=D%3DpageName&c13=D%3DpageName&v13=D%3DpageName&c14=common&v14=common&c15=en&v15=en&c16=standard&v16=standard&c17=anonymous&v17=anonymous&c24=ca-psost-trackpost.info&v24=ca-psost-trackpost.info&v30=D%3Dv122&c34=10%3A30&v34=10%3A30&c35=Monday&v35=Monday&c36=weekday&v36=weekday&v37=First%20Visit&c39=New&v39=New&c56=None&v56=D%3Dc56&v69=D%3DUser-Agent&c70=D%3Dv70&v70=http%3A%2F%2Fca-psost-trackpost.info%2F&c72=16&v85=Monday%202023-1-30&v122=anonymous&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=0C4E3704533345770A490D44%40AdobeOrg&AQE=1
IP 15.236.125.10:0
File type GIF image data, version 89a, 2 x 2\012- data
Hash ad480fd0732d0f6f1a8b06359e3a42bb
a544538683a2dfe574eeb2e358ac8fcc78289d50
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
GET /b/ss/canadapostcapool/1/JS-2.5.0-LCXS/s11320044913381?AQB=1&ndh=1&pf=1&t=30%2F0%2F2023%2015%3A51%3A20%201%200&mid=78556272190061460143186853407448392106&aamlh=6&ce=UTF-8&ns=canadapost&cdp=2&fpCookieDomainPeriods=2&pageName=cpc.ca%3A%20%3E%20en%20%3E%20common%20%3E%20common%20%3E%20Mailing%20and%20shipping%20for%20Personal%20and%20Business&g=http%3A%2F%2Fca-psost-trackpost.info%2F&c.&getVisitNum=4.2&endOfDatePeriod=1.2&.c&cc=CAD&ch=common&server=ca-psost-trackpost.info&events=event96%3D16&aamb=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&h1=common&c3=D%3DpageName&v3=D%3DpageName&c8=ca-psost-trackpost.info&c9=D%3DpageName&v9=D%3DpageName&c10=D%3DpageName&v10=D%3DpageName&c11=D%3DpageName&v11=D%3DpageName&c13=D%3DpageName&v13=D%3DpageName&c14=common&v14=common&c15=en&v15=en&c16=standard&v16=standard&c17=anonymous&v17=anonymous&c24=ca-psost-trackpost.info&v24=ca-psost-trackpost.info&v30=D%3Dv122&c34=10%3A30&v34=10%3A30&c35=Monday&v35=Monday&c36=weekday&v36=weekday&v37=First%20Visit&c39=New&v39=New&c56=None&v56=D%3Dc56&v69=D%3DUser-Agent&c70=D%3Dv70&v70=http%3A%2F%2Fca-psost-trackpost.info%2F&c72=16&v85=Monday%202023-1-30&v122=anonymous&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=0C4E3704533345770A490D44%40AdobeOrg&AQE=1 HTTP/1.1
Host: stats.canadapost.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
HTTP/1.1 200 OK
access-control-allow-origin: *
date: Mon, 30 Jan 2023 15:51:07 GMT
expires: Sun, 29 Jan 2023 15:51:07 GMT
last-modified: Tue, 31 Jan 2023 15:51:07 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
etag: 3597236688787210240-4619789653769032529
vary: *
content-type: image/gif;charset=utf-8
content-length: 43
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
ca-psost-trackpost.info/static/image/20678_VTP_blogcard_1152x840_E.jpg
149.28.209.72200 OK 39 kB URL HTTP/1.1 ca-psost-trackpost.info/static/image/20678_VTP_blogcard_1152x840_E.jpg
IP 149.28.209.72:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1152x840, components 3\012- data
Hash 1eda59ee803043e4c7c33f3290018bb4
79d131a16b79892e480d8c6021205aafe045017b
eaa3cb262a8c2beb7aa0bd6bc976bff155b43fbf1fde64da0e7869deef8f84f1
Analyzer Verdict Alert openphish Canada Post
GET /static/image/20678_VTP_blogcard_1152x840_E.jpg HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
Cookie: AMCV_0C4E3704533345770A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C19388%7CvVersion%7C5.2.0; _gcl_au=1.1.2031797809.1675093879; s_vnc7=1675698678754%26vn%3D1; s_ivc=true; s_gpv_url=http%3A%2F%2Fca-psost-trackpost.info%2F
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:07 GMT
Content-Type: image/jpeg
Content-Length: 39443
Last-Modified: Fri, 07 Oct 2022 03:48:33 GMT
Connection: keep-alive
ETag: "633fa191-9a13"
Expires: Wed, 01 Mar 2023 15:51:07 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
ca-psost-trackpost.info/static/image/ctype-banner-business.jpg
149.28.209.72200 OK 143 kB URL HTTP/1.1 ca-psost-trackpost.info/static/image/ctype-banner-business.jpg
IP 149.28.209.72:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x832, components 3\012- data
Size 143 kB (143133 bytes)
Hash d05f5e1c3b85076a254f1f79887d035c
b96d67dff914c0e477975f1fe3c2eb4ae9f56cc7
3e0da076e9e23b8ddf77b30ebe128b9ae0a78f41c037cbc431722237df176e06
Analyzer Verdict Alert openphish Canada Post
GET /static/image/ctype-banner-business.jpg HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/static/css/cpc-main.css
Cookie: AMCV_0C4E3704533345770A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C19388%7CvVersion%7C5.2.0; _gcl_au=1.1.2031797809.1675093879; s_vnc7=1675698678754%26vn%3D1; s_ivc=true; s_gpv_url=http%3A%2F%2Fca-psost-trackpost.info%2F
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:07 GMT
Content-Type: image/jpeg
Content-Length: 143133
Last-Modified: Fri, 07 Oct 2022 03:48:49 GMT
Connection: keep-alive
ETag: "633fa1a1-22f1d"
Expires: Wed, 01 Mar 2023 15:51:07 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
ca-psost-trackpost.info/static/image/CCODWO4859_Shop_Block_Banner_Desktop.jpg
149.28.209.72200 OK 65 kB URL HTTP/1.1 ca-psost-trackpost.info/static/image/CCODWO4859_Shop_Block_Banner_Desktop.jpg
IP 149.28.209.72:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 3400x600, components 3\012- data
Hash 9f165a6bd92e568a1a8fd23b78883181
7dd2ef22b2c5ab8a3b8233145d43c424a5cf447a
6ed3fb4f8c21d6499ddac033d90cd91d1fecca33f2e6715de10cf64d34b9db0b
Analyzer Verdict Alert openphish Canada Post
GET /static/image/CCODWO4859_Shop_Block_Banner_Desktop.jpg HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
Cookie: AMCV_0C4E3704533345770A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C19388%7CvVersion%7C5.2.0; _gcl_au=1.1.2031797809.1675093879; s_vnc7=1675698678754%26vn%3D1; s_ivc=true; s_gpv_url=http%3A%2F%2Fca-psost-trackpost.info%2F
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:07 GMT
Content-Type: image/jpeg
Content-Length: 65251
Last-Modified: Fri, 07 Oct 2022 03:48:32 GMT
Connection: keep-alive
ETag: "633fa190-fee3"
Expires: Wed, 01 Mar 2023 15:51:07 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
ca-psost-trackpost.info/static/image/20633_IL_3stamps_blogcard_1152x840.ENG.jpg
149.28.209.72200 OK 602 kB URL HTTP/1.1 ca-psost-trackpost.info/static/image/20633_IL_3stamps_blogcard_1152x840.ENG.jpg
IP 149.28.209.72:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1152x840, components 3\012- data
Size 602 kB (602121 bytes)
Hash 99c7f558a862173112ccc6ae23750446
d97f74cfc063a28f81d79abad9d2a697617deb4e
93a978882a57417dc53317722055c3609dcdd48b6e4ff1b415645624f6f76726
Analyzer Verdict Alert openphish Canada Post
GET /static/image/20633_IL_3stamps_blogcard_1152x840.ENG.jpg HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
Cookie: AMCV_0C4E3704533345770A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C19388%7CvVersion%7C5.2.0; _gcl_au=1.1.2031797809.1675093879; s_vnc7=1675698678754%26vn%3D1; s_ivc=true; s_gpv_url=http%3A%2F%2Fca-psost-trackpost.info%2F
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:07 GMT
Content-Type: image/jpeg
Content-Length: 602121
Last-Modified: Fri, 07 Oct 2022 03:48:32 GMT
Connection: keep-alive
ETag: "633fa190-93009"
Expires: Wed, 01 Mar 2023 15:51:07 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
ca-psost-trackpost.info/static/image/Whales_blogcard_1152x840_ENG.jpg
149.28.209.72200 OK 122 kB URL HTTP/1.1 ca-psost-trackpost.info/static/image/Whales_blogcard_1152x840_ENG.jpg
IP 149.28.209.72:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1152x840, components 3\012- data
Size 122 kB (121534 bytes)
Hash f6401d2a97ec5e6fb7952fb79b312050
cc5d0d5071262a77708f6afeff650fd4c8f8e0b3
7c5e471e24ec1703ab3fdf71e9fadce3239a8e82870b2ae17b0f1845b628f37a
Analyzer Verdict Alert openphish Canada Post
GET /static/image/Whales_blogcard_1152x840_ENG.jpg HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
Cookie: AMCV_0C4E3704533345770A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C19388%7CvVersion%7C5.2.0; _gcl_au=1.1.2031797809.1675093879; s_vnc7=1675698678754%26vn%3D1; s_ivc=true; s_gpv_url=http%3A%2F%2Fca-psost-trackpost.info%2F
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:07 GMT
Content-Type: image/jpeg
Content-Length: 121534
Last-Modified: Fri, 07 Oct 2022 03:48:32 GMT
Connection: keep-alive
ETag: "633fa190-1dabe"
Expires: Wed, 01 Mar 2023 15:51:07 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
ca-psost-trackpost.info/static/image/2018-02-20-create-winning-returns-strategy-business.jpg
149.28.209.72200 OK 25 kB URL HTTP/1.1 ca-psost-trackpost.info/static/image/2018-02-20-create-winning-returns-strategy-business.jpg
IP 149.28.209.72:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 708x518, components 3\012- data
Hash ee1ff17fd83f162bc7ffd21affaea7cf
bd3352130a0947249eef296d9f0dfe0018e995f5
bd0ed537b09f8896109dfc84de653fe01bf8d8f5e4989501cb071be676a8bf23
Analyzer Verdict Alert openphish Canada Post
GET /static/image/2018-02-20-create-winning-returns-strategy-business.jpg HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
Cookie: AMCV_0C4E3704533345770A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C19388%7CvVersion%7C5.2.0; _gcl_au=1.1.2031797809.1675093879; s_vnc7=1675698678754%26vn%3D1; s_ivc=true; s_gpv_url=http%3A%2F%2Fca-psost-trackpost.info%2F
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:08 GMT
Content-Type: image/jpeg
Content-Length: 25051
Last-Modified: Fri, 07 Oct 2022 03:48:37 GMT
Connection: keep-alive
ETag: "633fa195-61db"
Expires: Wed, 01 Mar 2023 15:51:08 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
ca-psost-trackpost.info/static/image/ccodwo302_blog_card-2020_V2.jpg
149.28.209.72200 OK 295 kB URL HTTP/1.1 ca-psost-trackpost.info/static/image/ccodwo302_blog_card-2020_V2.jpg
IP 149.28.209.72:0
File type JPEG image data, baseline, precision 8, 1152x840, components 3\012- data
Size 295 kB (294914 bytes)
Hash 0f8c4cfc467bf672a310e65ba56be8a3
0c605e6ce4470b6c82bd497c566f88cab3ed959b
9a2ab0fcac64f95be7247d318dd72494051d8281bdcb8ff1fb50b4a38e7feea6
Analyzer Verdict Alert openphish Canada Post
GET /static/image/ccodwo302_blog_card-2020_V2.jpg HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
Cookie: AMCV_0C4E3704533345770A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C19388%7CvVersion%7C5.2.0; _gcl_au=1.1.2031797809.1675093879; s_vnc7=1675698678754%26vn%3D1; s_ivc=true; s_gpv_url=http%3A%2F%2Fca-psost-trackpost.info%2F
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:07 GMT
Content-Type: image/jpeg
Content-Length: 294914
Last-Modified: Fri, 07 Oct 2022 03:48:36 GMT
Connection: keep-alive
ETag: "633fa194-48002"
Expires: Wed, 01 Mar 2023 15:51:07 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
ca-psost-trackpost.info/static/image/asahi_blog_card_1152x840.jpg
149.28.209.72200 OK 204 kB URL HTTP/1.1 ca-psost-trackpost.info/static/image/asahi_blog_card_1152x840.jpg
IP 149.28.209.72:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1152x840, components 3\012- data
Size 204 kB (203849 bytes)
Hash 1f15453a49310aa000671e782891e32a
33b5867d03003e7b1ed1b48e8d427f62f3aeecc6
59314e94721dcbc7eab85bb3959b3489a9cb986120dfac721633db8b584050bc
Analyzer Verdict Alert openphish Canada Post
GET /static/image/asahi_blog_card_1152x840.jpg HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
Cookie: AMCV_0C4E3704533345770A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C19388%7CvVersion%7C5.2.0; _gcl_au=1.1.2031797809.1675093879; s_vnc7=1675698678754%26vn%3D1; s_ivc=true; s_gpv_url=http%3A%2F%2Fca-psost-trackpost.info%2F
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:08 GMT
Content-Type: image/jpeg
Content-Length: 203849
Last-Modified: Fri, 07 Oct 2022 03:48:37 GMT
Connection: keep-alive
ETag: "633fa195-31c49"
Expires: Wed, 01 Mar 2023 15:51:08 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
ca-psost-trackpost.info/static/image/19273_history_of_radio_banner.jpg
149.28.209.72200 OK 160 kB URL HTTP/1.1 ca-psost-trackpost.info/static/image/19273_history_of_radio_banner.jpg
IP 149.28.209.72:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1152x840, components 3\012- data
Size 160 kB (160133 bytes)
Hash f11ba9708813ff3b0be1de05858200e1
75940d93502eb608a08b38356713250fd36adda8
dec6d59326f0c986c6628a2cf15fc0beae78f981192eb018c51e681c26a73e91
Analyzer Verdict Alert openphish Canada Post
GET /static/image/19273_history_of_radio_banner.jpg HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
Cookie: AMCV_0C4E3704533345770A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C19388%7CvVersion%7C5.2.0; _gcl_au=1.1.2031797809.1675093879; s_vnc7=1675698678754%26vn%3D1; s_ivc=true; s_gpv_url=http%3A%2F%2Fca-psost-trackpost.info%2F
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:07 GMT
Content-Type: image/jpeg
Content-Length: 160133
Last-Modified: Fri, 07 Oct 2022 03:48:34 GMT
Connection: keep-alive
ETag: "633fa192-27185"
Expires: Wed, 01 Mar 2023 15:51:07 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
ca-psost-trackpost.info/static/image/chevron_large_right.svg
149.28.209.72200 OK 263 B URL HTTP/1.1 ca-psost-trackpost.info/static/image/chevron_large_right.svg
IP 149.28.209.72:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash 46108b47a2f27002cf7512a513c679e8
8472f35ea6052cfd4ee6762cbeef523c14c95832
50d9b72d7f9ea052b9d947d585d3581a7ac4758f5e46810c50a6b19006b2bbd7
Analyzer Verdict Alert openphish Canada Post
fortinet Phishing
GET /static/image/chevron_large_right.svg HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/static/css/cpc-main.css
Cookie: AMCV_0C4E3704533345770A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C19388%7CvVersion%7C5.2.0; _gcl_au=1.1.2031797809.1675093879; s_vnc7=1675698678754%26vn%3D1; s_ivc=true; s_gpv_url=http%3A%2F%2Fca-psost-trackpost.info%2F
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:08 GMT
Content-Type: image/svg+xml
Content-Length: 263
Last-Modified: Fri, 07 Oct 2022 03:48:43 GMT
Connection: keep-alive
ETag: "633fa19b-107"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
ca-psost-trackpost.info/static/image/mobile-content-device-chevron-1.svg
149.28.209.72200 OK 1.4 kB URL HTTP/1.1 ca-psost-trackpost.info/static/image/mobile-content-device-chevron-1.svg
IP 149.28.209.72:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (319)
Hash d28a232a460dd4129f5f6987c058c886
c085bd53ac1998d5768d61e1037c573bb26e2f5c
f65535d538536aa156965977b379a72c5a31d469539a5ca82af5bf877dae6383
Analyzer Verdict Alert openphish Canada Post
fortinet Phishing
GET /static/image/mobile-content-device-chevron-1.svg HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/static/css/cpc-main.css
Cookie: AMCV_0C4E3704533345770A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C19388%7CvVersion%7C5.2.0; _gcl_au=1.1.2031797809.1675093879; s_vnc7=1675698678754%26vn%3D1; s_ivc=true; s_gpv_url=http%3A%2F%2Fca-psost-trackpost.info%2F
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:08 GMT
Content-Type: image/svg+xml
Content-Length: 1377
Last-Modified: Fri, 07 Oct 2022 03:49:00 GMT
Connection: keep-alive
ETag: "633fa1ac-561"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
ca-psost-trackpost.info/static/image/2018-03-06-summer-holidays-mailing-data-driven-direct-mail.jpg
149.28.209.72200 OK 51 kB URL HTTP/1.1 ca-psost-trackpost.info/static/image/2018-03-06-summer-holidays-mailing-data-driven-direct-mail.jpg
IP 149.28.209.72:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 708x518, components 3\012- data
Hash fc0debec58ed03d71494cd356eb70abc
e649d7668915958b8b8b4877313e5a8a979ebc45
82716b4a233781a463fe3cf76cab03bcc56ec957c9daf4e6afa8778767d1eae5
Analyzer Verdict Alert openphish Canada Post
GET /static/image/2018-03-06-summer-holidays-mailing-data-driven-direct-mail.jpg HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
Cookie: AMCV_0C4E3704533345770A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C19388%7CvVersion%7C5.2.0; _gcl_au=1.1.2031797809.1675093879; s_vnc7=1675698678754%26vn%3D1; s_ivc=true; s_gpv_url=http%3A%2F%2Fca-psost-trackpost.info%2F
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:08 GMT
Content-Type: image/jpeg
Content-Length: 51116
Last-Modified: Fri, 07 Oct 2022 03:48:37 GMT
Connection: keep-alive
ETag: "633fa195-c7ac"
Expires: Wed, 01 Mar 2023 15:51:08 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
ca-psost-trackpost.info/static/image/maud-Lewis-blog_card.jpg
149.28.209.72200 OK 496 kB URL HTTP/1.1 ca-psost-trackpost.info/static/image/maud-Lewis-blog_card.jpg
IP 149.28.209.72:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1152x840, components 3\012- data
Size 496 kB (495849 bytes)
Hash 1168191ff6e97c1527a51ba3b7b13486
65a82362d88982bafbef94086cce7eaa38b55fca
e00267b62410cde5cdd33b472ef01188dfcec85a1fc2744030e92e697b0201f1
Analyzer Verdict Alert openphish Canada Post
GET /static/image/maud-Lewis-blog_card.jpg HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
Cookie: AMCV_0C4E3704533345770A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C19388%7CvVersion%7C5.2.0; _gcl_au=1.1.2031797809.1675093879; s_vnc7=1675698678754%26vn%3D1; s_ivc=true; s_gpv_url=http%3A%2F%2Fca-psost-trackpost.info%2F
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:07 GMT
Content-Type: image/jpeg
Content-Length: 495849
Last-Modified: Fri, 07 Oct 2022 03:48:35 GMT
Connection: keep-alive
ETag: "633fa193-790e9"
Expires: Wed, 01 Mar 2023 15:51:07 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
ca-psost-trackpost.info/static/image/mobile-content-device-chevron-2.svg
149.28.209.72200 OK 3.9 kB URL HTTP/1.1 ca-psost-trackpost.info/static/image/mobile-content-device-chevron-2.svg
IP 149.28.209.72:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 59633d1fee92e69467866b13cf435ff1
5d886a02645503cf3d7aa047b4f4f17279e679b5
2de9ae294418088f50754ee0fbcc1025d0c389b30336f48a288e661deafbc927
Analyzer Verdict Alert openphish Canada Post
fortinet Phishing
GET /static/image/mobile-content-device-chevron-2.svg HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/static/css/cpc-main.css
Cookie: AMCV_0C4E3704533345770A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C19388%7CvVersion%7C5.2.0; _gcl_au=1.1.2031797809.1675093879; s_vnc7=1675698678754%26vn%3D1; s_ivc=true; s_gpv_url=http%3A%2F%2Fca-psost-trackpost.info%2F
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:08 GMT
Content-Type: image/svg+xml
Content-Length: 3852
Last-Modified: Fri, 07 Oct 2022 03:48:45 GMT
Connection: keep-alive
ETag: "633fa19d-f0c"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
ca-psost-trackpost.info/static/image/google-play-badge-EN.svg
149.28.209.72200 OK 4.9 kB URL HTTP/1.1 ca-psost-trackpost.info/static/image/google-play-badge-EN.svg
IP 149.28.209.72:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (4936), with no line terminators
Hash 378ad419517a38625405ab180ccd9e74
7215097149c6629a26715ad85984ce24d78deb76
7e92c917be0e270b89fb7b54cc6ffdedf545068e9a524e7d9ea395dad8a7fc64
Analyzer Verdict Alert openphish Canada Post
fortinet Phishing
GET /static/image/google-play-badge-EN.svg HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/static/css/cpc-main.css
Cookie: AMCV_0C4E3704533345770A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C19388%7CvVersion%7C5.2.0; _gcl_au=1.1.2031797809.1675093879; s_vnc7=1675698678754%26vn%3D1; s_ivc=true; s_gpv_url=http%3A%2F%2Fca-psost-trackpost.info%2F
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:08 GMT
Content-Type: image/svg+xml
Content-Length: 4936
Last-Modified: Fri, 07 Oct 2022 03:48:46 GMT
Connection: keep-alive
ETag: "633fa19e-1348"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
ca-psost-trackpost.info/static/image/apple-store-badge-EN.svg
149.28.209.72200 OK 7.4 kB URL HTTP/1.1 ca-psost-trackpost.info/static/image/apple-store-badge-EN.svg
IP 149.28.209.72:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (7420), with no line terminators
Hash db33f06302f2e759f2374f1d00ff6bc0
d690feddf13bc8ebebde3d137a4c2aa4ad1697d5
9f30ad135b3579a3187827694269a9c24075e51e4671992cadfe74e8ebc4a436
Analyzer Verdict Alert openphish Canada Post
fortinet Phishing
GET /static/image/apple-store-badge-EN.svg HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/static/css/cpc-main.css
Cookie: AMCV_0C4E3704533345770A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C19388%7CvVersion%7C5.2.0; _gcl_au=1.1.2031797809.1675093879; s_vnc7=1675698678754%26vn%3D1; s_ivc=true; s_gpv_url=http%3A%2F%2Fca-psost-trackpost.info%2F
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:08 GMT
Content-Type: image/svg+xml
Content-Length: 7420
Last-Modified: Fri, 07 Oct 2022 03:48:45 GMT
Connection: keep-alive
ETag: "633fa19d-1cfc"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
ca-psost-trackpost.info/static/image/feedback.svg
149.28.209.72200 OK 724 B URL HTTP/1.1 ca-psost-trackpost.info/static/image/feedback.svg
IP 149.28.209.72:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (724), with no line terminators
Hash a56b96fb3ea0b8699b84605f3a502963
7b4a96e43604b02571eeed372aa4febf6ae8d756
acf56f4833ccd8789f66864deae46f9a6efb8625f15b9e5996a00e5634f094e1
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /static/image/feedback.svg HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/static/css/cpc-main.css
Cookie: AMCV_0C4E3704533345770A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C19388%7CvVersion%7C5.2.0; _gcl_au=1.1.2031797809.1675093879; s_vnc7=1675698678754%26vn%3D1; s_ivc=true; s_gpv_url=http%3A%2F%2Fca-psost-trackpost.info%2F
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:08 GMT
Content-Type: image/svg+xml
Content-Length: 724
Last-Modified: Fri, 07 Oct 2022 03:48:48 GMT
Connection: keep-alive
ETag: "633fa1a0-2d4"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
ziqicvv145.top/click/addClick?ip=91.90.42.154
149.28.206.39200 OK 0 B URL HTTP/2 ziqicvv145.top/click/addClick?ip=91.90.42.154
IP 149.28.206.39:0
Analyzer Verdict Alert quad9 Sinkholed
GET /click/addClick?ip=91.90.42.154 HTTP/1.1
Host: ziqicvv145.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
sink: CPC2
sinks: 2
ip: 91.90.42.154
Origin: http://ca-psost-trackpost.info
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 15:51:07 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, DELETE
access-control-max-age: 3600
access-control-allow-headers: *
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-cache: MISS
X-Firefox-Spdy: h2
ca-psost-trackpost.info/static/image/dog-bite_blog_card_1152x840v2.jpg
149.28.209.72200 OK 0 B URL HTTP/1.1 ca-psost-trackpost.info/static/image/dog-bite_blog_card_1152x840v2.jpg
IP 149.28.209.72:0
Analyzer Verdict Alert openphish Canada Post
GET /static/image/dog-bite_blog_card_1152x840v2.jpg HTTP/1.1
Host: ca-psost-trackpost.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ca-psost-trackpost.info/
Cookie: AMCV_0C4E3704533345770A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C19388%7CvVersion%7C5.2.0; _gcl_au=1.1.2031797809.1675093879; s_vnc7=1675698678754%26vn%3D1; s_ivc=true; s_gpv_url=http%3A%2F%2Fca-psost-trackpost.info%2F
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 15:51:07 GMT
Content-Type: image/jpeg
Content-Length: 243414
Last-Modified: Fri, 07 Oct 2022 03:48:36 GMT
Connection: keep-alive
ETag: "633fa194-3b6d6"
Expires: Wed, 01 Mar 2023 15:51:07 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes