Overview

URL world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay
IP63.250.43.133
ASNNAMECHEAP-NET
Location United States
Report completed2022-09-24 04:25:25 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/ Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/lib/j (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/lib/j (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/lib/j (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/lib/j (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/lib/j (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/lib/j (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/lib/j (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/lib/j (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/shop/mc/assets/images/a (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
2022-09-24 2 world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/index (...) Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (23)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS world-wide-packaging-bbecfc.ingress-erytho.ewp.live (125) 0 2022-09-24 03:35:03 UTC 2022-09-24 03:35:03 UTC 63.250.43.132 Unknown ranking
mnemonic passive DNS www.facebook.com (1) 99 2017-01-30 05:00:00 UTC 2022-09-23 04:33:34 UTC 157.240.200.35
mnemonic passive DNS store.canadapost-postescanada.ca (1) 0 2021-09-01 19:27:08 UTC 2022-09-14 19:35:01 UTC 23.36.79.8 Domain (canadapost-postescanada.ca) ranked at: 45897
mnemonic passive DNS zn0xleir6swszany9-canadapostdigital.siteintercept.qualtrics.com (2) 212644 2017-09-11 16:18:57 UTC 2022-09-21 20:56:52 UTC 104.17.209.240
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-23 19:49:02 UTC 18.164.68.8
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-24 04:06:14 UTC 108.156.28.95
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-23 04:33:41 UTC 34.117.237.239
mnemonic passive DNS ocsp.sectigo.com (1) 487 2018-12-17 11:31:55 UTC 2022-09-23 22:41:40 UTC 104.18.32.68
mnemonic passive DNS world-wide-packaging-bbecfc.ingress-erytho.ewp.live (125) 0 2022-09-24 03:35:03 UTC 2022-09-24 03:35:03 UTC 63.250.43.133 Unknown ranking
mnemonic passive DNS ocsp.digicert.com (5) 86 2012-05-21 07:02:23 UTC 2022-09-24 04:16:00 UTC 93.184.220.29
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-23 12:37:00 UTC 34.120.237.76
mnemonic passive DNS connect.facebook.net (1) 139 2012-05-22 02:51:28 UTC 2022-09-23 04:34:37 UTC 157.240.200.14
mnemonic passive DNS sb.scorecardresearch.com (2) 134 2021-05-09 05:03:40 UTC 2022-09-23 23:10:34 UTC 18.165.201.5
mnemonic passive DNS r3.o.lencr.org (5) 344 2020-12-02 08:52:13 UTC 2022-09-23 04:34:39 UTC 23.36.76.226
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-23 05:02:25 UTC 54.191.251.76
mnemonic passive DNS ocsp.pki.goog (5) 175 2017-06-14 07:23:31 UTC 2022-09-23 04:33:33 UTC 142.250.74.3
mnemonic passive DNS fonts.gstatic.com (3) 0 2014-08-29 13:43:22 UTC 2022-09-23 04:33:31 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS static.ads-twitter.com (1) 614 2017-01-30 05:00:15 UTC 2022-09-23 04:35:17 UTC 151.101.84.157
mnemonic passive DNS siteintercept.qualtrics.com (3) 1163 2012-05-22 04:24:46 UTC 2022-09-23 18:55:02 UTC 104.17.209.240
mnemonic passive DNS fonts.googleapis.com (2) 8877 2013-06-10 20:14:26 UTC 2022-09-24 00:11:40 UTC 216.58.211.10
mnemonic passive DNS www.canadapost.ca (6) 97903 2017-01-30 14:40:43 UTC 2022-09-24 01:38:03 UTC 23.61.214.200
mnemonic passive DNS www.canadapost-postescanada.ca (8) 98149 2018-06-13 15:18:28 UTC 2022-09-21 20:56:48 UTC 23.61.214.200
mnemonic passive DNS analytics.twitter.com (1) 526 2013-04-10 19:53:18 UTC 2022-09-23 04:35:17 UTC 104.244.42.131


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 63.250.43.133

Date UQ / IDS / BL URL IP
2022-12-01 12:44:44 +0000
0 - 0 - 1 internationalvcc.com/ 63.250.43.133
2022-11-22 05:15:02 +0000
7 - 0 - 4 womenandtechalbania.org/wp-admin/login/BOA/pe (...) 63.250.43.133
2022-11-21 22:14:08 +0000
0 - 0 - 7 womenandtechalbania.org/ 63.250.43.133
2022-11-21 21:35:26 +0000
8 - 0 - 0 womenandtechalbania.org/wp-admin/login/BOA 63.250.43.133
2022-11-09 07:41:20 +0000
0 - 0 - 3 salaya-bfc007.ingress-erytho.ewp.live/sant/cl (...) 63.250.43.133

Last 5 reports on ASN: NAMECHEAP-NET

Date UQ / IDS / BL URL IP
2022-12-02 18:34:57 +0000
0 - 0 - 3 coinbase.com.wallet.meezanent.com/ 198.54.126.16
2022-12-02 18:26:29 +0000
0 - 0 - 2 freenhlstream.com/boston-bruins-live-streams/ 68.65.120.249
2022-12-02 18:00:55 +0000
0 - 0 - 2 shilohdesignhouse.com/o/rebrand/boxMrenewal.php 162.213.251.222
2022-12-02 17:57:48 +0000
0 - 0 - 1 www.healthpartnersmail.com/ 198.54.117.215
2022-12-02 17:21:11 +0000
0 - 0 - 2 greencourier.net/zool/11/11/gstinedoc/index.php 162.213.253.54

Last 5 reports on domain: ewp.live

Date UQ / IDS / BL URL IP
2022-11-28 01:26:12 +0000
0 - 0 - 5 netflix-c16e15.ingress-baronn.ewp.live/home/n (...) 63.250.43.10
2022-11-21 06:42:43 +0000
0 - 0 - 2 uty-c09271.ingress-erytho.ewp.live/wpschool/g (...) 63.250.43.132
2022-11-21 02:37:03 +0000
0 - 0 - 2 uty-c09271.ingress-erytho.ewp.live/wpschool/g (...) 63.250.43.132
2022-11-17 15:37:39 +0000
1 - 0 - 0 6b58-160-177-4-23770esf-c06bcb.ingress-daribo (...) 63.250.43.14
2022-11-10 15:45:31 +0000
0 - 0 - 58 spencer-ecom-bbc16d.ingress-florina.ewp.live/ 63.250.43.137

Last 4 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-12-02 04:08:16 +0000
0 - 0 - 68 kdmh.live/web/ 192.151.157.182
2022-12-01 18:13:05 +0000
17 - 0 - 0 scoalabarnutiubm.ro/web111z/ 91.216.156.120
2022-11-21 18:33:19 +0000
0 - 0 - 80 madeirasemsaopaulo.com.br/vweb3/ 177.55.111.8
2022-11-02 13:44:56 +0000
0 - 0 - 2 vk.sv/7r90qE 104.21.29.24


JavaScript

Executed Scripts (42)


Executed Evals (2)

#1 JavaScript::Eval (size: 42, repeated: 1) - SHA256: ce71e5a42d1474f6f0ff23fd2fb7b3da4de9ba34f5acf44208b5b2d3d4b6e037

                                        Math.round(Math.random() * (100 - 1) + 1);
                                    

#2 JavaScript::Eval (size: 6, repeated: 1) - SHA256: 44ff7b02c80d38b26dd6aa31d9470aed81b32e10331a3c994fb1a9945fd847ba

                                        window
                                    

Executed Writes (0)



HTTP Transactions (183)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         18.164.68.8
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 24 Sep 2022 04:05:33 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 e07eaca13d23fcce8009fc507befcefa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P4
X-Amz-Cf-Id: qJJhSiSJ_SLrTX-fbGMpOfTXwBOsdTsNefxluYHkKGf8ZhnALDGfYQ==
Age: 1181


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4866
Expires: Sat, 24 Sep 2022 05:46:20 GMT
Date: Sat, 24 Sep 2022 04:25:14 GMT
Connection: keep-alive

                                        
                                            GET /canada/canada/pay HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         63.250.43.132
HTTP/1.1 301 Moved Permanently
                                        
content-length: 0
location: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         108.156.28.95
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 24 Sep 2022 04:13:03 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 17a77a72dc1e9981253a822e540e37c2.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: s1ZSFprf7liJ8ipPhSqHQI4p06a0earHfntERhODf-daOhogeGkWzw==
age: 731
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sat, 24 Sep 2022 04:25:14 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 24 Sep 2022 04:25:15 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 09:28:15 GMT
Expires: Thu, 29 Sep 2022 09:28:14 GMT
Etag: "53ceebe61fbd0c12755defd2798e90ba373f628f"
Cache-Control: max-age=449578,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74f8c14d3e451c0a-OSL

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         18.164.68.8
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Expires, Alert, Content-Length, ETag, Cache-Control, Content-Type, Backoff, Pragma, Last-Modified
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Sat, 24 Sep 2022 04:20:46 GMT
Expires: Sat, 24 Sep 2022 04:41:22 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 bb21de87e304f4ab90cafcf782a8548e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P4
X-Amz-Cf-Id: S3ZuJKuxxUcGWPsM_gv0qfDOTsgGlrmU57gqR-MoybXDUSCdDAAEdQ==
Age: 269


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /canada/canada/pay HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         63.250.43.133
HTTP/2 301 Moved Permanently
content-type: text/html
                                        
server: nginx
date: Sat, 24 Sep 2022 04:25:15 GMT
content-length: 162
location: http://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: public
referrer-policy: strict-origin-when-cross-origin
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   162
Md5:    4f8e702cc244ec5d4de32740c0ecbd97
Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff
Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2836
Cache-Control: 'max-age=158059'
Date: Sat, 24 Sep 2022 04:25:15 GMT
Last-Modified: Sat, 24 Sep 2022 03:37:59 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /canada/canada/pay/ HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Sat, 24 Sep 2022 02:20:58 GMT
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, public
pragma: no-cache
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
content-encoding: gzip
x-cacheable: YES
age: 7457
x-cache: HIT
accept-ranges: bytes
content-length: 33762
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3471)
Size:   33762
Md5:    7c5c2ffce0a2af09c0ebbccee7676d5c
Sha1:   2911c9d12753352b05134505e2958cf0dc2f5da3
Sha256: 90edf7cbbb836c59d8607330ccacc1118d9f5594b749b4b649391a839a658985

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: xHk6Axy1fvTua9cnWEL27g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         54.191.251.76
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: RB5OBLEPdk8vR8hUFrKZ2Sr/EGs=

                                        
                                            GET /canada/canada/pay/index_files/beacon.js HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 404 Not Found
content-type: text/html
                                        
server: nginx
date: Sat, 24 Sep 2022 04:25:15 GMT
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/index_files/f.txt HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 200 OK
content-type: text/plain
                                        
server: nginx
date: Sat, 24 Sep 2022 02:32:17 GMT
last-modified: Tue, 20 Sep 2022 12:37:09 GMT
etag: "6329b3f5-8dce"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: public
referrer-policy: strict-origin-when-cross-origin
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 6778
x-cache: HIT
accept-ranges: bytes
content-length: 13816
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2427)
Size:   13816
Md5:    8e81199f620e75255158dd4d3771b745
Sha1:   e1c7c12395524eea0210621161e92f7ad86d533d
Sha256: 203856cbf142570c4605c476f20585a3cf9930bef9bfcac3d2b3bc2736fd8683

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/index_files/gpt.js HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 404 Not Found
content-type: text/html
                                        
server: nginx
date: Sat, 24 Sep 2022 04:25:15 GMT
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/index_files/insight.min.js HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 404 Not Found
content-type: text/html
                                        
server: nginx
date: Sat, 24 Sep 2022 04:25:15 GMT
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/index_files/uwt.js HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 404 Not Found
content-type: text/html
                                        
server: nginx
date: Sat, 24 Sep 2022 04:25:15 GMT
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/index_files/fbevents.js HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 404 Not Found
content-type: text/html
                                        
server: nginx
date: Sat, 24 Sep 2022 04:25:15 GMT
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/index_files/satelliteLib-f2fc6f00da802a0747b6ffed3c12e3931bfca496.js HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 404 Not Found
content-type: text/html
                                        
server: nginx
date: Sat, 24 Sep 2022 04:25:15 GMT
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/index_files/EX69ea3e2d8d9a41d99a46ba219e259885-libraryCode_source.min.js HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 404 Not Found
content-type: text/html
                                        
server: nginx
date: Sat, 24 Sep 2022 04:25:15 GMT
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/lib/js/jquery.mask.min.js HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sat, 24 Sep 2022 02:32:15 GMT
last-modified: Tue, 20 Sep 2022 12:37:09 GMT
etag: "6329b3f5-1ff9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 6780
x-cache: HIT
accept-ranges: bytes
content-length: 3396
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (537)
Size:   3396
Md5:    8547eabc1f5752bb1c044f959ef003b6
Sha1:   3c4c3ce4b5a9b8de4497439ae8fca0917295a17e
Sha256: 15c35c478d115193f12a177b7499b9d834ad7407887cd01477f42d9adcfe5b68

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/lib/js/Acc_Carding.js HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sat, 24 Sep 2022 02:32:15 GMT
last-modified: Tue, 20 Sep 2022 12:37:09 GMT
etag: "6329b3f5-5b8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 6780
x-cache: HIT
accept-ranges: bytes
content-length: 387
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   387
Md5:    13a8a306385616a1605823c111c4eebc
Sha1:   55d44c16204f4dcc7bc759caff27fae067321cf9
Sha256: e6dc3dab09b719d9f0aab457f413487ffaba957681e14b89079658603745c2ce

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/lib/js/jquery-latest.min.js HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sat, 24 Sep 2022 02:32:15 GMT
last-modified: Tue, 20 Sep 2022 12:37:09 GMT
etag: "6329b3f5-1762a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 6780
x-cache: HIT
accept-ranges: bytes
content-length: 33266
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32086)
Size:   33266
Md5:    ece879ee496f4d73786b4f086d20495b
Sha1:   f0dddf54755394aceb56dc377ab5879015b1b92f
Sha256: 56c5badd7be6180bd27a9a542803f82fe4a4d589b96253add8f187be20117997

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/index_files/slick_slider.css HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Sat, 24 Sep 2022 04:09:29 GMT
last-modified: Tue, 20 Sep 2022 12:37:09 GMT
etag: "6329b3f5-262f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 946
x-cache: HIT
accept-ranges: bytes
content-length: 2293
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   2293
Md5:    85f9876c1643e96ee91286f849b91dac
Sha1:   e81981ae1eb20a496b2c41a825cd3c4a34420d48
Sha256: e57e82f62cd96a6a41029cf102a2549964956e822dc8ce91b94d546e01a42a51
                                        
                                            GET /canada/canada/pay/lib/js/phone.js HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sat, 24 Sep 2022 02:32:15 GMT
last-modified: Tue, 20 Sep 2022 12:37:09 GMT
etag: "6329b3f5-574"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 6780
x-cache: HIT
accept-ranges: bytes
content-length: 377
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   377
Md5:    a6d1a95e834543b7dc5db69d869e37fe
Sha1:   0d8d4a3830dba0f66aaf4d72e16749ec03b1e750
Sha256: 2a41e3e9b1e82d139c8791b920532669b155520c752ec21e5846c304c62b5eab

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/lib/js/dob.js HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sat, 24 Sep 2022 02:32:15 GMT
last-modified: Tue, 20 Sep 2022 12:37:09 GMT
etag: "6329b3f5-56c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 6780
x-cache: HIT
accept-ranges: bytes
content-length: 370
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   370
Md5:    7bdacee289d69e4605d9a3671b755d97
Sha1:   d6bf16bba570fafdbb645e0f867d6d3315e8f0d4
Sha256: 08521d66e699299bdb85e5701bf16277b9984044fcdb6669844f2743f1dcdc36

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/index_files/jquery-ui.min.css HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Sat, 24 Sep 2022 04:09:29 GMT
last-modified: Tue, 20 Sep 2022 12:37:09 GMT
etag: "6329b3f5-7d4c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 946
x-cache: HIT
accept-ranges: bytes
content-length: 7893
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (29137)
Size:   7893
Md5:    a7a37c49042bf950acd06f3e104ab28e
Sha1:   71ac865f4da5e00971f2cb8d0b263c3d12cbf586
Sha256: 89d6827d5ab2493a87f0c1077115b387618ea9c5a6abb457f006ab2fab0cb4e1
                                        
                                            GET /canada/canada/pay/index_files/storeEcommerce.css HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Sat, 24 Sep 2022 04:09:29 GMT
last-modified: Tue, 20 Sep 2022 12:37:09 GMT
etag: "6329b3f5-208d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 945
x-cache: HIT
accept-ranges: bytes
content-length: 2206
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   2206
Md5:    7617ddc3189301a6104312ced62b6194
Sha1:   6c810a70e93b24bc5f1c0b9ce8198708a5c09ca5
Sha256: db5cdfdc9911f7f4e44d64e62b137a2cf9d6197c387046138498a3134b4dc444
                                        
                                            GET /canada/canada/pay/index_files/tony.css HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Sat, 24 Sep 2022 04:09:29 GMT
last-modified: Tue, 20 Sep 2022 12:37:09 GMT
etag: "6329b3f5-9be9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 946
x-cache: HIT
accept-ranges: bytes
content-length: 6942
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (546), with CRLF line terminators
Size:   6942
Md5:    751a99db5f800a506cd924fa13ad6b0e
Sha1:   6b96912e663ae8e40d405dfebc409533ae402e22
Sha256: 99f0ecf7eeaa3b569fa940d6d7834bd7630690e7115bbe41f2c2dc05c7ccf5be
                                        
                                            GET /canada/canada/pay/index_files/f(1).txt HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 200 OK
content-type: text/plain
                                        
server: nginx
date: Sat, 24 Sep 2022 02:32:15 GMT
last-modified: Tue, 20 Sep 2022 12:37:09 GMT
etag: "6329b3f5-a18"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: public
referrer-policy: strict-origin-when-cross-origin
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 6780
x-cache: HIT
accept-ranges: bytes
content-length: 1101
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2584), with no line terminators
Size:   1101
Md5:    cad6eff00d044ddb82b45b3526f3c068
Sha1:   1fcd168ee26831459ede26df22ce4ccf804f02de
Sha256: 44e641442e5bb70cdb8b2e6d245c7af8ce942e4e92a5790020c0d36fa3d86ffc

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/index_files/foundation.min.css HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Sat, 24 Sep 2022 04:09:29 GMT
last-modified: Tue, 20 Sep 2022 12:37:09 GMT
etag: "6329b3f5-25edf"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 946
x-cache: HIT
accept-ranges: bytes
content-length: 19629
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   19629
Md5:    52147e2aa7f5f0b23f3f70fe41d491a1
Sha1:   73c8ef8f3febb5395ff1a58d18fad1b672bee7f4
Sha256: a178a7b91f963acc7b96b680269f41deb1e9de79659d02827b13da64fb0cdc55
                                        
                                            GET /canada/canada/pay/index_files/aaron.css HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Sat, 24 Sep 2022 04:09:29 GMT
last-modified: Tue, 20 Sep 2022 12:37:09 GMT
etag: "6329b3f5-91a1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 946
x-cache: HIT
accept-ranges: bytes
content-length: 7671
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (561), with CRLF line terminators
Size:   7671
Md5:    86cf256c21654f0f2475d65d8692b207
Sha1:   f398c96177051f6b63a2b82f223b5fa802183cdb
Sha256: 62040afd40c1570f8cdf610f749a2315df5dd8530fc2ac37174cd1bf1d886eab
                                        
                                            GET /canada/canada/pay/index_files/michael.css HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Sat, 24 Sep 2022 04:09:29 GMT
last-modified: Tue, 20 Sep 2022 12:37:09 GMT
etag: "6329b3f5-a1d7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 946
x-cache: HIT
accept-ranges: bytes
content-length: 7424
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (404), with CRLF line terminators
Size:   7424
Md5:    dd7e054179470d70c6117f7bee98a963
Sha1:   9e75b9b2198a59aba2b0539e9f67314a98da32ad
Sha256: 5690a75f1978802549b0b317301c0952a1d0a755558d103c03056b6e88099505
                                        
                                            GET /canada/canada/pay/index_files/2012_eCommerce.css HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Sat, 24 Sep 2022 04:09:29 GMT
last-modified: Tue, 20 Sep 2022 12:37:09 GMT
etag: "6329b3f5-bce2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 945
x-cache: HIT
accept-ranges: bytes
content-length: 8870
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   8870
Md5:    6d323fbee7d0231e340c1173c2615f7d
Sha1:   c6eced8e2af2c58cf93a2ffe738575e81a8191e7
Sha256: 9e580d790e4af614db1c3e4d6281f79c5d45c267f3a64e93c35117c298c38758
                                        
                                            GET /canada/canada/pay/index_files/jquery.autocomplete.css HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Sat, 24 Sep 2022 04:09:29 GMT
last-modified: Tue, 20 Sep 2022 12:37:09 GMT
etag: "6329b3f5-355"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 946
x-cache: HIT
accept-ranges: bytes
content-length: 442
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   442
Md5:    ccc7b222999c58c4de3613b659ce35e2
Sha1:   2f0b468deb584675b529dd610ab0981d8679da18
Sha256: 6b7aaa230eae81697aff34caa6f8930473f7a0f5d7773670d738ed7a9f5329f8
                                        
                                            GET /canada/canada/pay/index_files/f(2).txt HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 200 OK
content-type: text/plain
                                        
server: nginx
date: Sat, 24 Sep 2022 02:32:15 GMT
last-modified: Tue, 20 Sep 2022 12:37:09 GMT
etag: "6329b3f5-b2a"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: public
referrer-policy: strict-origin-when-cross-origin
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 6780
x-cache: HIT
accept-ranges: bytes
content-length: 1161
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2858), with no line terminators
Size:   1161
Md5:    99ebd46f8aa935b50e7dc76a7abaa186
Sha1:   23085b76709963128c9b639d5fbba391c25535b6
Sha256: ed4b4bc7ea8892971451c45e42be3978369b5ace11fd7d8ab594dc3dd42f2ad4

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/index_files/jquery.smartbanner.css HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Sat, 24 Sep 2022 04:09:29 GMT
last-modified: Tue, 20 Sep 2022 12:37:09 GMT
etag: "6329b3f5-16c6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 945
x-cache: HIT
accept-ranges: bytes
content-length: 1491
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (496)
Size:   1491
Md5:    df60f78762113d8765df53ee5e87f563
Sha1:   86acfb534c52cb886ecc05ea4e4d65b901d2f48e
Sha256: 7d782edc8bb59c4ec510cc48aaa27c06e4481de35a85a8656e333b6d40d83f38
                                        
                                            GET /canada/canada/pay/index_files/kirk.css HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Sat, 24 Sep 2022 04:09:29 GMT
last-modified: Tue, 20 Sep 2022 12:37:09 GMT
etag: "6329b3f5-2e53"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 946
x-cache: HIT
accept-ranges: bytes
content-length: 2777
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   2777
Md5:    27911bf1b9672c42c03abf40aafccd84
Sha1:   6272393ed51edd9c0e4e83c74d0cd45266108314
Sha256: 7ed34b85029ef5de0598278b146fc8a6abc218419c432ed07b0365add7b4b894
                                        
                                            GET /canada/canada/pay/index_files/responsive.css HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Sat, 24 Sep 2022 04:09:29 GMT
last-modified: Tue, 20 Sep 2022 12:37:09 GMT
etag: "6329b3f5-1a01b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 946
x-cache: HIT
accept-ranges: bytes
content-length: 20089
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (449), with CRLF line terminators
Size:   20089
Md5:    dce6ffdd34b557fd9a83b4816bbfec79
Sha1:   6c07182cc379ceebf28a715fd18c5000d2b9c55f
Sha256: b99d97d42325ac60ac6a1bec3330a5077f224208f8e53163d41e2ddf0363c52b
                                        
                                            GET /canada/canada/pay/index_files/cwc.css HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Sat, 24 Sep 2022 04:09:29 GMT
last-modified: Tue, 20 Sep 2022 12:37:09 GMT
etag: "6329b3f5-2fdaf"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 946
x-cache: HIT
accept-ranges: bytes
content-length: 21089
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   21089
Md5:    7e2a15a05447a8494142e129b5d9f3e7
Sha1:   aa0200b2478f608f00bcb473d4c96d43b02c6a8f
Sha256: 29521ff4e7022a899aecdf4e08153676821fb12137398e0f51c287b501e7023d
                                        
                                            GET /canada/canada/pay/index_files/extendstyles.css HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Sat, 24 Sep 2022 04:09:29 GMT
last-modified: Tue, 20 Sep 2022 12:37:09 GMT
etag: "6329b3f5-17d9d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 946
x-cache: HIT
accept-ranges: bytes
content-length: 18107
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (612), with CRLF line terminators
Size:   18107
Md5:    48dcc428ee700988ee55108050fcf121
Sha1:   3fd910f0b236bcbbf054f5c1b81df86091fd5aa0
Sha256: a5534369da99aebc2980c6821d33bc1fd42005f494ec75fb9dd99643ee0d8676
                                        
                                            GET /canada/canada/pay/index_files/cpc-main-logo.svg HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 200 OK
content-type: image/svg+xml
                                        
server: nginx
date: Sat, 24 Sep 2022 04:09:38 GMT
last-modified: Tue, 20 Sep 2022 12:37:09 GMT
etag: "6329b3f5-3037"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 937
x-cache: HIT
accept-ranges: bytes
content-length: 3967
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (730)
Size:   3967
Md5:    12cd337ffc1a27783d2295beeb1240fa
Sha1:   74b7b68a7d4975eb450774fe5469b27b78b4ddab
Sha256: b89c5bfd215ca86e078a99847e554c27cfa423c1d2265e20476a049f94ade9a1

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/index_files/vpo.css HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Sat, 24 Sep 2022 04:09:29 GMT
last-modified: Tue, 20 Sep 2022 12:37:09 GMT
etag: "6329b3f5-a844"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 946
x-cache: HIT
accept-ranges: bytes
content-length: 9142
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (303), with CRLF line terminators
Size:   9142
Md5:    eeaea5c7b6d4afab5bee5b474340911f
Sha1:   30006d2c68749f7b9ac932238aaabdbb7a9bba46
Sha256: c268a680048dd614208be3d9dddfbfbe4fc0f1aaa29e871cf13a47bb871dee76
                                        
                                            GET /canada/canada/pay/index_files/css HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 200 OK
content-type: application/octet-stream
                                        
server: nginx
date: Sat, 24 Sep 2022 04:09:29 GMT
last-modified: Tue, 20 Sep 2022 12:37:09 GMT
etag: "6329b3f5-5e9a"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: public
referrer-policy: strict-origin-when-cross-origin
content-length: 24218
x-cacheable: YES
age: 945
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   24218
Md5:    71ab2d5dc2029112dffc9834eafcc599
Sha1:   5d3dc067095459a2ace31b10cc6cb343aca44577
Sha256: 7742176d36a9ea889f4db0a843e62f522ba690a8d514e91dd5aa09eccf7340ce

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/index_files/cwc.js HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 404 Not Found
content-type: text/html
                                        
server: nginx
date: Sat, 24 Sep 2022 04:25:15 GMT
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/index_files/app.js HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 404 Not Found
content-type: text/html
                                        
server: nginx
date: Sat, 24 Sep 2022 04:25:15 GMT
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/index_files/jquery.js HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 404 Not Found
content-type: text/html
                                        
server: nginx
date: Sat, 24 Sep 2022 04:25:15 GMT
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/index_files/pubads_impl_2021040101.js HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 404 Not Found
content-type: text/html
                                        
server: nginx
date: Sat, 24 Sep 2022 04:25:15 GMT
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/index_files/jquery.smartbanner.js HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 404 Not Found
content-type: text/html
                                        
server: nginx
date: Sat, 24 Sep 2022 04:25:15 GMT
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/index_files/14.8f875927fce05bedfe11.chunk.js HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 404 Not Found
content-type: text/html
                                        
server: nginx
date: Sat, 24 Sep 2022 04:25:15 GMT
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/index_files/chat-common.js HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 404 Not Found
content-type: text/html
                                        
server: nginx
date: Sat, 24 Sep 2022 04:25:15 GMT
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/index_files/google-dfp.js HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 404 Not Found
content-type: text/html
                                        
server: nginx
date: Sat, 24 Sep 2022 04:25:15 GMT
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/index_files/1.5159a7a0ba1fcaed8917.chunk.js HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 404 Not Found
content-type: text/html
                                        
server: nginx
date: Sat, 24 Sep 2022 04:25:15 GMT
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/index_files/selector.js HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 404 Not Found
content-type: text/html
                                        
server: nginx
date: Sat, 24 Sep 2022 04:25:15 GMT
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/index_files/search_autocomplete.js HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 404 Not Found
content-type: text/html
                                        
server: nginx
date: Sat, 24 Sep 2022 04:25:15 GMT
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/index_files/function.js HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 404 Not Found
content-type: text/html
                                        
server: nginx
date: Sat, 24 Sep 2022 04:25:15 GMT
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/index_files/cpo.js HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 404 Not Found
content-type: text/html
                                        
server: nginx
date: Sat, 24 Sep 2022 04:25:15 GMT
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/index_files/jquery-cookie.js HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 404 Not Found
content-type: text/html
                                        
server: nginx
date: Sat, 24 Sep 2022 04:25:15 GMT
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/lib/js/txt-crypt.js HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 404 Not Found
content-type: text/html
                                        
server: nginx
date: Sat, 24 Sep 2022 04:25:15 GMT
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/index_files/jquery-ui.min.js HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 404 Not Found
content-type: text/html
                                        
server: nginx
date: Sat, 24 Sep 2022 04:25:15 GMT
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/index_files/jCarousel.min.js HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 404 Not Found
content-type: text/html
                                        
server: nginx
date: Sat, 24 Sep 2022 04:25:15 GMT
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/index_files/RCf1b64ddc47d04c2ba552708d0de25b3b-source.min.js HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 404 Not Found
content-type: text/html
                                        
server: nginx
date: Sat, 24 Sep 2022 04:25:15 GMT
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/index_files/modernizr.js HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 404 Not Found
content-type: text/html
                                        
server: nginx
date: Sat, 24 Sep 2022 04:25:15 GMT
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/lib/js/zip.js HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 404 Not Found
content-type: text/html
                                        
server: nginx
date: Sat, 24 Sep 2022 04:25:15 GMT
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/index_files/cpc-logo.svg HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 200 OK
content-type: image/svg+xml
                                        
server: nginx
date: Sat, 24 Sep 2022 04:09:43 GMT
last-modified: Tue, 20 Sep 2022 12:37:09 GMT
etag: "6329b3f5-3aa"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 932
x-cache: HIT
accept-ranges: bytes
content-length: 598
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Size:   598
Md5:    57b16e2e1cac8e487cb924f2f61d4b7b
Sha1:   08c3547f5480c8e0e8c0f3492184d258f7ba7fd3
Sha256: c43b1b2baa163df01dbabaabedc843a7fde676b1f74eedacb10caa30053b1e19

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/index_files/search.svg HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 200 OK
content-type: image/svg+xml
                                        
server: nginx
date: Sat, 24 Sep 2022 04:09:44 GMT
last-modified: Tue, 20 Sep 2022 12:37:09 GMT
etag: "6329b3f5-140"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 931
x-cache: HIT
accept-ranges: bytes
content-length: 218
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (320), with no line terminators
Size:   218
Md5:    fb6dd2c30b85c7fc024bee4011a1eb5a
Sha1:   1bab1d1ccbaa99a29a105a4f6c182e73f88822b6
Sha256: 9529f8d89767d01d28a89249859cfa96063ec2048a2410a64009379a7dbee4ce

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/index_files/jsf.js HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 404 Not Found
content-type: text/html
                                        
server: nginx
date: Sat, 24 Sep 2022 04:25:15 GMT
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/img/VISA.png HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Sat, 24 Sep 2022 04:09:44 GMT
last-modified: Tue, 20 Sep 2022 12:37:09 GMT
etag: "6329b3f5-a28"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-length: 2600
x-cacheable: YES
age: 931
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 76 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size:   2600
Md5:    725caa991a29101f5da78da2fc1e1e63
Sha1:   cf4f10dfd71289c43273496120b79ef01a437d19
Sha256: ef844111dee838dc5c8d388a96108379b2c97ced776fc95b2fa32b28f7ef6bde
                                        
                                            GET /canada/canada/pay/img/MasterCard.png HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Sat, 24 Sep 2022 04:09:44 GMT
last-modified: Tue, 20 Sep 2022 12:37:09 GMT
etag: "6329b3f5-81d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-length: 2077
x-cacheable: YES
age: 931
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 76 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size:   2077
Md5:    b2702b4b6944f05e00e7a9065c9d071b
Sha1:   a40d684e4e7e4cb085c37bd942874a3d60f719b5
Sha256: 8c4f22dc313ee84b9c84d4295b3593584159ab23c8a1f095b366aff8ca05f196
                                        
                                            GET /canada/canada/pay/img/AmEx.png HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Sat, 24 Sep 2022 04:09:44 GMT
last-modified: Tue, 20 Sep 2022 12:37:09 GMT
etag: "6329b3f5-4ed"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-length: 1261
x-cacheable: YES
age: 931
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 76 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size:   1261
Md5:    801b445314b9ff68a391c117d99619ed
Sha1:   7fa0bdd998a1edae990a6797cc023a304f05088d
Sha256: be9293395bb536020f4052e431a51639c3c9256ddb3e16f2820f0ad90d43fb9e
                                        
                                            GET /canada/canada/pay/img/CVV_icon.png HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Sat, 24 Sep 2022 04:09:44 GMT
last-modified: Tue, 20 Sep 2022 12:37:09 GMT
etag: "6329b3f5-121d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-length: 4637
x-cacheable: YES
age: 931
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 125 x 90, 8-bit/color RGBA, non-interlaced\012- data
Size:   4637
Md5:    6c1a7798f28815cbb8c4c8918e36080a
Sha1:   c475698985de9dbd65b56f389dce8eac58b4b000
Sha256: 107c0d3bba74e80c13517241c8c0dc093459f0c56a7f998eb53feaa0aa811200
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 24 Sep 2022 04:25:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /canada/canada/pay/index_files/gov-canada-logo.svg HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 200 OK
content-type: image/svg+xml
                                        
server: nginx
date: Sat, 24 Sep 2022 04:09:44 GMT
last-modified: Tue, 20 Sep 2022 12:37:09 GMT
etag: "6329b3f5-37b3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 931
x-cache: HIT
accept-ranges: bytes
content-length: 5388
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2441)
Size:   5388
Md5:    f0e799120b180f97dc71515f7bb8564a
Sha1:   bbad25d1605f68572b76f11c37a1d462d8ef144d
Sha256: fb7b4fe5937fba5c8919cf990dd32572b713e1d6852dd8b9d82e8fc33161727b

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/index_files/foundation.min.js HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 404 Not Found
content-type: text/html
                                        
server: nginx
date: Sat, 24 Sep 2022 04:25:15 GMT
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/index_files/RightNow.Client.js HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 404 Not Found
content-type: text/html
                                        
server: nginx
date: Sat, 24 Sep 2022 04:25:15 GMT
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/index_files/foundation.equalizer.js HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 404 Not Found
content-type: text/html
                                        
server: nginx
date: Sat, 24 Sep 2022 04:25:15 GMT
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/index_files/saved_resource HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 200 OK
content-type: application/octet-stream
                                        
server: nginx
date: Sat, 24 Sep 2022 02:32:16 GMT
last-modified: Tue, 20 Sep 2022 12:37:09 GMT
etag: "6329b3f5-f025"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: public
referrer-policy: strict-origin-when-cross-origin
content-length: 61477
x-cacheable: YES
age: 6779
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (61038)
Size:   61477
Md5:    c113dd0d5e80ed67d5a62a54b7cf86dd
Sha1:   064306dcf59a114df2265e2caf298a113ffc86db
Sha256: 03fc69968cf2c297f3006f23bd13c7c3344af5a73a64ea16b37a21512b962a6b

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/index_files/saved_resource(1) HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 200 OK
content-type: application/octet-stream
                                        
server: nginx
date: Sat, 24 Sep 2022 02:32:16 GMT
last-modified: Tue, 20 Sep 2022 12:37:09 GMT
etag: "6329b3f5-f025"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: public
referrer-policy: strict-origin-when-cross-origin
content-length: 61477
x-cacheable: YES
age: 6779
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (61038)
Size:   61477
Md5:    c113dd0d5e80ed67d5a62a54b7cf86dd
Sha1:   064306dcf59a114df2265e2caf298a113ffc86db
Sha256: 03fc69968cf2c297f3006f23bd13c7c3344af5a73a64ea16b37a21512b962a6b

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/index_files/CoreModule.js HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 404 Not Found
content-type: text/html
                                        
server: nginx
date: Sat, 24 Sep 2022 04:25:15 GMT
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/index_files/UserDefinedHTMLModule.js HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 404 Not Found
content-type: text/html
                                        
server: nginx
date: Sat, 24 Sep 2022 04:25:15 GMT
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/index_files/ScreenCaptureModule.js HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 404 Not Found
content-type: text/html
                                        
server: nginx
date: Sat, 24 Sep 2022 04:25:15 GMT
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/index_files/building_preview.gif HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Sat, 24 Sep 2022 04:09:38 GMT
last-modified: Tue, 20 Sep 2022 12:37:09 GMT
etag: "6329b3f5-3030"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-length: 12336
x-cacheable: YES
age: 937
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 113 x 108\012- data
Size:   12336
Md5:    3c3ba37130de5fe15faf97c18908283e
Sha1:   c15b49cb09745a9939315132e18f2e40fa2ccf22
Sha256: 9096646da2177d5db92f79352509450582a376913bb5387557c1efd28d0c377b
                                        
                                            GET /canada/canada/pay/index_files/remove_screen_capture.png HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Sat, 24 Sep 2022 04:09:38 GMT
last-modified: Tue, 20 Sep 2022 12:37:09 GMT
etag: "6329b3f5-359"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-length: 857
x-cacheable: YES
age: 937
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 128 x 128, 8-bit gray+alpha, non-interlaced\012- data
Size:   857
Md5:    e4387ea5cc65d51d08a60765f46cbbcb
Sha1:   f8314def36b28e99c28cda0f4369e4786bf18ca4
Sha256: 37f7e4cae3c3a409193078169c5731a142552e04ca3bbb19c85e87432ce58afb
                                        
                                            GET /canada/canada/pay/lib/js/txt-crypt.js HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 404 Not Found
content-type: text/html
                                        
server: nginx
date: Sat, 24 Sep 2022 04:25:16 GMT
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 24 Sep 2022 04:25:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /canada/canada/pay/index_files/css HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 200 OK
content-type: application/octet-stream
                                        
server: nginx
date: Sat, 24 Sep 2022 04:09:29 GMT
last-modified: Tue, 20 Sep 2022 12:37:09 GMT
etag: "6329b3f5-5e9a"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: public
referrer-policy: strict-origin-when-cross-origin
content-length: 24218
x-cacheable: YES
age: 946
x-cache: HIT
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   24218
Md5:    71ab2d5dc2029112dffc9834eafcc599
Sha1:   5d3dc067095459a2ace31b10cc6cb343aca44577
Sha256: 7742176d36a9ea889f4db0a843e62f522ba690a8d514e91dd5aa09eccf7340ce

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/index_files/modernizr.js HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 404 Not Found
content-type: text/html
                                        
server: nginx
date: Sat, 24 Sep 2022 04:25:16 GMT
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7998
Expires: Sat, 24 Sep 2022 06:38:34 GMT
Date: Sat, 24 Sep 2022 04:25:16 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7998
Expires: Sat, 24 Sep 2022 06:38:34 GMT
Date: Sat, 24 Sep 2022 04:25:16 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7998
Expires: Sat, 24 Sep 2022 06:38:34 GMT
Date: Sat, 24 Sep 2022 04:25:16 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7998
Expires: Sat, 24 Sep 2022 06:38:34 GMT
Date: Sat, 24 Sep 2022 04:25:16 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F742ed98b-b8fa-4199-984b-51f661ac6e89.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4829
x-amzn-requestid: c283df3f-4198-47dd-9b24-634c425bccd6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y2aA_HgFoAMF_tQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632c0a06-3881d661368a03ae48227b37;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 07:08:54 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: NX_aUnmznw69dQzAWyvuo9umcrue7WRWVKjpYbWLfUbyqlBa1szcig==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 07:40:18 GMT
age: 74698
etag: "8db9c71402f2c8ceee047c56ca1a5e41c74f5cf3"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4829
Md5:    3f93f322ecd0244e7ee4169b200b50df
Sha1:   8db9c71402f2c8ceee047c56ca1a5e41c74f5cf3
Sha256: 2bb739a60a4581e554fb308be7df8b3d7f47e95051e5ef5e0d1d9ed0a0443b68
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96ebb238-493f-4ccc-a8d9-7a7c6f8ab469.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7963
x-amzn-requestid: cadfa4ff-473d-4927-bdf6-3aad64cddf18
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sQbHTCIAMFfZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e2735-41d711e5210099aa6273dd86;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: g0NS7XamCzSMKmm1-mLnWLwUuBoJczvwSmTb0c_7klsY78wbrg4bRw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:57:02 GMT
age: 23294
etag: "d2180d40ceb16924a87a41aad90dedb0bb912085"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7963
Md5:    5a4b36e1bf29c9c82f069cdd3c50874c
Sha1:   d2180d40ceb16924a87a41aad90dedb0bb912085
Sha256: aab96d28ea8e21e6d37449eba400cac45acced1825ebdb27853d17ae4f993b00
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1500786-3bbf-46d0-b16e-4aff6d48a585.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 14579
x-amzn-requestid: bce2c126-0883-4255-9246-d8055860f898
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YcCj6FYCoAMF9Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63217e18-66ba2e5d64b6a5b32b7ab36b;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 07:09:12 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 92Pj9IQp3mBJQOW-XuHSK8laPqXOSBOmNbYcm4hSFzc1xqYscQKxMA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 22:05:15 GMT
age: 22801
etag: "16e42ba7b20555bf5a8615e5f4bb561204aeeb5a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   14579
Md5:    f10a12719b387d176497669ba75f0acc
Sha1:   16e42ba7b20555bf5a8615e5f4bb561204aeeb5a
Sha256: 0cb2231817387d43a490565b61e24ea7a3cfcff3281f4ab4379a882cc5c3173f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d9363e8-7e74-47d0-b49b-ac648ebf58c9.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7829
x-amzn-requestid: 18df2f34-f279-4088-8488-76e429fdbb49
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7tZ4HqsoAMFrgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e290b-42270a1556339a3c5a941f89;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:45:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: cSHVvtCZq1SkklylzL4DaNV_mrCx3kDp3fMxKlycHID-oPPMlNW7Bg==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 ddaf46a95abcfc80e8eae76235e2127c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:59:02 GMT
etag: "058909341bf245c24fd86fc076acf2a3c246a96c"
age: 23174
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7829
Md5:    d84c4ddafb066f0340a6108644e18e6b
Sha1:   058909341bf245c24fd86fc076acf2a3c246a96c
Sha256: ca9019fab30635e3548e05e088ff5a5d612ffe7c01f29465c4133710a41c0245
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc313594-ca24-4e62-bba0-99a0475817bf.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 14237
x-amzn-requestid: ebac6624-ee74-4911-b34d-f12abd8524e2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7ruIG08oAMF6bQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e265a-1119098a051db3235b3a0674;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:34:18 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: PuRSMM1YJ_03oGNhk2W-FwfPRkhU_TDcvyi-31NspF3s8U7erzx6_A==
via: 1.1 1949caaabae48a894fcd770a3e1384f6.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:58:48 GMT
age: 23188
etag: "0241ca5908ca229c2528a3c84177488cc2c08c13"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   14237
Md5:    ed165f50993660657ba10cdebdb895b3
Sha1:   0241ca5908ca229c2528a3c84177488cc2c08c13
Sha256: b13c7b9ce6ae5d4295467977258ab19da8329b0f1db39e38f11d16d905d742cf
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10032
x-amzn-requestid: 521c4012-9834-4100-a7ed-30093502f1a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sPBHGYoAMFh-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e272c-77b03c321240d76a572d603a;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lAQOV9_fZ2RFvhRKMtDOeRTWJc-Jo1u-DrtJshcQuCSOUXVbNMjhaw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:56:56 GMT
age: 23300
etag: "ed04f74fbb4c77b21e2babc51a82857f5e23d169"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10032
Md5:    aa150280eb113504d61a25935c0f0127
Sha1:   ed04f74fbb4c77b21e2babc51a82857f5e23d169
Sha256: 07df17fffb391aa82efb09e30d97e88fa4dbe6df00e37bb90304f69179f4848e
                                        
                                            GET /canada/canada/pay/index_files/cp_print.css HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Sat, 24 Sep 2022 04:09:54 GMT
last-modified: Tue, 20 Sep 2022 12:37:09 GMT
etag: "6329b3f5-c3d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 922
x-cache: HIT
accept-ranges: bytes
content-length: 1236
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   1236
Md5:    36bc5818fff2677c7c06ec2938478e83
Sha1:   59f2a1a4dba74cf41f4b35fd3b303342343d87e8
Sha256: 0972f3166155c65d503b43e699d3bc3b5b7510cc1a69bcb07be76af0999d0b36
                                        
                                            GET /canada/canada/pay/index_files/jquery.js HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 404 Not Found
content-type: text/html
                                        
server: nginx
date: Sat, 24 Sep 2022 04:25:16 GMT
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/index_files/cwc.js HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 404 Not Found
content-type: text/html
                                        
server: nginx
date: Sat, 24 Sep 2022 04:25:17 GMT
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/index_files/jquery-ui.min.js HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 404 Not Found
content-type: text/html
                                        
server: nginx
date: Sat, 24 Sep 2022 04:25:17 GMT
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/index_files/selector.js HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 404 Not Found
content-type: text/html
                                        
server: nginx
date: Sat, 24 Sep 2022 04:25:17 GMT
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/index_files/jquery-cookie.js HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 404 Not Found
content-type: text/html
                                        
server: nginx
date: Sat, 24 Sep 2022 04:25:17 GMT
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/index_files/function.js HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 404 Not Found
content-type: text/html
                                        
server: nginx
date: Sat, 24 Sep 2022 04:25:17 GMT
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/index_files/search_autocomplete.js HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 404 Not Found
content-type: text/html
                                        
server: nginx
date: Sat, 24 Sep 2022 04:25:18 GMT
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/index_files/f(1).txt HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 200 OK
content-type: text/plain
                                        
server: nginx
date: Sat, 24 Sep 2022 02:32:15 GMT
last-modified: Tue, 20 Sep 2022 12:37:09 GMT
etag: "6329b3f5-a18"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: public
referrer-policy: strict-origin-when-cross-origin
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 6782
x-cache: HIT
accept-ranges: bytes
content-length: 1101
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2584), with no line terminators
Size:   1101
Md5:    cad6eff00d044ddb82b45b3526f3c068
Sha1:   1fcd168ee26831459ede26df22ce4ccf804f02de
Sha256: 44e641442e5bb70cdb8b2e6d245c7af8ce942e4e92a5790020c0d36fa3d86ffc

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/index_files/f(2).txt HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 200 OK
content-type: text/plain
                                        
server: nginx
date: Sat, 24 Sep 2022 02:32:15 GMT
last-modified: Tue, 20 Sep 2022 12:37:09 GMT
etag: "6329b3f5-b2a"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: public
referrer-policy: strict-origin-when-cross-origin
vary: Accept-Encoding
content-encoding: gzip
x-cacheable: YES
age: 6782
x-cache: HIT
accept-ranges: bytes
content-length: 1161
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2858), with no line terminators
Size:   1161
Md5:    99ebd46f8aa935b50e7dc76a7abaa186
Sha1:   23085b76709963128c9b639d5fbba391c25535b6
Sha256: ed4b4bc7ea8892971451c45e42be3978369b5ace11fd7d8ab594dc3dd42f2ad4

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/index_files/jCarousel.min.js HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 404 Not Found
content-type: text/html
                                        
server: nginx
date: Sat, 24 Sep 2022 04:25:18 GMT
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/index_files/google-dfp.js HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 404 Not Found
content-type: text/html
                                        
server: nginx
date: Sat, 24 Sep 2022 04:25:18 GMT
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/index_files/app.js HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 404 Not Found
content-type: text/html
                                        
server: nginx
date: Sat, 24 Sep 2022 04:25:18 GMT
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/index_files/cpo.js HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 404 Not Found
content-type: text/html
                                        
server: nginx
date: Sat, 24 Sep 2022 04:25:19 GMT
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/index_files/cpo.js HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 404 Not Found
content-type: text/html
                                        
server: nginx
date: Sat, 24 Sep 2022 04:25:19 GMT
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/index_files/chat-common.js HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 404 Not Found
content-type: text/html
                                        
server: nginx
date: Sat, 24 Sep 2022 04:25:19 GMT
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/index_files/jquery.smartbanner.js HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 404 Not Found
content-type: text/html
                                        
server: nginx
date: Sat, 24 Sep 2022 04:25:19 GMT
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/index_files/pubads_impl_2021040101.js HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 404 Not Found
content-type: text/html
                                        
server: nginx
date: Sat, 24 Sep 2022 04:25:19 GMT
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/index_files/14.8f875927fce05bedfe11.chunk.js HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 404 Not Found
content-type: text/html
                                        
server: nginx
date: Sat, 24 Sep 2022 04:25:19 GMT
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/index_files/RCf1b64ddc47d04c2ba552708d0de25b3b-source.min.js HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 404 Not Found
content-type: text/html
                                        
server: nginx
date: Sat, 24 Sep 2022 04:25:19 GMT
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/index_files/1.5159a7a0ba1fcaed8917.chunk.js HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 404 Not Found
content-type: text/html
                                        
server: nginx
date: Sat, 24 Sep 2022 04:25:19 GMT
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/index_files/14.8f875927fce05bedfe11.chunk.js HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 404 Not Found
content-type: text/html
                                        
server: nginx
date: Sat, 24 Sep 2022 04:25:20 GMT
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /canada/canada/pay/index_files/1.5159a7a0ba1fcaed8917.chunk.js HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         63.250.43.133
HTTP/2 404 Not Found
content-type: text/html
                                        
server: nginx
date: Sat, 24 Sep 2022 04:25:20 GMT
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 24 Sep 2022 04:25:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:21 GMT
expires: Thu, 21 Sep 2023 19:34:21 GMT
cache-control: public, max-age=31536000
age: 204659
last-modified: Wed, 11 May 2022 19:24:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Size:   15740
Md5:    b9c29351c46f3e8c8631c4002457f48a
Sha1:   e57e59c5780995ff2937ab2b511a769212974a87
Sha256: f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 24 Sep 2022 04:25:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /cpc/assets/cpc/img/icons/arrow-down.svg HTTP/1.1 
Host: www.canadapost.ca
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.61.214.200
HTTP/1.1 301 Moved Permanently
                                        
Server: AkamaiGHost
Content-Length: 0
Location: https://www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/arrow-down.svg
Date: Sat, 24 Sep 2022 04:25:20 GMT
Connection: keep-alive
strict-transport-security: max-age=31536000; includeSubdomains; preload

                                        
                                            GET /cpc/assets/cpc/img/icons/icon-lock.svg HTTP/1.1 
Host: www.canadapost.ca
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.61.214.200
HTTP/1.1 301 Moved Permanently
                                        
Server: AkamaiGHost
Content-Length: 0
Location: https://www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/icon-lock.svg
Date: Sat, 24 Sep 2022 04:25:20 GMT
Connection: keep-alive
strict-transport-security: max-age=31536000; includeSubdomains; preload

                                        
                                            GET /cpc/assets/cpc/img/icons/search.svg HTTP/1.1 
Host: www.canadapost.ca
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.61.214.200
HTTP/1.1 301 Moved Permanently
                                        
Server: AkamaiGHost
Content-Length: 0
Location: https://www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/search.svg
Date: Sat, 24 Sep 2022 04:25:20 GMT
Connection: keep-alive
strict-transport-security: max-age=31536000; includeSubdomains; preload

                                        
                                            GET /cpc/assets/cpc/img/icons/global-alert/alert.svg HTTP/1.1 
Host: www.canadapost.ca
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.61.214.200
HTTP/1.1 301 Moved Permanently
                                        
Server: AkamaiGHost
Content-Length: 0
Location: https://www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/global-alert/alert.svg
Date: Sat, 24 Sep 2022 04:25:20 GMT
Connection: keep-alive
strict-transport-security: max-age=31536000; includeSubdomains; preload

                                        
                                            GET /cpc/assets/cpc/img/icons/global-alert/cancel.svg HTTP/1.1 
Host: www.canadapost.ca
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.61.214.200
HTTP/1.1 301 Moved Permanently
                                        
Server: AkamaiGHost
Content-Length: 0
Location: https://www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/global-alert/cancel.svg
Date: Sat, 24 Sep 2022 04:25:20 GMT
Connection: keep-alive
strict-transport-security: max-age=31536000; includeSubdomains; preload

                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:08 GMT
expires: Thu, 21 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 204672
last-modified: Wed, 11 May 2022 19:24:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size:   15744
Md5:    15d9f621c3bd1599f0169dcf0bd5e63e
Sha1:   7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 24 Sep 2022 04:25:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /canada/canada/pay/index_files/jsf.js HTTP/1.1 
Host: world-wide-packaging-bbecfc.ingress-erytho.ewp.live
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://world-wide-packaging-bbecfc.ingress-erytho.ewp.live/canada/canada/pay/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers