updatepostecanada.ca/
91.229.90.152301 Moved Permanently 707 B IP 91.229.90.152:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET / HTTP/1.1
Host: updatepostecanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Sat, 17 Dec 2022 00:21:03 GMT
server: LiteSpeed
location: https://updatepostecanada.ca/
vary: User-Agent
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 96367f956a4177aec7e7e80221539d58
8dcad10fde96c139d1ef212388cb6755fe3fe077
f4f9bdb5180359dfd734cef1e6f1b54bc9d8f72cae557366eb74f22100b94dc4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F4F9BDB5180359DFD734CEF1E6F1B54BC9D8F72CAE557366EB74F22100B94DC4"
Last-Modified: Thu, 15 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8147
Expires: Sat, 17 Dec 2022 02:36:51 GMT
Date: Sat, 17 Dec 2022 00:21:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ae86164fd9297dfdc05d67d69284d70e
5e5f27e3fd492f715baa6820f05c0fafde4040b3
be20f6ae6a51d20611cb4d350b52a5d0a339af6722fe9b2482ef58826c1e9de0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE20F6AE6A51D20611CB4D350B52A5D0A339AF6722FE9B2482EF58826C1E9DE0"
Last-Modified: Thu, 15 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4705
Expires: Sat, 17 Dec 2022 01:39:29 GMT
Date: Sat, 17 Dec 2022 00:21:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 555fc6e99ad3bf077d1c4b9b805e428d
4e800fc8e809a950288df0e94992084647762561
fac00cada519279717e2a13528cb202d292fc92ed5eb42782c41f8e7b9509eaf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FAC00CADA519279717E2A13528CB202D292FC92ED5EB42782C41F8E7B9509EAF"
Last-Modified: Fri, 16 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7216
Expires: Sat, 17 Dec 2022 02:21:20 GMT
Date: Sat, 17 Dec 2022 00:21:04 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b44c4b5daa307a355e7bab1c83c1ca82
dbd14cd873f1dd4502f277b3f51cb7bc8da0c080
fd4604461cfa002c8a261bb14eb8dda56817db231b9012b2eb38d6dbc2674df5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Alert, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 16 Dec 2022 23:45:13 GMT
content-type: application/json
age: 2151
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: WyR8xNdNEA3GjFZbd0ySaI1Ltr/q/jVtHl9BlefQnJ779cSU5+OBz4Hw3AdhwRtC01J0goH7dDc=
x-amz-request-id: 4J9B34W9F17E1VJE
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 16 Dec 2022 23:51:33 GMT
age: 1771
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 17 Dec 2022 00:21:04 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 96493735f109290ec158b8033dd66253
25b9907907529675597182a6bc9fcdf0ea6e5cb6
b469a4ab780ec8bc175ee57c233b4db16207f1d4963bf614c26df5906c457e0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B469A4AB780EC8BC175EE57C233B4DB16207F1D4963BF614C26DF5906C457E0F"
Last-Modified: Thu, 15 Dec 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 17 Dec 2022 06:21:04 GMT
Date: Sat, 17 Dec 2022 00:21:04 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Cache-Control, Backoff, Content-Length, Content-Type, Last-Modified, ETag, Expires, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 17 Dec 2022 00:08:00 GMT
age: 784
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 142400be99b933ea5e0c68ea6a6b3e89
80e94132940e5ebe69dd0a03396764127b8fda49
20e8cde3c6907a3c5d97fe9fbcf6a44035e1f7482f7e166adb2c38a30a9084ea
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2302
Cache-Control: max-age=120250
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 00:21:04 GMT
Etag: "639c352c-1d7"
Expires: Sun, 18 Dec 2022 09:45:14 GMT
Last-Modified: Fri, 16 Dec 2022 09:06:52 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
updatepostecanada.ca/file/foundation-config.css
91.229.90.152200 OK 27 B URL HTTP/2 updatepostecanada.ca/file/foundation-config.css
IP 91.229.90.152:0
File type ASCII text, with no line terminators
Hash 235e981df1f4eedaa0589ffda58717d6
d7e9f36ce7e793910b1cb8b3df49c60cd162a4f9
6ab579f7452650aa72688543ccc21851e03c767a3f04669321da4476e4f50ba0
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
GET /file/foundation-config.css HTTP/1.1
Host: updatepostecanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Cookie: PHPSESSID=2bfcf33a954edc497cb86e62b1add9e3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 00:21:05 GMT
content-type: text/css
last-modified: Thu, 08 Sep 2022 08:59:40 GMT
etag: "1b-6319aefc-a15f39de73bafe1b;;;"
accept-ranges: bytes
content-length: 27
date: Sat, 17 Dec 2022 00:21:05 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
updatepostecanada.ca/file/foundation.css
91.229.90.152200 OK 21 kB URL HTTP/2 updatepostecanada.ca/file/foundation.css
IP 91.229.90.152:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash ecfa358523b89d4177ab5ef79e1034b9
1588304a284720f99380c5918496d9c39d78c7fd
aaeb42674f952520497dfb75f25aa78f1b4e1caf53ce50afd5629edf89e0b0e2
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
GET /file/foundation.css HTTP/1.1
Host: updatepostecanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Cookie: PHPSESSID=2bfcf33a954edc497cb86e62b1add9e3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 00:21:05 GMT
content-type: text/css
last-modified: Thu, 08 Sep 2022 08:59:40 GMT
etag: "18d9e-6319aefc-b0d6c9dd4bc0b3b5;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 20922
date: Sat, 17 Dec 2022 00:21:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
updatepostecanada.ca/file/normalize.css
91.229.90.152200 OK 995 B URL HTTP/2 updatepostecanada.ca/file/normalize.css
IP 91.229.90.152:0
File type ASCII text, with very long lines (2011)
Hash fb47db9a73e62c29983c97245ff1a0b1
1d8e7bd48874522b8979c9ab2ae9ef09d3a6cf39
af66e48b3dde10dd39f871e0cd4326b1e3a5de75831584c7bab725c6bee03037
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
GET /file/normalize.css HTTP/1.1
Host: updatepostecanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Cookie: PHPSESSID=2bfcf33a954edc497cb86e62b1add9e3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 00:21:05 GMT
content-type: text/css
last-modified: Thu, 08 Sep 2022 08:59:40 GMT
etag: "7dc-6319aefc-a0112aa61bf829ee;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 995
date: Sat, 17 Dec 2022 00:21:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
updatepostecanada.ca/file/cpc-main.css
91.229.90.152200 OK 106 kB URL HTTP/2 updatepostecanada.ca/file/cpc-main.css
IP 91.229.90.152:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 106 kB (106391 bytes)
Hash 9d58a121cd7ad1bdd9538b2277109543
db0207b056b2b778b61fb6e990bf5ed3b3925026
d70ffbd592c403179b5912e0540969e4bacb22996f7eee7229914ae1406c2e91
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
GET /file/cpc-main.css HTTP/1.1
Host: updatepostecanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Cookie: PHPSESSID=2bfcf33a954edc497cb86e62b1add9e3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 00:21:05 GMT
content-type: text/css
last-modified: Thu, 08 Sep 2022 08:59:40 GMT
etag: "73970-6319aefc-89d79dc78f418a22;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 106391
date: Sat, 17 Dec 2022 00:21:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
updatepostecanada.ca/file/tools.css
91.229.90.152200 OK 1.1 kB URL HTTP/2 updatepostecanada.ca/file/tools.css
IP 91.229.90.152:0
File type ASCII text, with CRLF line terminators
Hash f5c6a9a90cfaa8d0029a002047a15424
f086faefa9b3253507e739bdc27a7f3e8f8af687
16e3163fa66145a0c0faab909279df764a8b0dce5ed8f8e76cde383f89da6b3b
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
GET /file/tools.css HTTP/1.1
Host: updatepostecanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Cookie: PHPSESSID=2bfcf33a954edc497cb86e62b1add9e3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 00:21:05 GMT
content-type: text/css
last-modified: Thu, 08 Sep 2022 09:18:46 GMT
etag: "c74-6319b376-4888988766901af4;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1132
date: Sat, 17 Dec 2022 00:21:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
updatepostecanada.ca/file/beacon.js
91.229.90.152200 OK 2.0 kB URL HTTP/2 updatepostecanada.ca/file/beacon.js
IP 91.229.90.152:0
File type ASCII text, with very long lines (3936)
Hash cc337805f6ac7780832182130c1a7df7
1bff753e2dd2c04f8491c222cba4a0def7a41b59
e9846109d7ee4d10d6f3fa458da8a7b992beca036eed5d461a466e3e08445d4f
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /file/beacon.js HTTP/1.1
Host: updatepostecanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Cookie: PHPSESSID=2bfcf33a954edc497cb86e62b1add9e3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 00:21:05 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 08:59:40 GMT
etag: "f61-6319aefc-d59d2019b6758acb;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1969
date: Sat, 17 Dec 2022 00:21:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
updatepostecanada.ca/file/f.txt
91.229.90.152200 OK 20 kB URL HTTP/2 updatepostecanada.ca/file/f.txt
IP 91.229.90.152:0
File type ASCII text, with very long lines (1623)
Hash 0dfb86abfc05e7ec1e890311b24c4a39
aa8a4c0e356fa9c6699f66d952bd5640b9b6b365
4382b1d5203f422b6bffaa6f9b52f406a86b12615fa7692d378c95d41baa9596
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /file/f.txt HTTP/1.1
Host: updatepostecanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Cookie: PHPSESSID=2bfcf33a954edc497cb86e62b1add9e3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/plain
last-modified: Thu, 08 Sep 2022 08:59:40 GMT
etag: "a422-6319aefc-3989d596178d70d4;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 19595
date: Sat, 17 Dec 2022 00:21:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
updatepostecanada.ca/file/insight.min.js
91.229.90.152200 OK 3.4 kB URL HTTP/2 updatepostecanada.ca/file/insight.min.js
IP 91.229.90.152:0
File type ASCII text, with very long lines (7751)
Hash 8db1005349ab554c09a98451fca04c6a
4e1318838a0869ebe3c0d6092042638044820b37
68b9c58408ccfcb50e671216c0f7d8bc868aa9a17ac5fc309c5f15b238f61ed0
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /file/insight.min.js HTTP/1.1
Host: updatepostecanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Cookie: PHPSESSID=2bfcf33a954edc497cb86e62b1add9e3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 00:21:05 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 08:59:42 GMT
etag: "1e48-6319aefe-8106d636edc0dece;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3363
date: Sat, 17 Dec 2022 00:21:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
updatepostecanada.ca/file/614267586032718
91.229.90.152404 Not Found 708 B URL HTTP/2 updatepostecanada.ca/file/614267586032718
IP 91.229.90.152:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 2382378378c002d88b9a507c712c3349
2e894db3808b554abadc8b144338ad9e2ea937ba
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /file/614267586032718 HTTP/1.1
Host: updatepostecanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Cookie: PHPSESSID=2bfcf33a954edc497cb86e62b1add9e3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 708
date: Sat, 17 Dec 2022 00:21:05 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
updatepostecanada.ca/file/fbevents.js
91.229.90.152404 Not Found 708 B URL HTTP/2 updatepostecanada.ca/file/fbevents.js
IP 91.229.90.152:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 2382378378c002d88b9a507c712c3349
2e894db3808b554abadc8b144338ad9e2ea937ba
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /file/fbevents.js HTTP/1.1
Host: updatepostecanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Cookie: PHPSESSID=2bfcf33a954edc497cb86e62b1add9e3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 708
date: Sat, 17 Dec 2022 00:21:05 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
updatepostecanada.ca/file/modernizr.js
91.229.90.152200 OK 5.9 kB URL HTTP/2 updatepostecanada.ca/file/modernizr.js
IP 91.229.90.152:0
File type Unicode text, UTF-8 text, with very long lines (12268)
Hash 45160d49cd70dfe6668255a450fdc0ee
dc6eaef70081628ded73ae5e04ad1993e7ff212e
31ad73b5011ba424c06fa79b72a8738c69db877c3203e1bedd6ff55e18d1d267
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /file/modernizr.js HTTP/1.1
Host: updatepostecanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Cookie: PHPSESSID=2bfcf33a954edc497cb86e62b1add9e3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 00:21:05 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 08:59:42 GMT
etag: "30f0-6319aefe-5113ab1d88f92f9;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 5906
date: Sat, 17 Dec 2022 00:21:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
updatepostecanada.ca/file/foundation.reveal.js
91.229.90.152200 OK 5.1 kB URL HTTP/2 updatepostecanada.ca/file/foundation.reveal.js
IP 91.229.90.152:0
Hash 423a71ff03b19e39f33eec3ae8c9c31f
fd757da4b47c842ee4f1bac9cc5d5452a032b00f
e65f608f6c442d9dad3dd67feae03d90942bb211bba47e6c8b085e5e15641d9d
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /file/foundation.reveal.js HTTP/1.1
Host: updatepostecanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Cookie: PHPSESSID=2bfcf33a954edc497cb86e62b1add9e3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 00:21:05 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 08:59:42 GMT
etag: "4135-6319aefe-f062a6050d4a1c11;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 5086
date: Sat, 17 Dec 2022 00:21:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
updatepostecanada.ca/file/tools.js
91.229.90.152200 OK 122 B URL HTTP/2 updatepostecanada.ca/file/tools.js
IP 91.229.90.152:0
Hash 0a55a61bc65245a773a3253aaf81e4f6
a2fd9ce6d25635b2138e640956c41fd65652f792
1e35a7196a71189199f08214fa6a5226661be7437810c6851a75e80e26bbe112
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /file/tools.js HTTP/1.1
Host: updatepostecanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Cookie: PHPSESSID=2bfcf33a954edc497cb86e62b1add9e3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 00:21:05 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 08:59:42 GMT
etag: "7a-6319aefe-86b257c95cd32e82;;;"
accept-ranges: bytes
content-length: 122
date: Sat, 17 Dec 2022 00:21:05 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
updatepostecanada.ca/file/postal-guide.css
91.229.90.152200 OK 219 B URL HTTP/2 updatepostecanada.ca/file/postal-guide.css
IP 91.229.90.152:0
Hash 2ee5ed7bd5030d2f8dce54670cf71745
5bfe846bb5ae8bfcb6246274559bea3cab9c8d78
43c1972f25c54d62c69c95d129d60ad4ac4c5b56cbd125e83169fd43fabffc7b
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
GET /file/postal-guide.css HTTP/1.1
Host: updatepostecanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Cookie: PHPSESSID=2bfcf33a954edc497cb86e62b1add9e3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 00:21:05 GMT
content-type: text/css
last-modified: Thu, 08 Sep 2022 09:26:50 GMT
etag: "177-6319b55a-bc6f7d0fa1254e22;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 219
date: Sat, 17 Dec 2022 00:21:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
updatepostecanada.ca/file/styles.css
91.229.90.152200 OK 16 kB URL HTTP/2 updatepostecanada.ca/file/styles.css
IP 91.229.90.152:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash b9a0b278b86c1dfa2284228bf00c6260
2fc88034544b6640a1095db0a2ab2d6d55bf2b85
72cff4200659ac6b8367aacd599eded7d951844cda65f80ee6276ca24102e9e7
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
GET /file/styles.css HTTP/1.1
Host: updatepostecanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Cookie: PHPSESSID=2bfcf33a954edc497cb86e62b1add9e3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 00:21:05 GMT
content-type: text/css
last-modified: Thu, 08 Sep 2022 08:59:42 GMT
etag: "126b5-6319aefe-bc0f6e68aee3d43d;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 16124
date: Sat, 17 Dec 2022 00:21:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
updatepostecanada.ca/file/f(1).txt
91.229.90.152200 OK 1.2 kB URL HTTP/2 updatepostecanada.ca/file/f(1).txt
IP 91.229.90.152:0
File type ASCII text, with very long lines (2402), with no line terminators
Hash 393ec35ff90e2758dbf9b112b9e06c5b
178c5426f0a547309a5ce601646d1e79d1508245
b49610c94d468aace72779c9c223d56e2a2a03215fd2d28991b2ad7c2d3f3cfe
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /file/f(1).txt HTTP/1.1
Host: updatepostecanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Cookie: PHPSESSID=2bfcf33a954edc497cb86e62b1add9e3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/plain
last-modified: Thu, 08 Sep 2022 08:59:44 GMT
etag: "962-6319af00-acc1678f8df0b29b;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1162
date: Sat, 17 Dec 2022 00:21:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
updatepostecanada.ca/file/f(2).txt
91.229.90.152200 OK 1.3 kB URL HTTP/2 updatepostecanada.ca/file/f(2).txt
IP 91.229.90.152:0
File type ASCII text, with very long lines (2744), with no line terminators
Hash 25a715e415123b59970ee567f2ff8056
5c9c27a60f25c5b8b0d8fad5b479c142dbdb71cb
5f2dfb910f7a71259bff4050eac52dc3c7fd0a3cc00486e28ae008fbf719c67d
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /file/f(2).txt HTTP/1.1
Host: updatepostecanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Cookie: PHPSESSID=2bfcf33a954edc497cb86e62b1add9e3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/plain
last-modified: Thu, 08 Sep 2022 08:59:44 GMT
etag: "ab8-6319af00-246259e5f76f6ddd;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1255
date: Sat, 17 Dec 2022 00:21:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
updatepostecanada.ca/file/f(3).txt
91.229.90.152200 OK 1.2 kB URL HTTP/2 updatepostecanada.ca/file/f(3).txt
IP 91.229.90.152:0
File type ASCII text, with very long lines (2404), with no line terminators
Hash c75b6adc2c5861cd765bb75bc2365c0e
c22c68bdb2d2eb2a43c038e95af1fff3b901c11c
6f176d7bad9c26dfdc11a8381ebddb1f3de68f5dcdad4b8bc54aadd6512ed02d
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /file/f(3).txt HTTP/1.1
Host: updatepostecanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Cookie: PHPSESSID=2bfcf33a954edc497cb86e62b1add9e3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/plain
last-modified: Thu, 08 Sep 2022 08:59:44 GMT
etag: "964-6319af00-5f534f628b10277c;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1156
date: Sat, 17 Dec 2022 00:21:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
updatepostecanada.ca/file/11.4dc17d50d8eb18566aef.chunk.js
91.229.90.152200 OK 25 kB URL HTTP/2 updatepostecanada.ca/file/11.4dc17d50d8eb18566aef.chunk.js
IP 91.229.90.152:0
File type ASCII text, with very long lines (62147), with no line terminators
Hash af0ab8a976a04ea08c013ede72384e73
cc9137efa5cdc5e647f9c506e10ca3efa18032b3
f5ff7c8fd6f5b22a2f7e48fdd304ee0209e2a5cf95edb5a2e090fdb6ea69bbe2
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /file/11.4dc17d50d8eb18566aef.chunk.js HTTP/1.1
Host: updatepostecanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Cookie: PHPSESSID=2bfcf33a954edc497cb86e62b1add9e3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 00:21:05 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 08:59:44 GMT
etag: "f2c3-6319af00-209aabaa768b5a99;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 24839
date: Sat, 17 Dec 2022 00:21:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
updatepostecanada.ca/file/uwt.js
91.229.90.152200 OK 22 kB URL HTTP/2 updatepostecanada.ca/file/uwt.js
IP 91.229.90.152:0
File type ASCII text, with very long lines (57443), with no line terminators
Hash db2c157d6cc3fab7a1fda4ab2d05d979
e08005545c250c9211619a318e73b97cecc82af6
33340d1e06484b7a9e881f46816c9dd2533ba24d3905c28c3c63fbd3b6d728f2
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /file/uwt.js HTTP/1.1
Host: updatepostecanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Cookie: PHPSESSID=2bfcf33a954edc497cb86e62b1add9e3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 00:21:05 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 08:59:42 GMT
etag: "e063-6319aefe-33e07cac3e9335c1;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 21688
date: Sat, 17 Dec 2022 00:21:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
updatepostecanada.ca/file/foundation.min.js
91.229.90.152200 OK 37 kB URL HTTP/2 updatepostecanada.ca/file/foundation.min.js
IP 91.229.90.152:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (32024)
Hash f1b6d980c1b561066911d156489898c0
cd16908a596733dbda17291e685ce9c10c6c97da
8d5e71c86b4871e2eae33ebfdd220a275f9bc4a5012ae3b18b727729a0d01653
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /file/foundation.min.js HTTP/1.1
Host: updatepostecanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Cookie: PHPSESSID=2bfcf33a954edc497cb86e62b1add9e3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 00:21:05 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 08:59:42 GMT
etag: "190a5-6319aefe-8c504bb447169ec0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 36779
date: Sat, 17 Dec 2022 00:21:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
updatepostecanada.ca/file/EXceb9b11658e548b18c0f3a95e66448d9-libraryCode_source.min.js
91.229.90.152200 OK 36 kB URL HTTP/2 updatepostecanada.ca/file/EXceb9b11658e548b18c0f3a95e66448d9-libraryCode_source.min.js
IP 91.229.90.152:0
File type ASCII text, with very long lines (32768)
Hash 06f4f95ab30fcb0c8dfdd2efe22a5dec
b8c2ccbfdb8a94770ffa1f0e6e06b40ca2ab86fe
eba4ca63e1147de229e605ca8d2989f990cb1337bfa0fd55d92e18c1f9b0233f
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /file/EXceb9b11658e548b18c0f3a95e66448d9-libraryCode_source.min.js HTTP/1.1
Host: updatepostecanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Cookie: PHPSESSID=2bfcf33a954edc497cb86e62b1add9e3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 00:21:05 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 08:59:42 GMT
etag: "14b27-6319aefe-abe021df1e2f4949;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 36399
date: Sat, 17 Dec 2022 00:21:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
updatepostecanada.ca/file/1.0f15e3ad6ddcff4e902e.chunk.js
91.229.90.152200 OK 8.3 kB URL HTTP/2 updatepostecanada.ca/file/1.0f15e3ad6ddcff4e902e.chunk.js
IP 91.229.90.152:0
File type ASCII text, with very long lines (28797), with no line terminators
Hash 27fd6de3338ea6c0e6f716a8fe649dad
d54ac7b394e2e053ed72db701aee595513cd6968
df28452c55e330461aa0e5c5778a7d33b58ea911e3fd1460ae9fe0af650dcf51
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /file/1.0f15e3ad6ddcff4e902e.chunk.js HTTP/1.1
Host: updatepostecanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Cookie: PHPSESSID=2bfcf33a954edc497cb86e62b1add9e3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 00:21:05 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 08:59:44 GMT
etag: "707d-6319af00-c00367737b6d4b2;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 8314
date: Sat, 17 Dec 2022 00:21:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
updatepostecanada.ca/file/jquery.js
91.229.90.152200 OK 50 kB URL HTTP/2 updatepostecanada.ca/file/jquery.js
IP 91.229.90.152:0
File type ASCII text, with very long lines (65451)
Hash 4503e93081774c975267a43be4e6f6aa
908860266a381934f3a9db5237e2c91682a09747
f8c6b239bc7542f8aa64f9b514375ec235481533cd81281bbd5e28a842b03f4d
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /file/jquery.js HTTP/1.1
Host: updatepostecanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Cookie: PHPSESSID=2bfcf33a954edc497cb86e62b1add9e3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 00:21:05 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 08:59:42 GMT
etag: "1b16c-6319aefe-6675ac725c9e5a7a;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 49513
date: Sat, 17 Dec 2022 00:21:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
updatepostecanada.ca/file/js(3)
91.229.90.152200 OK 107 kB URL HTTP/2 updatepostecanada.ca/file/js(3)
IP 91.229.90.152:0
File type ASCII text, with very long lines (1615)
Size 107 kB (106890 bytes)
Hash 2872c8c0b367893cac4105e87dded92e
cc7495ce29491f93ce061609a1d0dfaed72bf58c
be497bd6cee5b026521ce6eb3c7937c84a02a83403a0417de3972f31116a4275
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /file/js(3) HTTP/1.1
Host: updatepostecanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Cookie: PHPSESSID=2bfcf33a954edc497cb86e62b1add9e3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 08 Sep 2022 08:59:42 GMT
etag: "1a18a-6319aefe-732669a8f5e4986;;;"
accept-ranges: bytes
content-length: 106890
date: Sat, 17 Dec 2022 00:21:05 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
updatepostecanada.ca/file/analytics.js
91.229.90.152200 OK 1.4 kB URL HTTP/2 updatepostecanada.ca/file/analytics.js
IP 91.229.90.152:0
File type exported SGML document, ASCII text, with very long lines (832)
Hash 910fb242023a230516a0fb4a832ec55a
c1dee3dd93ed3b36289983ff28366be3a72b479b
34639c7c4dddbebb37789413b1cd2e2e747ca9666d64a3efb8b366bcd12ef721
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /file/analytics.js HTTP/1.1
Host: updatepostecanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Cookie: PHPSESSID=2bfcf33a954edc497cb86e62b1add9e3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 00:21:05 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 08:59:48 GMT
etag: "134d-6319af04-613009187cb34222;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1408
date: Sat, 17 Dec 2022 00:21:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
updatepostecanada.ca/file/saved_resource
91.229.90.152200 OK 7.3 kB URL HTTP/2 updatepostecanada.ca/file/saved_resource
IP 91.229.90.152:0
File type ASCII text, with very long lines (6801)
Hash fde0df82113bedc394515cb3fb9b9c06
1e20cf816b890a02e28e8302a93f253cfc2b04e1
0b4b7dfd734b2da1c4989692d27d514c18c0f7c452125db673dfe9e133b4f56b
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /file/saved_resource HTTP/1.1
Host: updatepostecanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Cookie: PHPSESSID=2bfcf33a954edc497cb86e62b1add9e3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 08 Sep 2022 08:59:48 GMT
etag: "1c86-6319af04-b387a7a48db10231;;;"
accept-ranges: bytes
content-length: 7302
date: Sat, 17 Dec 2022 00:21:05 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
updatepostecanada.ca/file/CoreModule.js
91.229.90.152200 OK 42 kB URL HTTP/2 updatepostecanada.ca/file/CoreModule.js
IP 91.229.90.152:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash fd4e2e947aaee37543ef893459e0b58a
44ca11f4c25d63c1ee35f5c5e09ddc6d7bef2f28
5f80d9eb1e498fea9ca1847ddf3f6742cbd45ec24877f706350d9b75ef503560
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /file/CoreModule.js HTTP/1.1
Host: updatepostecanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Cookie: PHPSESSID=2bfcf33a954edc497cb86e62b1add9e3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 00:21:05 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 08:59:48 GMT
etag: "197ac-6319af04-6008c40fb6a7cc9c;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 41452
date: Sat, 17 Dec 2022 00:21:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
updatepostecanada.ca/file/UserDefinedHTMLModule.js
91.229.90.152200 OK 2.4 kB URL HTTP/2 updatepostecanada.ca/file/UserDefinedHTMLModule.js
IP 91.229.90.152:0
File type ASCII text, with very long lines (6978), with no line terminators
Hash 88dc5dd79836a16ba727f57ca9db92e9
89d32abe957a7c1d7daf2a6e1bcc5a523b38a080
79e35c5308f3311bc956365c3a9f9bd681ec7ac75ebcf2478413e1b05b6b578f
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /file/UserDefinedHTMLModule.js HTTP/1.1
Host: updatepostecanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Cookie: PHPSESSID=2bfcf33a954edc497cb86e62b1add9e3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 00:21:05 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 08:59:48 GMT
etag: "1b42-6319af04-9a797e9986793b32;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 2431
date: Sat, 17 Dec 2022 00:21:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
updatepostecanada.ca/file/ScreenCaptureModule.js
91.229.90.152200 OK 9.3 kB URL HTTP/2 updatepostecanada.ca/file/ScreenCaptureModule.js
IP 91.229.90.152:0
File type ASCII text, with very long lines (25906), with no line terminators
Hash 7d37c983e2addaed3db8fbeaf1bc2baa
00ec7e248dd7afa7af37c61a9129a730e15538b3
4029192db3850e3bd56e43aab501e69bd7a9687807d386ad6691d0cabeb248ba
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /file/ScreenCaptureModule.js HTTP/1.1
Host: updatepostecanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Cookie: PHPSESSID=2bfcf33a954edc497cb86e62b1add9e3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 00:21:05 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 08:59:48 GMT
etag: "6532-6319af04-ba572a2f44216f26;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 9346
date: Sat, 17 Dec 2022 00:21:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
push.services.mozilla.com/
34.215.56.181101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.215.56.181:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: gSESfHZf0UD75/c95rlSHg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: JlQVaG9G3SlkE75vJ/kWxzV/zyc=
updatepostecanada.ca/file/js(2)
91.229.90.152200 OK 116 kB URL HTTP/2 updatepostecanada.ca/file/js(2)
IP 91.229.90.152:0
File type ASCII text, with very long lines (1615)
Size 116 kB (116541 bytes)
Hash 705b15727af88f7e0c4e90bd32b62324
9dd2c5add195a25ac8e610614011260339b894ef
2e35d9527046efca52202bc27e5eaa654b114bf8e1c89fb3b2214e7cdef06aef
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /file/js(2) HTTP/1.1
Host: updatepostecanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Cookie: PHPSESSID=2bfcf33a954edc497cb86e62b1add9e3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 08 Sep 2022 08:59:42 GMT
etag: "1c73d-6319aefe-559a5b55c49bf62a;;;"
accept-ranges: bytes
content-length: 116541
date: Sat, 17 Dec 2022 00:21:05 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
updatepostecanada.ca/file/cpc-main-logo.svg
91.229.90.152200 OK 4.4 kB URL HTTP/2 updatepostecanada.ca/file/cpc-main-logo.svg
IP 91.229.90.152:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (730)
Hash 7fc2f945db9a6c10452a18e2fb92bd30
e475feef4386402d5cbf33f8a38b17c1c5e66fb0
acb22ee1d5ce6a1c38ca05e244e1ee0cbbb542129afb5bcc11b0624d3f38ad2a
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /file/cpc-main-logo.svg HTTP/1.1
Host: updatepostecanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Cookie: PHPSESSID=2bfcf33a954edc497cb86e62b1add9e3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 00:21:05 GMT
content-type: image/svg+xml
last-modified: Thu, 08 Sep 2022 08:59:44 GMT
etag: "3037-6319af00-f9145c9dd623ab94;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 4448
date: Sat, 17 Dec 2022 00:21:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
updatepostecanada.ca/file/cpc-logo.svg
91.229.90.152200 OK 643 B URL HTTP/2 updatepostecanada.ca/file/cpc-logo.svg
IP 91.229.90.152:0
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash df833f86ada6b6b5c2ab913f76a8fdf6
a8597a83f5c06de28ea27ade309ecab2d1d49b91
def3a80251ace03c22a14d01843f43a094a66af9ceb3dca11c7e9af9c0d42049
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /file/cpc-logo.svg HTTP/1.1
Host: updatepostecanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Cookie: PHPSESSID=2bfcf33a954edc497cb86e62b1add9e3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 00:21:05 GMT
content-type: image/svg+xml
last-modified: Thu, 08 Sep 2022 08:59:44 GMT
etag: "3aa-6319af00-4f9f4c1ddb71640f;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 643
date: Sat, 17 Dec 2022 00:21:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
updatepostecanada.ca/file/search.svg
91.229.90.152200 OK 231 B URL HTTP/2 updatepostecanada.ca/file/search.svg
IP 91.229.90.152:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (320), with no line terminators
Hash e71d66200332fb2074c6eb30b3e6d8fc
5cc824a4a6282ed31dda41a64f64ee9820133e0a
a2c9675a12b9534e0653ecc6596148aa77fa3f8ea6421608f3031501726933dc
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /file/search.svg HTTP/1.1
Host: updatepostecanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Cookie: PHPSESSID=2bfcf33a954edc497cb86e62b1add9e3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 00:21:05 GMT
content-type: image/svg+xml
last-modified: Thu, 08 Sep 2022 08:59:44 GMT
etag: "140-6319af00-c5038e85ebb954b0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 231
date: Sat, 17 Dec 2022 00:21:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
updatepostecanada.ca/file/gov-canada-logo.svg
91.229.90.152200 OK 6.2 kB URL HTTP/2 updatepostecanada.ca/file/gov-canada-logo.svg
IP 91.229.90.152:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2441)
Hash 1193ef2e5520c2168178eeaaa10dc6d3
330b20b7ef34e2be66827104970fa14eabc5e8f8
3f51e3a8aa85ec9fcf0f085f36a5d520b3d08d4a2598635a7eef659d1cff63f6
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /file/gov-canada-logo.svg HTTP/1.1
Host: updatepostecanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Cookie: PHPSESSID=2bfcf33a954edc497cb86e62b1add9e3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 00:21:05 GMT
content-type: image/svg+xml
last-modified: Thu, 08 Sep 2022 08:59:48 GMT
etag: "37b3-6319af04-7d8db98578dbe080;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 6245
date: Sat, 17 Dec 2022 00:21:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
updatepostecanada.ca/file/adsct
91.229.90.152200 OK 43 B URL HTTP/2 updatepostecanada.ca/file/adsct
IP 91.229.90.152:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /file/adsct HTTP/1.1
Host: updatepostecanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Cookie: PHPSESSID=2bfcf33a954edc497cb86e62b1add9e3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 08 Sep 2022 08:59:48 GMT
etag: "2b-6319af04-929db486b860283f;;;"
accept-ranges: bytes
content-length: 43
date: Sat, 17 Dec 2022 00:21:05 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
updatepostecanada.ca/file/adsct(1)
91.229.90.152200 OK 43 B URL HTTP/2 updatepostecanada.ca/file/adsct(1)
IP 91.229.90.152:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /file/adsct(1) HTTP/1.1
Host: updatepostecanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Cookie: PHPSESSID=2bfcf33a954edc497cb86e62b1add9e3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 08 Sep 2022 08:59:48 GMT
etag: "2b-6319af04-97d10ddd4e8b2931;;;"
accept-ranges: bytes
content-length: 43
date: Sat, 17 Dec 2022 00:21:05 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
updatepostecanada.ca/file/remove_screen_capture.png
91.229.90.152200 OK 857 B URL HTTP/2 updatepostecanada.ca/file/remove_screen_capture.png
IP 91.229.90.152:0
File type PNG image data, 128 x 128, 8-bit gray+alpha, non-interlaced\012- data
Hash e4387ea5cc65d51d08a60765f46cbbcb
f8314def36b28e99c28cda0f4369e4786bf18ca4
37f7e4cae3c3a409193078169c5731a142552e04ca3bbb19c85e87432ce58afb
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
GET /file/remove_screen_capture.png HTTP/1.1
Host: updatepostecanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Cookie: PHPSESSID=2bfcf33a954edc497cb86e62b1add9e3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 00:21:05 GMT
content-type: image/png
last-modified: Thu, 08 Sep 2022 08:59:48 GMT
etag: "359-6319af04-92550dd399c729f0;;;"
accept-ranges: bytes
content-length: 857
date: Sat, 17 Dec 2022 00:21:05 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 385bad1390edf4dc694548a3f7b16281
57536fa694ef8306c436a37dbfc2f82af2344120
e6ad8e17f7b82dc9b46e5e99a73b59fa284fa72cf737dada269da9cf856b7736
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 00:21:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 385bad1390edf4dc694548a3f7b16281
57536fa694ef8306c436a37dbfc2f82af2344120
e6ad8e17f7b82dc9b46e5e99a73b59fa284fa72cf737dada269da9cf856b7736
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 00:21:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash adcdbcc032f763fb6df3452d06cec25f
92a7bf8209930989013619971c6abf39b5c639d4
25ac98be2316dd7238a2ef038b27642270be777b7425bbfcdb1ca09f8bedcb5f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 00:21:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://updatepostecanada.ca
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Dec 2022 19:33:54 GMT
expires: Thu, 14 Dec 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 190031
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8cffeaa037aa43ee5dd38d9bf940f0ec
385130d35323155499a61e73e16a9d9e7a6448b5
2938e838bf98de278488e22b736756400136c887e31b44fc608c4da2a07e6ae4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 00:21:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
updatepostecanada.ca/
91.229.90.152200 OK 82 kB IP 91.229.90.152:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (7181)
Hash b76c5a0faf59869785f63a4fbcb20e05
1af92f2b327569255b2796c61eef9ef8707a039e
407e467d99d25dff43fc3f44a07f447fda0e3aeb09ad486a3b9b7265a1d88556
Analyzer Verdict Alert openphish Canada Post
fortinet Phishing
GET / HTTP/1.1
Host: updatepostecanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
set-cookie: PHPSESSID=2bfcf33a954edc497cb86e62b1add9e3; path=/; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding,User-Agent
date: Sat, 17 Dec 2022 00:21:04 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash adcdbcc032f763fb6df3452d06cec25f
92a7bf8209930989013619971c6abf39b5c639d4
25ac98be2316dd7238a2ef038b27642270be777b7425bbfcdb1ca09f8bedcb5f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 00:21:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=DC-9852050
172.217.21.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=DC-9852050
IP 172.217.21.168:0
File type ASCII text, with very long lines (1921)
Hash 712c687640f59449e5b734c0f86c573a
4eb0fd8b23e36599e1e684f2b135a31c81ba7d0c
9935590651aebed0c2dedb74c413aa5f2a30aba24630d89c056e108635c3acce
GET /gtag/js?id=DC-9852050 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 17 Dec 2022 00:21:05 GMT
expires: Sat, 17 Dec 2022 00:21:05 GMT
cache-control: private, max-age=900
last-modified: Sat, 17 Dec 2022 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44103
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=DC-9852050&l=dataLayer&cx=c
172.217.21.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=DC-9852050&l=dataLayer&cx=c
IP 172.217.21.168:0
File type ASCII text, with very long lines (1921)
Hash e9e0855ccaf67d36c6cd3360cc8984ff
324d11459ea295c8c0ed2047b173a4c12db7879d
45bb463b9975887fbcaae2d5ea5927ae9b74a1c66bac938f05c8c40e5477e6c3
GET /gtag/js?id=DC-9852050&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 17 Dec 2022 00:21:05 GMT
expires: Sat, 17 Dec 2022 00:21:05 GMT
cache-control: private, max-age=900
last-modified: Sat, 17 Dec 2022 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44118
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e6589bfaad52d89dc81198596898c865
c2f1fd699f15ddd4e65898acf5c7e1ec9bd7976c
7ed946400aee5b4755d332a766d099d52c42f1770fc82bb5726eb3bb3fafa315
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1217
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 00:21:05 GMT
Last-Modified: Sat, 17 Dec 2022 00:00:48 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
assets.adobedtm.com/0ccf8b9a711f/6e634e5f652e/375d62bfc4b5/EXceb9b11658e548b18c0f3a95e66448d9-libraryCode_source.min.js
23.38.200.237200 OK 29 kB URL HTTP/2 assets.adobedtm.com/0ccf8b9a711f/6e634e5f652e/375d62bfc4b5/EXceb9b11658e548b18c0f3a95e66448d9-libraryCode_source.min.js
IP 23.38.200.237:0
File type ASCII text, with very long lines (32768)
Hash 6dfcf60bb5658880c8e992bf1dbc87f1
d9ca4a3418547e13ea676f89ebb396698bbc8d4d
ef2a249ff0a3c5ada19a94f9c7b62014f5e5957a0e17695fd3b6d3d9ce406e32
GET /0ccf8b9a711f/6e634e5f652e/375d62bfc4b5/EXceb9b11658e548b18c0f3a95e66448d9-libraryCode_source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "ba6bf7eaba51cdf2a7931c5056449aa7:1662066393.427966"
last-modified: Thu, 01 Sep 2022 21:06:33 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Sat, 17 Dec 2022 01:21:05 GMT
date: Sat, 17 Dec 2022 00:21:05 GMT
content-length: 28612
access-control-allow-origin: https://updatepostecanada.ca
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8cffeaa037aa43ee5dd38d9bf940f0ec
385130d35323155499a61e73e16a9d9e7a6448b5
2938e838bf98de278488e22b736756400136c887e31b44fc608c4da2a07e6ae4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 00:21:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 80994bccb5143c91415aa3355a96f676
ecdfe8e3c1c12371df91ef249fdb41609dc632a7
238e0ea882d88cff973303a7a40190fe8f103f988a50cc1804a2dc91248b896e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6153
Cache-Control: max-age=132774
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 00:21:05 GMT
Etag: "639c570e-1d7"
Expires: Sun, 18 Dec 2022 13:13:59 GMT
Last-Modified: Fri, 16 Dec 2022 11:31:26 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://updatepostecanada.ca
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 16 Dec 2022 13:33:13 GMT
expires: Sat, 16 Dec 2023 13:33:13 GMT
cache-control: public, max-age=31536000
age: 38872
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://updatepostecanada.ca
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Dec 2022 19:34:15 GMT
expires: Thu, 14 Dec 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 190010
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
updatepostecanada.ca/file/open_in_a_new_window.svg
91.229.90.152404 Not Found 708 B URL HTTP/2 updatepostecanada.ca/file/open_in_a_new_window.svg
IP 91.229.90.152:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 2382378378c002d88b9a507c712c3349
2e894db3808b554abadc8b144338ad9e2ea937ba
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /file/open_in_a_new_window.svg HTTP/1.1
Host: updatepostecanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/file/styles.css
Cookie: PHPSESSID=2bfcf33a954edc497cb86e62b1add9e3; AMCV_0C4E3704533345770A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C19344%7CvVersion%7C5.2.0; _gcl_au=1.1.117921188.1671236462; at_check=true; s_vnc7=1671841262455%26vn%3D1; s_ivc=true; mbox=session#af31878cf7944407884a62fa5eae21a6#1671238323
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 708
date: Sat, 17 Dec 2022 00:21:05 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://updatepostecanada.ca
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Dec 2022 19:33:56 GMT
expires: Thu, 14 Dec 2023 19:33:56 GMT
cache-control: public, max-age=31536000
age: 190029
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0C4E3704533345770A490D44%40AdobeOrg&d_nsid=0&ts=1671236462414
52.19.242.51302 Found 0 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0C4E3704533345770A490D44%40AdobeOrg&d_nsid=0&ts=1671236462414
IP 52.19.242.51:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0C4E3704533345770A490D44%40AdobeOrg&d_nsid=0&ts=1671236462414 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://updatepostecanada.ca
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://updatepostecanada.ca
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-1-v045-00c503e2b.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0C4E3704533345770A490D44%40AdobeOrg&d_nsid=0&ts=1671236462414
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=63916117742563017533048149573070638881; Max-Age=15552000; Expires=Thu, 15 Jun 2023 00:21:05 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: DhUKUcU9TAE=
Content-Length: 0
Connection: keep-alive
dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0C4E3704533345770A490D44%40AdobeOrg&d_nsid=0&ts=1671236462414
52.19.242.51200 OK 124 B URL HTTP/1.1 dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0C4E3704533345770A490D44%40AdobeOrg&d_nsid=0&ts=1671236462414
IP 52.19.242.51:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1f6783349ac4177ec3b3845fd520dca6
d84e7a43a8c8ff6f1a568ad6cb4162767f5b32b7
64bc30aa6a9d9e5396bb67c6af32c31f5ca6610641f0bdea10d759281df6adca
GET /id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0C4E3704533345770A490D44%40AdobeOrg&d_nsid=0&ts=1671236462414 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://updatepostecanada.ca
Content-Type: application/x-www-form-urlencoded
Referer: https://updatepostecanada.ca/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://updatepostecanada.ca
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-1-v045-05e780d2b.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-Error: 172
X-TID: XeGZQhrbT8g=
Content-Length: 124
Connection: keep-alive
www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/toolbar-cg/feedback.svg
23.61.214.200200 OK 382 B URL HTTP/1.1 www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/toolbar-cg/feedback.svg
IP 23.61.214.200:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (724), with no line terminators
Hash b86b3f712d7d1224f22ce80ab788d8bc
1015427d965943c5acfda2a2b96174c96a30e715
827930f77d0aee840f92563e8da302b30e9f0b196f923edd0f6305faf4ae7df0
GET /cpc/assets/cpc/img/icons/toolbar-cg/feedback.svg HTTP/1.1
Host: www.canadapost-postescanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: image/svg+xml
ETag: "5a78a638-2d4"
Last-Modified: Mon, 05 Feb 2018 18:45:12 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
content-security-policy-report-only: object-src 'none'; connect-src 'self' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.cpggpc.ca https://www.google-analytics.com https://siteintercept.qualtrics.com https://www.facebook.com https://sslstats.canadapost.ca https://*.wistia.com https://dpm.demdex.net https://csi.gstatic.com https://adservice.google.com https://*.googlesyndication.com https://*.g.doubleclick.net https://maps.googleapis.com https://vmss.boldchat.com https://www.linkedin.com https://canadapost.tt.omtrdc.net https://services.postcodeanywhere.co.uk https://embedwistia-a.akamaihd.net https://cdn.cookielaw.org https://geolocation.onetrust.com; font-src 'self' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://fonts.gstatic.com https://*.arcgis.com; form-action 'self' https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.canadapost.ca https://*.epost.ca https://www.facebook.com https://google.com; frame-ancestors 'self' https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.canadapost.ca; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.epost.ca https://*.cpggpc.ca https://www.adobetag.com https://assets.adobedtm.com https://siteintercept.qualtrics.com https://zn0xleir6swszany9-canadapostdigital.siteintercept.qualtrics.com https://connect.facebook.net https://snap.licdn.com https://z.moatads.com https://static.ads-twitter.com https://www.googletagmanager.com https://www.google.com https://www.googletagservices.com https://*.google-analytics.com https://*.googleadservices.com https://www.gstatic.com https://*.googlesyndication.com https://adservice.google.com https://adservice.google.ca https://maps.googleapis.com https://cdn.ampproject.org https://*.doubleclick.net https://*.twitter.com https://cdn.syndication.twimg.com https://dpm.demdex.net https://*.wistia.com https://*.frontlinesvc.com https://*.arcgis.com https://www.linkedin.com https://vmss.boldchat.com https://sb.scorecardresearch.com https://www.rnengage.com https://sjs.bizographics.com https://www.instagram.com https://secure.adnxs.com https://app.five9.com https://cdn.cookielaw.org; style-src 'self' 'unsafe-inline' https://*.frontlinesvc.com https://fonts.googleapis.com https://translate.googleapis.com https://*.twitter.com https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.epost.ca https://*.arcgis.com https://*.arcgisonline.com https://app.five9.com; report-uri https://www.canadapost-postescanada.ca/cwc/components/rs/csp-reports;
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
Cache-Control: max-age=86400, private
Expires: Mon, 03 Oct 2022 07:02:38 GMT
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
Content-Security-Policy: frame-ancestors 'self'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubdomains; preload
Content-Encoding: gzip
Content-Length: 382
Date: Sat, 17 Dec 2022 00:21:05 GMT
Connection: keep-alive
Vary: Accept-Encoding
www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/search.svg
23.61.214.200200 OK 218 B URL HTTP/1.1 www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/search.svg
IP 23.61.214.200:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (320), with no line terminators
Hash d3a621feba2c9afadc8e74c4f71021e1
5364a043f80e5dcbc81b81e86d406eedfc1b69a4
9616a4bbe31bf59f3ec6fd4a9f237bfb89d3424a45238b625b7f1620377d5401
GET /cpc/assets/cpc/img/icons/search.svg HTTP/1.1
Host: www.canadapost-postescanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: image/svg+xml
ETag: "5a78a621-140"
Last-Modified: Mon, 05 Feb 2018 18:44:49 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
content-security-policy-report-only: object-src 'none'; connect-src 'self' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.cpggpc.ca https://www.google-analytics.com https://siteintercept.qualtrics.com https://www.facebook.com https://sslstats.canadapost.ca https://*.wistia.com https://dpm.demdex.net https://csi.gstatic.com https://adservice.google.com https://*.googlesyndication.com https://*.g.doubleclick.net https://maps.googleapis.com https://vmss.boldchat.com https://www.linkedin.com https://canadapost.tt.omtrdc.net https://services.postcodeanywhere.co.uk https://embedwistia-a.akamaihd.net https://cdn.cookielaw.org https://geolocation.onetrust.com; font-src 'self' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://fonts.gstatic.com https://*.arcgis.com; form-action 'self' https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.canadapost.ca https://*.epost.ca https://www.facebook.com https://google.com; frame-ancestors 'self' https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.canadapost.ca; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.epost.ca https://*.cpggpc.ca https://www.adobetag.com https://assets.adobedtm.com https://siteintercept.qualtrics.com https://zn0xleir6swszany9-canadapostdigital.siteintercept.qualtrics.com https://connect.facebook.net https://snap.licdn.com https://z.moatads.com https://static.ads-twitter.com https://www.googletagmanager.com https://www.google.com https://www.googletagservices.com https://*.google-analytics.com https://*.googleadservices.com https://www.gstatic.com https://*.googlesyndication.com https://adservice.google.com https://adservice.google.ca https://maps.googleapis.com https://cdn.ampproject.org https://*.doubleclick.net https://*.twitter.com https://cdn.syndication.twimg.com https://dpm.demdex.net https://*.wistia.com https://*.frontlinesvc.com https://*.arcgis.com https://www.linkedin.com https://vmss.boldchat.com https://sb.scorecardresearch.com https://www.rnengage.com https://sjs.bizographics.com https://www.instagram.com https://secure.adnxs.com https://app.five9.com https://cdn.cookielaw.org; style-src 'self' 'unsafe-inline' https://*.frontlinesvc.com https://fonts.googleapis.com https://translate.googleapis.com https://*.twitter.com https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.epost.ca https://*.arcgis.com https://*.arcgisonline.com https://app.five9.com; report-uri https://www.canadapost-postescanada.ca/cwc/components/rs/csp-reports;
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
Cache-Control: max-age=86400, private
Expires: Thu, 15 Sep 2022 16:23:11 GMT
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
Content-Security-Policy: frame-ancestors 'self'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubdomains; preload
Content-Encoding: gzip
Content-Length: 218
Date: Sat, 17 Dec 2022 00:21:05 GMT
Connection: keep-alive
Vary: Accept-Encoding
updatepostecanada.ca/file/building_preview.gif
91.229.90.152200 OK 12 kB URL HTTP/2 updatepostecanada.ca/file/building_preview.gif
IP 91.229.90.152:0
File type GIF image data, version 89a, 113 x 108\012- data
Hash 3c3ba37130de5fe15faf97c18908283e
c15b49cb09745a9939315132e18f2e40fa2ccf22
9096646da2177d5db92f79352509450582a376913bb5387557c1efd28d0c377b
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
GET /file/building_preview.gif HTTP/1.1
Host: updatepostecanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Cookie: PHPSESSID=2bfcf33a954edc497cb86e62b1add9e3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 00:21:06 GMT
content-type: image/gif
last-modified: Thu, 08 Sep 2022 08:59:48 GMT
etag: "3030-6319af04-6df4338dab47aa05;;;"
accept-ranges: bytes
content-length: 12336
date: Sat, 17 Dec 2022 00:21:06 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
updatepostecanada.ca/file/saved_resource.html
91.229.90.152200 OK 26 kB URL HTTP/2 updatepostecanada.ca/file/saved_resource.html
IP 91.229.90.152:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32924)
Hash bd35c29135a1af2708922bce6bdc10eb
bf4d2621c0aa9f0366b4db67fc59699462ab3e18
79296535da9a03c5824e273b2c290ffbb8425c271a8855dab876f80a8bac4b42
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /file/saved_resource.html HTTP/1.1
Host: updatepostecanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Cookie: PHPSESSID=2bfcf33a954edc497cb86e62b1add9e3; AMCV_0C4E3704533345770A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C19344%7CvVersion%7C5.2.0; _gcl_au=1.1.117921188.1671236462; at_check=true; s_vnc7=1671841262455%26vn%3D1; s_ivc=true; mbox=session#af31878cf7944407884a62fa5eae21a6#1671238323
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Thu, 08 Sep 2022 09:31:06 GMT
etag: "dfa8-6319b65a-adf27ba10a50bbf6;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 26501
date: Sat, 17 Dec 2022 00:21:06 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
updatepostecanada.ca/file/tools_chevron.svg
91.229.90.152200 OK 1.2 kB URL HTTP/2 updatepostecanada.ca/file/tools_chevron.svg
IP 91.229.90.152:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (443)
Hash 31042bee295d59e22e5b20bced44b471
cf537ec24af539f9efbf896c6a17a526f201f680
393bc7ef57877b4038d74f319b27953f00edac0a5b08a3089d8e822dba2efa61
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /file/tools_chevron.svg HTTP/1.1
Host: updatepostecanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/file/tools.css
Cookie: PHPSESSID=2bfcf33a954edc497cb86e62b1add9e3; AMCV_0C4E3704533345770A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C19344%7CvVersion%7C5.2.0; _gcl_au=1.1.117921188.1671236462; at_check=true; s_vnc7=1671841262455%26vn%3D1; s_ivc=true; mbox=session#af31878cf7944407884a62fa5eae21a6#1671238323
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 00:21:06 GMT
content-type: image/svg+xml
last-modified: Thu, 08 Sep 2022 00:24:54 GMT
etag: "cf2-63193656-810e50d940ba8d88;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1244
date: Sat, 17 Dec 2022 00:21:06 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
updatepostecanada.ca/file/stylesheet.css
91.229.90.152200 OK 46 kB URL HTTP/2 updatepostecanada.ca/file/stylesheet.css
IP 91.229.90.152:0
File type Unicode text, UTF-8 text, with very long lines (559)
Hash ecf97ec8eb7cac32cfac8895eedc180c
23876e544c83043314cfd04300cadd25db5b6fcb
5cc44c0105308979daea3e15c524a33ad3a5949e23533a843590408df0f9365b
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
GET /file/stylesheet.css HTTP/1.1
Host: updatepostecanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/file/saved_resource.html
Cookie: PHPSESSID=2bfcf33a954edc497cb86e62b1add9e3; AMCV_0C4E3704533345770A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C19344%7CvVersion%7C5.2.0; _gcl_au=1.1.117921188.1671236462; at_check=true; s_vnc7=1671841262455%26vn%3D1; s_ivc=true; mbox=session#af31878cf7944407884a62fa5eae21a6#1671238323; s_gpv_url=https%3A%2F%2Fupdatepostecanada.ca%2F; QSI_HistorySession=https%3A%2F%2Fupdatepostecanada.ca%2F~1671236462806
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 00:21:06 GMT
content-type: text/css
last-modified: Thu, 08 Sep 2022 08:59:50 GMT
etag: "29454-6319af06-58975cae59568949;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 45859
date: Sat, 17 Dec 2022 00:21:06 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
snap.licdn.com/li.lms-analytics/insight.min.js
23.36.76.121200 OK 4.7 kB URL HTTP/2 snap.licdn.com/li.lms-analytics/insight.min.js
IP 23.36.76.121:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (13063)
Hash bf269a225d9de1d11c6e2747d12ffbfb
f3edd2899cced3e0ae6107c6837e954d8b4f1d86
38bcbdd59ce5cac7da632ad8788f5c520aa88d30a53af4cedeb9a989af4d0986
GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 15 Dec 2022 18:31:06 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=56792
date: Sat, 17 Dec 2022 00:21:06 GMT
content-length: 4654
x-cdn: AKAM
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 2dfba0647b4a8d12898d22e0ade84711
337999fec09d84544c7e8ccc5132c22aecb7c627
59a493558a1241f04e38269c4643375a594524bf7f76f139661c5cf36df4e2da
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 00:21:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c8a49c10c60b31f85897b10f4ec4cf83
a36d1f2e9c383be9d1e8f3582e4245848c737942
96090cb245f690b7cc9a8b4cd11b6fbb1eede6e139f3a5485c8e58196024e7bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 00:21:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c8a49c10c60b31f85897b10f4ec4cf83
a36d1f2e9c383be9d1e8f3582e4245848c737942
96090cb245f690b7cc9a8b4cd11b6fbb1eede6e139f3a5485c8e58196024e7bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 00:21:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0e5a8cf5962c05bf28a3b45f5c8745e2
9c5d7e8aeab26f9fd2e753ab4dc65d6fa8ea955f
f614642045fcd0ee373ed6cabe67514f4bb54c7fb4f1181b52eaec12d7e0479e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F614642045FCD0EE373ED6CABE67514F4BB54C7FB4F1181B52EAEC12D7E0479E"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2675
Expires: Sat, 17 Dec 2022 01:05:41 GMT
Date: Sat, 17 Dec 2022 00:21:06 GMT
Connection: keep-alive
www.google.com.hk/pagead/1p-user-list/10937558046/?random=1662540977733&cv=9&fst=1662537600000&num=1&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=1313587183&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.35200 OK 42 B URL HTTP/2 www.google.com.hk/pagead/1p-user-list/10937558046/?random=1662540977733&cv=9&fst=1662537600000&num=1&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=1313587183&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/10937558046/?random=1662540977733&cv=9&fst=1662537600000&num=1&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=1313587183&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 00:21:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0e5a8cf5962c05bf28a3b45f5c8745e2
9c5d7e8aeab26f9fd2e753ab4dc65d6fa8ea955f
f614642045fcd0ee373ed6cabe67514f4bb54c7fb4f1181b52eaec12d7e0479e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F614642045FCD0EE373ED6CABE67514F4BB54C7FB4F1181B52EAEC12D7E0479E"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2675
Expires: Sat, 17 Dec 2022 01:05:41 GMT
Date: Sat, 17 Dec 2022 00:21:06 GMT
Connection: keep-alive
www.google.com/pagead/1p-user-list/10937558046/?random=1662540977733&cv=9&fst=1662537600000&num=1&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=1313587183&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
216.58.207.228200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/10937558046/?random=1662540977733&cv=9&fst=1662537600000&num=1&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=1313587183&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 216.58.207.228:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/10937558046/?random=1662540977733&cv=9&fst=1662537600000&num=1&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=1313587183&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 00:21:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5b78c3c-24c2-48f2-958f-cdfa78f1e1ea.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5b78c3c-24c2-48f2-958f-cdfa78f1e1ea.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6f8fe2f78bb86d228cf165eb31101fd4
0ac6629b0ffb8a8027df8a70b2a8fe704e7d16b2
4ce9bc42db1dd638919faadfc32802e2b6289de61d1427dd8fd43f4d00e6eac0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5b78c3c-24c2-48f2-958f-cdfa78f1e1ea.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7506
x-amzn-requestid: 7f47b055-78b2-4323-b1b8-026c463ab255
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dOKjKFKcIAMF_hQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639bf147-66522f1e3abeb31450af768f;Sampled=0
x-amzn-remapped-date: Fri, 16 Dec 2022 04:17:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: nvXhZneb6zc0nczspwnytmWMFDmrfqKk9eOwQVES912ftd_AkUvJ0g==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Dec 2022 17:40:45 GMT
age: 24021
etag: "0ac6629b0ffb8a8027df8a70b2a8fe704e7d16b2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.google.com/pagead/conversion_async.js
216.58.207.228200 OK 15 kB URL HTTP/2 www.google.com/pagead/conversion_async.js
IP 216.58.207.228:0
File type ASCII text, with very long lines (1654)
Hash a230d90d4cbc810710479aa22bf8e7d7
6cf80adbb744cea7f99dceeb4895de23c9f7ad26
291b67426b9fa61219253b7c6ccfe3c85a67ca150de809edb029f1ea3fdbfb97
GET /pagead/conversion_async.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 17 Dec 2022 00:21:06 GMT
expires: Sat, 17 Dec 2022 00:21:06 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 7620521014390440643
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 15183
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0451e9f8-3fd9-47fc-b514-43008f53c76c.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0451e9f8-3fd9-47fc-b514-43008f53c76c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9a3a7ef8028514bc1687afffd5ab8748
c1258c5dc821250f9d2b80915d1fb3145e4f9f25
4fa357165b12c8bf9dcb1787c656e116ddfb741ca49738f124b949d120c39b65
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0451e9f8-3fd9-47fc-b514-43008f53c76c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9084
x-amzn-requestid: 20133c00-b720-4267-af84-ee1d25badc82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c3fOpFw3IAMFkog=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6392df2a-5bb082715c5a4c0a6f305988;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 07:09:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PkDXWyvIIGFLbhg_7l4f0w_dUNLdPnpK2bmJ8SikItBULsUlaTjB7A==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Dec 2022 03:35:11 GMT
age: 74755
etag: "c1258c5dc821250f9d2b80915d1fb3145e4f9f25"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.google.com.hk/pagead/1p-user-list/1011747518/?random=1662540977731&cv=9&fst=1662537600000&num=1&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=2483747102&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.35200 OK 42 B URL HTTP/2 www.google.com.hk/pagead/1p-user-list/1011747518/?random=1662540977731&cv=9&fst=1662537600000&num=1&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=2483747102&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1011747518/?random=1662540977731&cv=9&fst=1662537600000&num=1&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=2483747102&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 00:21:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/1011747518/?random=1662540977731&cv=9&fst=1662537600000&num=1&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=2483747102&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
216.58.207.228200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/1011747518/?random=1662540977731&cv=9&fst=1662537600000&num=1&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=2483747102&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 216.58.207.228:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1011747518/?random=1662540977731&cv=9&fst=1662537600000&num=1&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=2483747102&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 00:21:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/1011747518/?random=1662540977732&cv=9&fst=1662537600000&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=2097440824&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
216.58.207.228200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/1011747518/?random=1662540977732&cv=9&fst=1662537600000&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=2097440824&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 216.58.207.228:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1011747518/?random=1662540977732&cv=9&fst=1662537600000&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=2097440824&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 00:21:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F65c9cdbb-21b2-465b-8f75-329260ada5cc.webp
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F65c9cdbb-21b2-465b-8f75-329260ada5cc.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 86be9c16e4a62785e7f3a0cc8a956143
6cac191c918ff47d3e66e327e8c8a9c0fec9a88b
81dfec15eb1dc19acae5071663b9deaa9fa11f00378e36871c5b31a548a0626b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F65c9cdbb-21b2-465b-8f75-329260ada5cc.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8002
x-amzn-requestid: bcaeff23-947f-441a-8aea-1e0d54f2cc3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dQjD7GjdoAMFVIA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639ce54c-5fb0d9d76945c4f63d210806;Sampled=0
x-amzn-remapped-date: Fri, 16 Dec 2022 21:38:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: iWxLKwjIxP-hiy4A3yvosYlQAzRu0STuwy4K9LuqK77WphLXQH9m6A==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Dec 2022 21:40:19 GMT
age: 9647
etag: "6cac191c918ff47d3e66e327e8c8a9c0fec9a88b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3a453614ab648cb8db9d907c28c92dbb
73cfbea316527ded36c3fedb780eeefededb519d
639c7fe31bc216af691bff15dcd0a0a93dbffa0f650aa14dcf250660a9a36b2c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=110411
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 00:21:06 GMT
Etag: "639c17bd-1d7"
Expires: Sun, 18 Dec 2022 07:01:17 GMT
Last-Modified: Fri, 16 Dec 2022 07:01:17 GMT
Server: nginx
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 2dfba0647b4a8d12898d22e0ade84711
337999fec09d84544c7e8ccc5132c22aecb7c627
59a493558a1241f04e38269c4643375a594524bf7f76f139661c5cf36df4e2da
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 00:21:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6085eb00-52ff-4a58-911a-643f83befb1a.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6085eb00-52ff-4a58-911a-643f83befb1a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4c1242fcfdcc0d660643fdd840381276
373f442c8f29d0516d6e8ab0b300a4831507d097
7d3b391028766dc119f096bffc1b2b36a13e9e6704bd6f3ac2b6efaa14ddb10e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6085eb00-52ff-4a58-911a-643f83befb1a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12793
x-amzn-requestid: 52a830a9-13d5-4266-8f42-a37cad561422
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dKtB9ENxIAMF1Og=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639a8ed9-7e98fc9e2daba0d43238b6d3;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 03:04:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xUtUmKLbDlkvT2mfg7Tw3fDhhNeIQZncEWkd4PwPLjFQkQvk_pq4BQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Dec 2022 03:35:12 GMT
age: 74754
etag: "373f442c8f29d0516d6e8ab0b300a4831507d097"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F340d7003-71e4-4f8e-a457-d067d05e0525.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F340d7003-71e4-4f8e-a457-d067d05e0525.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dce7a87ac0852f838007018af2e83cb5
379f7844a18284958ec0250cc45f2c91ac1ddfcf
31a5191700b9d5c2e471c0e6db15d43f1804b61c6a0867340e8001c32a0dabb5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F340d7003-71e4-4f8e-a457-d067d05e0525.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11667
x-amzn-requestid: f8f1832c-4269-4c4b-83c0-4c2d8c2fdd8f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dQjC7GLSIAMFd4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639ce545-4c54f9704a32da245a90ab0d;Sampled=0
x-amzn-remapped-date: Fri, 16 Dec 2022 21:38:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: CrmrekFQeOTjAkIBgbGSNGN66ysdrtGK1uuzJV-b6nB1WFrOrtf1OA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Dec 2022 21:40:19 GMT
etag: "379f7844a18284958ec0250cc45f2c91ac1ddfcf"
content-type: image/jpeg
age: 9647
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab6b11b4-c340-467a-968f-ff8dff9eae90.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab6b11b4-c340-467a-968f-ff8dff9eae90.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a2c81b67adbfb8bf94378229e1edcfd8
4f8f964aa0b97794efa025d7dab09e802205ab26
1d2eba6d15e288a1ca66f0f3c6c055d7e390323bd0a8c9030ab528499b6503cb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab6b11b4-c340-467a-968f-ff8dff9eae90.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5851
x-amzn-requestid: 80799fe1-b9bf-4f9d-a5d0-18caae663a7a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dQjC5GeFIAMF_SA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639ce545-3db2e2d50b3a2a6865b56e3e;Sampled=0
x-amzn-remapped-date: Fri, 16 Dec 2022 21:38:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YLsxuwuas79rrcMWXiFPhFxtR9qQhVp763LFbrYsCW6L_R8ZiWr2jA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Dec 2022 21:40:28 GMT
age: 9638
etag: "4f8f964aa0b97794efa025d7dab09e802205ab26"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.google.com.hk/pagead/1p-user-list/1011747518/?random=1662540977732&cv=9&fst=1662537600000&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=2097440824&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.35200 OK 42 B URL HTTP/2 www.google.com.hk/pagead/1p-user-list/1011747518/?random=1662540977732&cv=9&fst=1662537600000&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=2097440824&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1011747518/?random=1662540977732&cv=9&fst=1662537600000&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=2097440824&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 00:21:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 2dfba0647b4a8d12898d22e0ade84711
337999fec09d84544c7e8ccc5132c22aecb7c627
59a493558a1241f04e38269c4643375a594524bf7f76f139661c5cf36df4e2da
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 00:21:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash b56a3548738502fa3cc2d975411a7900
e6584e903da8e7e6062fd14d0c927495f6819b83
8b4ed97669a9d9a093cb9b4c92f1676681ea9c279ac47105042fa922bb32057b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 00:21:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_0xleIR6sWSZaNY9&Q_CLIENTVERSION=1.76.1&Q_CLIENTTYPE=web
104.17.209.240200 OK 35 kB URL HTTP/2 siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_0xleIR6sWSZaNY9&Q_CLIENTVERSION=1.76.1&Q_CLIENTTYPE=web
IP 104.17.209.240:0
File type JSON data\012- , ASCII text, with very long lines (18586), with no line terminators
Hash 01d433b03446a9041501f179d9f922e3
43c8fe55360c473308f09052d66a7a9ad911caea
db7ef4d52d88e52653884392376cc66ceaaf200b07b0ecbae6ef8a5b01e958a1
POST /WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_0xleIR6sWSZaNY9&Q_CLIENTVERSION=1.76.1&Q_CLIENTTYPE=web HTTP/1.1
Host: siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 82
Origin: https://updatepostecanada.ca
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 17 Dec 2022 00:21:05 GMT
content-type: application/json
cf-ray: 77ab7f26ade00b39-OSL
access-control-allow-origin: https://updatepostecanada.ca
cache-control: no-store, no-cache, must-revalidate, max-age=0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
trace-id: 73875290be6be786
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=&time=1671236462119&url=https%3A%2F%2Fupdatepostecanada.ca%2F
13.107.42.14200 OK 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=&time=1671236462119&url=https%3A%2F%2Fupdatepostecanada.ca%2F
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=&time=1671236462119&url=https%3A%2F%2Fupdatepostecanada.ca%2F HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&e7a429c8-5867-4fbc-833a-68caf68a5381"; domain=.linkedin.com; Path=/; Secure; Expires=Sun, 17-Dec-2023 00:21:06 GMT; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2460:u=1:x=1:i=1671236466:t=1671322866:v=2:sig=AQGPLPhi_7mNMN1xRno0Tj9c2hLQUwaa"; Expires=Sun, 18 Dec 2022 00:21:06 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXv+w/rfhTHMIFWM7FerQ==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: BF60F75D15354AB79073EF08D0D17D58 Ref B: OSL30EDGE0214 Ref C: 2022-12-17T00:21:06Z
date: Sat, 17 Dec 2022 00:21:05 GMT
content-length: 0
X-Firefox-Spdy: h2
sb.scorecardresearch.com/b?c1=2&c2=6035946&cs_it=b3&cv=3.8.0.210223&ns__t=1671236463298&ns_c=UTF-8&c7=https%3A%2F%2Fupdatepostecanada.ca%2F&c8=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&c9=
143.204.55.8204 No Content 0 B URL HTTP/2 sb.scorecardresearch.com/b?c1=2&c2=6035946&cs_it=b3&cv=3.8.0.210223&ns__t=1671236463298&ns_c=UTF-8&c7=https%3A%2F%2Fupdatepostecanada.ca%2F&c8=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&c9=
IP 143.204.55.8:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b?c1=2&c2=6035946&cs_it=b3&cv=3.8.0.210223&ns__t=1671236463298&ns_c=UTF-8&c7=https%3A%2F%2Fupdatepostecanada.ca%2F&c8=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&c9= HTTP/1.1
Host: sb.scorecardresearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sat, 17 Dec 2022 00:21:06 GMT
set-cookie: UID=101a2a3728424f80f7e51b41671236466; domain=.scorecardresearch.com; path=/; max-age=62208000
x-cache: Miss from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: aIA3jY8KugFksV7ex1BKgOLQx0_gZC3DSFQhdkszzeoKMUUAajnL1Q==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c7752844f399cd1f7dfb1ca6131bd407
d63b2b783ce290d2e032da1f60999584ab171579
2079c3ea0b15311a93e9bb07c107f209637e040327fd80a15cd17989acb83b81
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 00:21:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c7752844f399cd1f7dfb1ca6131bd407
d63b2b783ce290d2e032da1f60999584ab171579
2079c3ea0b15311a93e9bb07c107f209637e040327fd80a15cd17989acb83b81
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 00:21:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.canadapost-postescanada.ca/cpc/assets/cpc/img/logos/favicon.ico
23.61.214.200200 OK 15 kB URL HTTP/1.1 www.canadapost-postescanada.ca/cpc/assets/cpc/img/logos/favicon.ico
IP 23.61.214.200:0
File type MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash b97eafae41beb90b3c3279fb07fdbc45
705234c0d283026cd13a35df046840f0aad05003
79abb9bc30ff5a68612b4e0967806186ed604f2dea0113e41e6069d6673b8a2b
GET /cpc/assets/cpc/img/logos/favicon.ico HTTP/1.1
Host: www.canadapost-postescanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 15086
Content-Type: image/x-icon
ETag: "596e5822-3aee"
Last-Modified: Tue, 18 Jul 2017 18:49:06 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
Cache-Control: max-age=86400, private
Expires: Mon, 06 Jun 2022 13:09:53 GMT
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
Content-Security-Policy: frame-ancestors 'self'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubdomains; preload
Date: Sat, 17 Dec 2022 00:21:06 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c7752844f399cd1f7dfb1ca6131bd407
d63b2b783ce290d2e032da1f60999584ab171579
2079c3ea0b15311a93e9bb07c107f209637e040327fd80a15cd17989acb83b81
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 00:21:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c7752844f399cd1f7dfb1ca6131bd407
d63b2b783ce290d2e032da1f60999584ab171579
2079c3ea0b15311a93e9bb07c107f209637e040327fd80a15cd17989acb83b81
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 00:21:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c7752844f399cd1f7dfb1ca6131bd407
d63b2b783ce290d2e032da1f60999584ab171579
2079c3ea0b15311a93e9bb07c107f209637e040327fd80a15cd17989acb83b81
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 00:21:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=0C4E3704533345770A490D44%40AdobeOrg&d_nsid=0&d_mid=41659159492178917272350436232787814595&ts=1671236463449
52.19.242.51200 OK 306 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=0C4E3704533345770A490D44%40AdobeOrg&d_nsid=0&d_mid=41659159492178917272350436232787814595&ts=1671236463449
IP 52.19.242.51:0
File type JSON data\012- , ASCII text, with very long lines (364), with no line terminators
Hash 60830d6c05c32ce73406eec18320b13f
1318f1c3be3965cdacb171eae9723c1f3ed548fa
2588939d2523b51b5807de4fa7fb0ff4e9f2adda95c366bd35b5b5a89bcc7d0b
GET /id?d_visid_ver=5.2.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=0C4E3704533345770A490D44%40AdobeOrg&d_nsid=0&d_mid=41659159492178917272350436232787814595&ts=1671236463449 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://updatepostecanada.ca
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://updatepostecanada.ca
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-2-v045-0284b356a.edge-irl1.demdex.com 2 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=41682944839557909922348313331823385052; Max-Age=15552000; Expires=Thu, 15 Jun 2023 00:21:06 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: 4XJiMEOrQRY=
Content-Length: 306
Connection: keep-alive
googleads.g.doubleclick.net/pagead/viewthroughconversion/1011747518/?random=1671236463368&cv=9&fst=1671236463368&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fupdatepostecanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=117921188.1671236462&hn=www.google.com&async=1&rfmt=3&fmt=4
216.58.207.226200 OK 1.0 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1011747518/?random=1671236463368&cv=9&fst=1671236463368&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fupdatepostecanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=117921188.1671236462&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 216.58.207.226:0
File type ASCII text, with very long lines (2599), with no line terminators
Hash d0c6f00661a71f13bd1b7c5138527cf4
181ecfa9bbd329c0299e96f84013dc5d11fb67a2
3adb5f49503de5ae214554629710662e032bd01832115413137659680c65c7ce
GET /pagead/viewthroughconversion/1011747518/?random=1671236463368&cv=9&fst=1671236463368&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fupdatepostecanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=117921188.1671236462&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 00:21:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1044
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 17-Dec-2022 00:36:06 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/1011747518/?random=1671236463364&cv=9&fst=1671236463364&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fupdatepostecanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=117921188.1671236462&hn=www.google.com&async=1&rfmt=3&fmt=4
216.58.207.226200 OK 968 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1011747518/?random=1671236463364&cv=9&fst=1671236463364&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fupdatepostecanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=117921188.1671236462&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 216.58.207.226:0
File type ASCII text, with very long lines (2253), with no line terminators
Hash ed20418ed94982b8a230cf1cf5b12ce7
e1124d4f3f9bef804aa1f8013f02d291a5fa95e4
4a3eff6ff18dc5e4cd79b16109a71b1d89c9f4b86d202f1d2170068709153b23
GET /pagead/viewthroughconversion/1011747518/?random=1671236463364&cv=9&fst=1671236463364&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fupdatepostecanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=117921188.1671236462&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 00:21:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 968
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 17-Dec-2022 00:36:06 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/10937558046/?random=1671236463380&cv=9&fst=1671236463380&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fupdatepostecanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=117921188.1671236462&hn=www.google.com&async=1&rfmt=3&fmt=4
216.58.207.226200 OK 973 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/10937558046/?random=1671236463380&cv=9&fst=1671236463380&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fupdatepostecanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=117921188.1671236462&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 216.58.207.226:0
File type ASCII text, with very long lines (2259), with no line terminators
Hash 8b184831c3a8e0d6acd2f3ae1671035f
70fb3baf4e78bd92aacb07ee508b9721b7d472eb
3c47041753c8786811ce20f147d262b0d6cb14044b1c10aaa17ead766ea09776
GET /pagead/viewthroughconversion/10937558046/?random=1671236463380&cv=9&fst=1671236463380&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fupdatepostecanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=117921188.1671236462&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 00:21:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 973
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 17-Dec-2022 00:36:06 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/1011747518/?random=1671236463370&cv=9&fst=1671236463370&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fupdatepostecanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=117921188.1671236462&hn=www.google.com&async=1&rfmt=3&fmt=4
216.58.207.226200 OK 972 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1011747518/?random=1671236463370&cv=9&fst=1671236463370&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fupdatepostecanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=117921188.1671236462&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 216.58.207.226:0
File type ASCII text, with very long lines (2257), with no line terminators
Hash 8ab688002a64cf9ece622792777fe1cb
4aaaf3d6e50ac79d670f3c87154b28547b91e564
2ba4bb7d94b601802bccfe990a565cc03b2662711591a7388c24bbfe809f91c3
GET /pagead/viewthroughconversion/1011747518/?random=1671236463370&cv=9&fst=1671236463370&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fupdatepostecanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=117921188.1671236462&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 00:21:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 972
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 17-Dec-2022 00:36:06 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/10937558046/?random=1671236463377&cv=9&fst=1671236463377&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fupdatepostecanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=117921188.1671236462&hn=www.google.com&async=1&rfmt=3&fmt=4
216.58.207.226200 OK 972 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/10937558046/?random=1671236463377&cv=9&fst=1671236463377&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fupdatepostecanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=117921188.1671236462&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 216.58.207.226:0
File type ASCII text, with very long lines (2259), with no line terminators
Hash 280e8aa6e91aa4608cfd6550965d0200
d12bd05e2a1a0d12acc075b770ca3aa4425211eb
10afc617b9a5098ac83381d946e4b8a4e5a8d04fe79610d8ed7a48e67c4b5b56
GET /pagead/viewthroughconversion/10937558046/?random=1671236463377&cv=9&fst=1671236463377&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fupdatepostecanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=117921188.1671236462&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 00:21:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 972
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 17-Dec-2022 00:36:06 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/1011747518/?random=1671236463371&cv=9&fst=1671236463371&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fupdatepostecanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=117921188.1671236462&hn=www.google.com&async=1&rfmt=3&fmt=4
216.58.207.226200 OK 1.0 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1011747518/?random=1671236463371&cv=9&fst=1671236463371&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fupdatepostecanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=117921188.1671236462&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 216.58.207.226:0
File type ASCII text, with very long lines (2599), with no line terminators
Hash 4bbcc7e45f265661e6eb201b4617ef14
575d40eb2a425f2e22a1bd02ee2c9534c1659b73
f88b9e70eb3f20b1db3c287c992eda89573cf9a6a0714edfd236a54048f0014e
GET /pagead/viewthroughconversion/1011747518/?random=1671236463371&cv=9&fst=1671236463371&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fupdatepostecanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=117921188.1671236462&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 00:21:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1044
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 17-Dec-2022 00:36:06 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c7752844f399cd1f7dfb1ca6131bd407
d63b2b783ce290d2e032da1f60999584ab171579
2079c3ea0b15311a93e9bb07c107f209637e040327fd80a15cd17989acb83b81
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 00:21:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.linkedin.oribi.io/partner/9198/domain/updatepostecanada.ca/token
54.230.111.112200 OK 0 B URL HTTP/2 cdn.linkedin.oribi.io/partner/9198/domain/updatepostecanada.ca/token
IP 54.230.111.112:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
OPTIONS /partner/9198/domain/updatepostecanada.ca/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://updatepostecanada.ca/
Origin: https://updatepostecanada.ca
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 0
date: Sat, 17 Dec 2022 00:01:27 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: content-type
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: EfLpHLH9RNo6VY-H5yIt3uFqiRr6fGpyvKbWh3tL2tH1tcsVP_mtXw==
age: 1178
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4bc6958887043441cd1d7dbd141bf356
318e931f54a9435c95a6f4a1f88c9c3adc5b3a3c
b4dac55cd75a1278372225f7a47d92e877055eca1c8ca82c976cb2cf6cfce838
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2104
Cache-Control: max-age=150664
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 00:21:06 GMT
Etag: "639cacc2-1d7"
Expires: Sun, 18 Dec 2022 18:12:10 GMT
Last-Modified: Fri, 16 Dec 2022 17:37:06 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
canadapost.tt.omtrdc.net/m2/canadapost/mbox/json?mbox=target-global-mbox&mboxSession=af31878cf7944407884a62fa5eae21a6&mboxPC=&mboxPage=68bab9ad2c1943d48511d2dd000dd5ff&mboxRid=7d7064a148654382b3cda6d518151a5b&mboxVersion=1.8.3&mboxCount=1&mboxTime=1671236462458&mboxHost=updatepostecanada.ca&mboxURL=https%3A%2F%2Fupdatepostecanada.ca%2F&mboxReferrer=&browserHeight=939&browserWidth=1280&browserTimeOffset=0&screenHeight=1024&screenWidth=1280&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&user.status=anonymous&visitNumber=1&user.profileType=anonymous&mboxMCSDID=7E8313A39A14E28F-441B05A1081356BC&vst.trk=sslstats.canadapost.ca&vst.trks=sslstats.canadapost.ca&mboxMCGVID=41659159492178917272350436232787814595
3.248.54.74200 OK 96 B URL HTTP/2 canadapost.tt.omtrdc.net/m2/canadapost/mbox/json?mbox=target-global-mbox&mboxSession=af31878cf7944407884a62fa5eae21a6&mboxPC=&mboxPage=68bab9ad2c1943d48511d2dd000dd5ff&mboxRid=7d7064a148654382b3cda6d518151a5b&mboxVersion=1.8.3&mboxCount=1&mboxTime=1671236462458&mboxHost=updatepostecanada.ca&mboxURL=https%3A%2F%2Fupdatepostecanada.ca%2F&mboxReferrer=&browserHeight=939&browserWidth=1280&browserTimeOffset=0&screenHeight=1024&screenWidth=1280&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&user.status=anonymous&visitNumber=1&user.profileType=anonymous&mboxMCSDID=7E8313A39A14E28F-441B05A1081356BC&vst.trk=sslstats.canadapost.ca&vst.trks=sslstats.canadapost.ca&mboxMCGVID=41659159492178917272350436232787814595
IP 3.248.54.74:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 3703a322577e662b4aa12d2682cee0e9
7876cdc65d408b34b075fc9837b3027cf0ba820e
95c610055dd21b6ed0afb2461c4ba6c7b3b8b6cade76899b2284b9b80be48e37
GET /m2/canadapost/mbox/json?mbox=target-global-mbox&mboxSession=af31878cf7944407884a62fa5eae21a6&mboxPC=&mboxPage=68bab9ad2c1943d48511d2dd000dd5ff&mboxRid=7d7064a148654382b3cda6d518151a5b&mboxVersion=1.8.3&mboxCount=1&mboxTime=1671236462458&mboxHost=updatepostecanada.ca&mboxURL=https%3A%2F%2Fupdatepostecanada.ca%2F&mboxReferrer=&browserHeight=939&browserWidth=1280&browserTimeOffset=0&screenHeight=1024&screenWidth=1280&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&user.status=anonymous&visitNumber=1&user.profileType=anonymous&mboxMCSDID=7E8313A39A14E28F-441B05A1081356BC&vst.trk=sslstats.canadapost.ca&vst.trks=sslstats.canadapost.ca&mboxMCGVID=41659159492178917272350436232787814595 HTTP/1.1
Host: canadapost.tt.omtrdc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://updatepostecanada.ca
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 17 Dec 2022 00:21:06 GMT
content-type: application/json;charset=UTF-8
content-length: 96
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://updatepostecanada.ca
access-control-allow-credentials: true
x-request-id: 7d7064a148654382b3cda6d518151a5b
pragma: no-cache
cache-control: no-cache
timing-allow-origin: *
X-Firefox-Spdy: h2
sb.scorecardresearch.com/beacon.js
143.204.55.8200 OK 1.9 kB URL HTTP/2 sb.scorecardresearch.com/beacon.js
IP 143.204.55.8:0
Hash 0e41b8b430b7e22b89b770bb5743817c
a5753451387b8308542ec34eddd9595d88dea531
916553ef19f58fce27413d4f1ee55394fe57085abf879089a70719b3c49c9fe2
GET /beacon.js HTTP/1.1
Host: sb.scorecardresearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Fri, 16 Dec 2022 06:23:39 GMT
cache-control: max-age=86400
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: -CFDaw6K0Uod2S-wUAy83QBzNC93i6Ij6UvhmghIHAvEQx863WNyOA==
age: 64649
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8b1f3ab941f9af9d95c8b8de3919330c
581032c8d194a696e353070d25165321504c0176
852cc4977786c9e7c01867e8d4fafc93fa44fd1c4c6d25a9986cf6856aff991c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 00:21:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8b1f3ab941f9af9d95c8b8de3919330c
581032c8d194a696e353070d25165321504c0176
852cc4977786c9e7c01867e8d4fafc93fa44fd1c4c6d25a9986cf6856aff991c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 00:21:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8b1f3ab941f9af9d95c8b8de3919330c
581032c8d194a696e353070d25165321504c0176
852cc4977786c9e7c01867e8d4fafc93fa44fd1c4c6d25a9986cf6856aff991c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 00:21:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8b1f3ab941f9af9d95c8b8de3919330c
581032c8d194a696e353070d25165321504c0176
852cc4977786c9e7c01867e8d4fafc93fa44fd1c4c6d25a9986cf6856aff991c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 00:21:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8b1f3ab941f9af9d95c8b8de3919330c
581032c8d194a696e353070d25165321504c0176
852cc4977786c9e7c01867e8d4fafc93fa44fd1c4c6d25a9986cf6856aff991c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 00:21:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/1011747518/?random=1671236463368&cv=9&fst=1671235200000&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fupdatepostecanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=1205432863&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.67200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1011747518/?random=1671236463368&cv=9&fst=1671235200000&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fupdatepostecanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=1205432863&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1011747518/?random=1671236463368&cv=9&fst=1671235200000&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fupdatepostecanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=1205432863&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 00:21:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/1011747518/?random=1671236463371&cv=9&fst=1671235200000&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fupdatepostecanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=1175472234&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.67200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1011747518/?random=1671236463371&cv=9&fst=1671235200000&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fupdatepostecanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=1175472234&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1011747518/?random=1671236463371&cv=9&fst=1671235200000&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fupdatepostecanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=1175472234&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 00:21:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/10937558046/?random=1671236463380&cv=9&fst=1671235200000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fupdatepostecanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=2229039166&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.67200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/10937558046/?random=1671236463380&cv=9&fst=1671235200000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fupdatepostecanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=2229039166&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/10937558046/?random=1671236463380&cv=9&fst=1671235200000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fupdatepostecanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=2229039166&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 00:21:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/1011747518/?random=1671236463364&cv=9&fst=1671235200000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fupdatepostecanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=58784054&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.67200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1011747518/?random=1671236463364&cv=9&fst=1671235200000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fupdatepostecanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=58784054&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1011747518/?random=1671236463364&cv=9&fst=1671235200000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fupdatepostecanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=58784054&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 00:21:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/1011747518/?random=1671236463370&cv=9&fst=1671235200000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fupdatepostecanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=4141182724&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.67200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1011747518/?random=1671236463370&cv=9&fst=1671235200000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fupdatepostecanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=4141182724&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1011747518/?random=1671236463370&cv=9&fst=1671235200000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fupdatepostecanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=4141182724&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 00:21:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
canadapost.demdex.net/dest5.html?d_nsid=0
52.17.126.234200 OK 2.8 kB URL HTTP/1.1 canadapost.demdex.net/dest5.html?d_nsid=0
IP 52.17.126.234:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Hash ccbdcb1e84c241950763ec4cd516cdfc
55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12
GET /dest5.html?d_nsid=0 HTTP/1.1
Host: canadapost.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Sat, 17 Dec 2022 00:21:06 GMT
DCS: dcs-prod-irl1-1-v045-04c35fc5e.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Fri, 28 Oct 2022 11:02:56 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: ymAORzhaRx8=
Content-Length: 2791
Connection: keep-alive
www.google.no/pagead/1p-user-list/10937558046/?random=1671236463377&cv=9&fst=1671235200000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fupdatepostecanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=3611102505&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.67200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/10937558046/?random=1671236463377&cv=9&fst=1671235200000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fupdatepostecanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=3611102505&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/10937558046/?random=1671236463377&cv=9&fst=1671235200000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fupdatepostecanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=3611102505&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 00:21:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
sslstats.canadapost.ca/b/ss/canadapostcapool/1/JS-2.5.0-LCUM/s44186626197408?AQB=1&ndh=1&pf=1&t=17%2F11%2F2022%200%3A21%3A3%206%200&sdid=7E8313A39A14E28F-441B05A1081356BC&mid=41659159492178917272350436232787814595&aamlh=6&ce=UTF-8&ns=canadapost&cdp=2&fpCookieDomainPeriods=2&pageName=cpc.ca%3A%20%3E%20en%20%3E%20common%20%3E%20psi%20%3E%20Postal%20indicia%20tool&g=https%3A%2F%2Fupdatepostecanada.ca%2F&c.&getVisitNum=4.2&endOfDatePeriod=1.2&.c&cc=CAD&ch=psi&server=updatepostecanada.ca&events=event96%3D12&aamb=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&h1=psi&c3=D%3DpageName&v3=D%3DpageName&c8=updatepostecanada.ca&c9=D%3DpageName&v9=D%3DpageName&c10=D%3DpageName&v10=D%3DpageName&c11=D%3DpageName&v11=D%3DpageName&c13=D%3DpageName&v13=D%3DpageName&c14=common&v14=common&c15=en&v15=en&c16=standard&v16=standard&c17=anonymous&v17=anonymous&c24=updatepostecanada.ca&v24=updatepostecanada.ca&v30=D%3Dv122&c34=19%3A00&v34=19%3A00&c35=Friday&v35=Friday&c36=weekday&v36=weekday&v37=First%20Visit&c39=New&v39=New&c56=None&v56=D%3Dc56&v69=D%3DUser-Agent&c70=D%3Dv70&v70=https%3A%2F%2Fupdatepostecanada.ca%2F&c72=12&v85=Saturday%202022-12-17&v122=anonymous&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=0C4E3704533345770A490D44%40AdobeOrg&AQE=1
13.36.218.177200 OK 43 B URL HTTP/2 sslstats.canadapost.ca/b/ss/canadapostcapool/1/JS-2.5.0-LCUM/s44186626197408?AQB=1&ndh=1&pf=1&t=17%2F11%2F2022%200%3A21%3A3%206%200&sdid=7E8313A39A14E28F-441B05A1081356BC&mid=41659159492178917272350436232787814595&aamlh=6&ce=UTF-8&ns=canadapost&cdp=2&fpCookieDomainPeriods=2&pageName=cpc.ca%3A%20%3E%20en%20%3E%20common%20%3E%20psi%20%3E%20Postal%20indicia%20tool&g=https%3A%2F%2Fupdatepostecanada.ca%2F&c.&getVisitNum=4.2&endOfDatePeriod=1.2&.c&cc=CAD&ch=psi&server=updatepostecanada.ca&events=event96%3D12&aamb=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&h1=psi&c3=D%3DpageName&v3=D%3DpageName&c8=updatepostecanada.ca&c9=D%3DpageName&v9=D%3DpageName&c10=D%3DpageName&v10=D%3DpageName&c11=D%3DpageName&v11=D%3DpageName&c13=D%3DpageName&v13=D%3DpageName&c14=common&v14=common&c15=en&v15=en&c16=standard&v16=standard&c17=anonymous&v17=anonymous&c24=updatepostecanada.ca&v24=updatepostecanada.ca&v30=D%3Dv122&c34=19%3A00&v34=19%3A00&c35=Friday&v35=Friday&c36=weekday&v36=weekday&v37=First%20Visit&c39=New&v39=New&c56=None&v56=D%3Dc56&v69=D%3DUser-Agent&c70=D%3Dv70&v70=https%3A%2F%2Fupdatepostecanada.ca%2F&c72=12&v85=Saturday%202022-12-17&v122=anonymous&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=0C4E3704533345770A490D44%40AdobeOrg&AQE=1
IP 13.36.218.177:0
File type GIF image data, version 89a, 2 x 2\012- data
Hash ad480fd0732d0f6f1a8b06359e3a42bb
a544538683a2dfe574eeb2e358ac8fcc78289d50
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
GET /b/ss/canadapostcapool/1/JS-2.5.0-LCUM/s44186626197408?AQB=1&ndh=1&pf=1&t=17%2F11%2F2022%200%3A21%3A3%206%200&sdid=7E8313A39A14E28F-441B05A1081356BC&mid=41659159492178917272350436232787814595&aamlh=6&ce=UTF-8&ns=canadapost&cdp=2&fpCookieDomainPeriods=2&pageName=cpc.ca%3A%20%3E%20en%20%3E%20common%20%3E%20psi%20%3E%20Postal%20indicia%20tool&g=https%3A%2F%2Fupdatepostecanada.ca%2F&c.&getVisitNum=4.2&endOfDatePeriod=1.2&.c&cc=CAD&ch=psi&server=updatepostecanada.ca&events=event96%3D12&aamb=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&h1=psi&c3=D%3DpageName&v3=D%3DpageName&c8=updatepostecanada.ca&c9=D%3DpageName&v9=D%3DpageName&c10=D%3DpageName&v10=D%3DpageName&c11=D%3DpageName&v11=D%3DpageName&c13=D%3DpageName&v13=D%3DpageName&c14=common&v14=common&c15=en&v15=en&c16=standard&v16=standard&c17=anonymous&v17=anonymous&c24=updatepostecanada.ca&v24=updatepostecanada.ca&v30=D%3Dv122&c34=19%3A00&v34=19%3A00&c35=Friday&v35=Friday&c36=weekday&v36=weekday&v37=First%20Visit&c39=New&v39=New&c56=None&v56=D%3Dc56&v69=D%3DUser-Agent&c70=D%3Dv70&v70=https%3A%2F%2Fupdatepostecanada.ca%2F&c72=12&v85=Saturday%202022-12-17&v122=anonymous&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=0C4E3704533345770A490D44%40AdobeOrg&AQE=1 HTTP/1.1
Host: sslstats.canadapost.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
date: Sat, 17 Dec 2022 00:21:06 GMT
expires: Fri, 16 Dec 2022 00:21:06 GMT
last-modified: Sun, 18 Dec 2022 00:21:06 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
etag: 3588952983205249024-4619740729771253204
vary: *
content-type: image/gif;charset=utf-8
content-length: 43
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8b1f3ab941f9af9d95c8b8de3919330c
581032c8d194a696e353070d25165321504c0176
852cc4977786c9e7c01867e8d4fafc93fa44fd1c4c6d25a9986cf6856aff991c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 00:21:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 598c54ccef3aeb519adff05ff8773be1
1372acb8de8613c15c97c6c3250aad1c8bb47cb8
6784f3f6ac1ee62a3310a8e70a3b6f0215fb72043a899b9de5d91aaa6ab10e63
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=136667
Date: Sat, 17 Dec 2022 00:21:06 GMT
Etag: "639c7a28-1d7"
Expires: Sun, 18 Dec 2022 14:18:53 GMT
Last-Modified: Fri, 16 Dec 2022 14:01:12 GMT
Server: ECS (nyb/1D14)
X-Cache: Miss from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ccKJY0DEU6C7RySGDP2W5d7XVrqdVY2f917TGhbEjVVSdrXcWxuUhA==
Age: 1061
cm.everesttech.net/cm/dd?d_uuid=41682944839557909922348313331823385052
54.229.62.148302 0 B URL HTTP/1.1 cm.everesttech.net/cm/dd?d_uuid=41682944839557909922348313331823385052
IP 54.229.62.148:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/dd?d_uuid=41682944839557909922348313331823385052 HTTP/1.1
Host: cm.everesttech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302
Date: Sat, 17 Dec 2022 00:21:06 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: everest_g_v2=g_surferid~Y50LcgAAANoLUQOV; Domain=.everesttech.net; Expires=Sun, 17-Dec-2023 00:21:06 GMT; Path=/
everest_session_v2=Y50LcgAAANoLUgOV; Domain=.everesttech.net; Path=/
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y50LcgAAANoLUQOV
Server: AMO-cookiemap/1.1
dpm.demdex.net/ibs:dpid=411&dpuuid=Y50LcgAAANoLUQOV
52.19.242.51302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=411&dpuuid=Y50LcgAAANoLUQOV
IP 52.19.242.51:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=411&dpuuid=Y50LcgAAANoLUQOV HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://updatepostecanada.ca/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-1-v045-0ff225fd5.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y50LcgAAANoLUQOV
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=83040709609492502171537060940144530071; Max-Age=15552000; Expires=Thu, 15 Jun 2023 00:21:07 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 8oBLbYMVQq8=
Content-Length: 0
Connection: keep-alive
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y50LcgAAANoLUQOV
52.19.242.51200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y50LcgAAANoLUQOV
IP 52.19.242.51:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y50LcgAAANoLUQOV HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://updatepostecanada.ca/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-2-v045-001bf2e72.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: 3T/kb8E5Rmw=
Content-Length: 59
Connection: keep-alive
siteintercept.qualtrics.com/dxjsmodule/1.7d5648fd7c0291d649aa.chunk.js?Q_CLIENTVERSION=1.82.1&Q_CLIENTTYPE=web&Q_BRANDID=canadapostdigital
104.17.209.240200 OK 0 B URL HTTP/2 siteintercept.qualtrics.com/dxjsmodule/1.7d5648fd7c0291d649aa.chunk.js?Q_CLIENTVERSION=1.82.1&Q_CLIENTTYPE=web&Q_BRANDID=canadapostdigital
IP 104.17.209.240:0
GET /dxjsmodule/1.7d5648fd7c0291d649aa.chunk.js?Q_CLIENTVERSION=1.82.1&Q_CLIENTTYPE=web&Q_BRANDID=canadapostdigital HTTP/1.1
Host: siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 17 Dec 2022 00:21:07 GMT
content-type: application/javascript
cf-ray: 77ab7f30cc100b39-OSL
access-control-allow-origin: *
age: 232481
cache-control: public, max-age=604800, s-maxage=604800
etag: W/"73bc-184eb224ae0"
last-modified: Wed, 07 Dec 2022 05:50:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify
cf-polished: origSize=29628
edge-control: max-age=604800
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
cdn.linkedin.oribi.io/partner/9198/domain/updatepostecanada.ca/token
54.230.111.112200 OK 0 B URL HTTP/2 cdn.linkedin.oribi.io/partner/9198/domain/updatepostecanada.ca/token
IP 54.230.111.112:0
GET /partner/9198/domain/updatepostecanada.ca/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://updatepostecanada.ca
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
date: Sat, 17 Dec 2022 00:01:28 GMT
access-control-allow-origin: *
cache-control: public, max-age=10064
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: o2vt-oR-_WvIJPnFUjs0ppbukOpxY8jdn5EyapgVVmKp_tb9h6VO0A==
age: 1178
X-Firefox-Spdy: h2
updatepostecanada.ca/file/js(1)
91.229.90.152200 OK 0 B URL HTTP/2 updatepostecanada.ca/file/js(1)
IP 91.229.90.152:0
Analyzer Verdict Alert openphish Canada Post
fortinet Phishing
GET /file/js(1) HTTP/1.1
Host: updatepostecanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Cookie: PHPSESSID=2bfcf33a954edc497cb86e62b1add9e3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 08 Sep 2022 08:59:42 GMT
etag: "1a1ac-6319aefe-a15312c4bef5f44d;;;"
accept-ranges: bytes
content-length: 106924
date: Sat, 17 Dec 2022 00:21:05 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;0,900;1,300;1,400;1,500;1,700;1,900&display=swap
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;0,900;1,300;1,400;1,500;1,700;1,900&display=swap
IP 142.250.74.106:0
GET /css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;0,900;1,300;1,400;1,500;1,700;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 17 Dec 2022 00:21:05 GMT
date: Sat, 17 Dec 2022 00:21:05 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.82.1&Q_CLIENTTYPE=web&Q_BRANDID=canadapostdigital
104.17.209.240200 OK 0 B URL HTTP/2 siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.82.1&Q_CLIENTTYPE=web&Q_BRANDID=canadapostdigital
IP 104.17.209.240:0
GET /dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.82.1&Q_CLIENTTYPE=web&Q_BRANDID=canadapostdigital HTTP/1.1
Host: siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 17 Dec 2022 00:21:07 GMT
content-type: application/javascript
cf-ray: 77ab7f307bd40b39-OSL
access-control-allow-origin: *
age: 232482
cache-control: public, max-age=604800, s-maxage=604800
etag: W/"19ba5-184eb224ae0"
last-modified: Wed, 07 Dec 2022 05:50:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify
cf-polished: origSize=105381
edge-control: max-age=604800
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
updatepostecanada.ca/file/js
91.229.90.152200 OK 0 B URL HTTP/2 updatepostecanada.ca/file/js
IP 91.229.90.152:0
Analyzer Verdict Alert openphish Canada Post
fortinet Phishing
GET /file/js HTTP/1.1
Host: updatepostecanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Cookie: PHPSESSID=2bfcf33a954edc497cb86e62b1add9e3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 08 Sep 2022 08:59:42 GMT
etag: "263c8-6319aefe-d797ae00f37b7363;;;"
accept-ranges: bytes
content-length: 156616
date: Sat, 17 Dec 2022 00:21:05 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
zn0xleir6swszany9-canadapostdigital.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_0xleIR6sWSZaNY9&Q_LOC=https%3A%2F%2Fupdatepostecanada.ca%2F&t=1671236463978
104.17.209.240200 OK 0 B URL HTTP/2 zn0xleir6swszany9-canadapostdigital.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_0xleIR6sWSZaNY9&Q_LOC=https%3A%2F%2Fupdatepostecanada.ca%2F&t=1671236463978
IP 104.17.209.240:0
GET /WRSiteInterceptEngine/?Q_ZID=ZN_0xleIR6sWSZaNY9&Q_LOC=https%3A%2F%2Fupdatepostecanada.ca%2F&t=1671236463978 HTTP/1.1
Host: zn0xleir6swszany9-canadapostdigital.siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 17 Dec 2022 00:21:07 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 77ab7f2fab4f0b39-OSL
access-control-allow-origin: *
age: 329491
cache-control: public, max-age=3600, s-maxage=604800
etag: W/"2127-GU0FAth0DUxdI3/tV1rpl6wukyo"
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify
cf-polished: origSize=8487
edge-control: max-age=604800
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
updatepostecanada.ca/file/satelliteLib-f2fc6f00da802a0747b6ffed3c12e3931bfca496.js
91.229.90.152200 OK 0 B URL HTTP/2 updatepostecanada.ca/file/satelliteLib-f2fc6f00da802a0747b6ffed3c12e3931bfca496.js
IP 91.229.90.152:0
Analyzer Verdict Alert openphish Canada Post
fortinet Phishing
GET /file/satelliteLib-f2fc6f00da802a0747b6ffed3c12e3931bfca496.js HTTP/1.1
Host: updatepostecanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://updatepostecanada.ca/
Cookie: PHPSESSID=2bfcf33a954edc497cb86e62b1add9e3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 00:21:05 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 08:59:42 GMT
etag: "96be1-6319aefe-36ed477f0cf99c1a;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 219464
date: Sat, 17 Dec 2022 00:21:05 GMT
server: LiteSpeed
X-Firefox-Spdy: h2