www.updatepostecanada.com/
91.229.90.152301 Moved Permanently 707 B URL HTTP/1.1 www.updatepostecanada.com/
IP 91.229.90.152:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET / HTTP/1.1
Host: www.updatepostecanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Sat, 17 Dec 2022 13:47:02 GMT
server: LiteSpeed
location: https://www.updatepostecanada.com/
vary: User-Agent
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 381442da2a14cb93770f4c8f6e19d35b
31c48467751e2450a63004c57eea0c7872023eaf
61b0985f47033bd7020ab3b8cdcbc6c17be6ab9b6feba69e006088b78e21c0f0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "61B0985F47033BD7020AB3B8CDCBC6C17BE6AB9B6FEBA69E006088B78E21C0F0"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2636
Expires: Sat, 17 Dec 2022 14:30:58 GMT
Date: Sat, 17 Dec 2022 13:47:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ae86164fd9297dfdc05d67d69284d70e
5e5f27e3fd492f715baa6820f05c0fafde4040b3
be20f6ae6a51d20611cb4d350b52a5d0a339af6722fe9b2482ef58826c1e9de0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE20F6AE6A51D20611CB4D350B52A5D0A339AF6722FE9B2482EF58826C1E9DE0"
Last-Modified: Thu, 15 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11164
Expires: Sat, 17 Dec 2022 16:53:06 GMT
Date: Sat, 17 Dec 2022 13:47:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 555fc6e99ad3bf077d1c4b9b805e428d
4e800fc8e809a950288df0e94992084647762561
fac00cada519279717e2a13528cb202d292fc92ed5eb42782c41f8e7b9509eaf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FAC00CADA519279717E2A13528CB202D292FC92ED5EB42782C41F8E7B9509EAF"
Last-Modified: Fri, 16 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7331
Expires: Sat, 17 Dec 2022 15:49:13 GMT
Date: Sat, 17 Dec 2022 13:47:02 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b44c4b5daa307a355e7bab1c83c1ca82
dbd14cd873f1dd4502f277b3f51cb7bc8da0c080
fd4604461cfa002c8a261bb14eb8dda56817db231b9012b2eb38d6dbc2674df5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Alert, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 17 Dec 2022 13:45:21 GMT
content-type: application/json
age: 101
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: cOP1nwwcxFQ+AxkD2l8DimiUS8BLtC9qLiZd1OmzvQdBiePNh6MzYgApLxep4OK22HeeEOOqBY06p8MUEM9QGg==
x-amz-request-id: TMTK1AK9XQKB7AP6
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 17 Dec 2022 12:53:39 GMT
age: 3203
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 17 Dec 2022 13:47:02 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bb0db61bf75a293d1dcf1c3e6d6e28d4
6017f98b94ffb8baf55d5dc24de7380230aa1d16
c3d65f3f9139c49949b0a1f14fe7780262b498311c6f543909313f48500b3d51
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C3D65F3F9139C49949B0A1F14FE7780262B498311C6F543909313F48500B3D51"
Last-Modified: Thu, 15 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21553
Expires: Sat, 17 Dec 2022 19:46:15 GMT
Date: Sat, 17 Dec 2022 13:47:02 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Backoff, Content-Length, Pragma, Alert, Expires, Last-Modified, Retry-After, ETag, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 17 Dec 2022 13:33:23 GMT
age: 820
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2d1752cd6eb7f48e7494373911a5b996
43d9c23c4d03cccce0fc478f0e12c0874dc762fd
aded7fd1d638c001b0b462fdfeee0549d2ed61b51ced88eb83690e2e20ed36d8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4459
Cache-Control: max-age=160447
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 13:47:03 GMT
Etag: "639d86ab-1d7"
Expires: Mon, 19 Dec 2022 10:21:10 GMT
Last-Modified: Sat, 17 Dec 2022 09:06:51 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
www.updatepostecanada.com/file/foundation-config.css
91.229.90.152200 OK 27 B URL HTTP/2 www.updatepostecanada.com/file/foundation-config.css
IP 91.229.90.152:0
File type ASCII text, with no line terminators
Hash 235e981df1f4eedaa0589ffda58717d6
d7e9f36ce7e793910b1cb8b3df49c60cd162a4f9
6ab579f7452650aa72688543ccc21851e03c767a3f04669321da4476e4f50ba0
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
GET /file/foundation-config.css HTTP/1.1
Host: www.updatepostecanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Cookie: PHPSESSID=a846a230c7658bf12597a697368d92c1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 13:47:03 GMT
content-type: text/css
last-modified: Thu, 08 Sep 2022 08:59:40 GMT
etag: "1b-6319aefc-d4b2b4f30ecac256;;;"
accept-ranges: bytes
content-length: 27
date: Sat, 17 Dec 2022 13:47:03 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
www.updatepostecanada.com/file/foundation.css
91.229.90.152200 OK 21 kB URL HTTP/2 www.updatepostecanada.com/file/foundation.css
IP 91.229.90.152:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash ecfa358523b89d4177ab5ef79e1034b9
1588304a284720f99380c5918496d9c39d78c7fd
aaeb42674f952520497dfb75f25aa78f1b4e1caf53ce50afd5629edf89e0b0e2
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
GET /file/foundation.css HTTP/1.1
Host: www.updatepostecanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Cookie: PHPSESSID=a846a230c7658bf12597a697368d92c1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 13:47:03 GMT
content-type: text/css
last-modified: Thu, 08 Sep 2022 08:59:40 GMT
etag: "18d9e-6319aefc-67a00c2112f23b2e;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 20922
date: Sat, 17 Dec 2022 13:47:03 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.updatepostecanada.com/file/normalize.css
91.229.90.152200 OK 995 B URL HTTP/2 www.updatepostecanada.com/file/normalize.css
IP 91.229.90.152:0
File type ASCII text, with very long lines (2011)
Hash fb47db9a73e62c29983c97245ff1a0b1
1d8e7bd48874522b8979c9ab2ae9ef09d3a6cf39
af66e48b3dde10dd39f871e0cd4326b1e3a5de75831584c7bab725c6bee03037
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
GET /file/normalize.css HTTP/1.1
Host: www.updatepostecanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Cookie: PHPSESSID=a846a230c7658bf12597a697368d92c1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 13:47:03 GMT
content-type: text/css
last-modified: Thu, 08 Sep 2022 08:59:40 GMT
etag: "7dc-6319aefc-4469a55a7dbf18be;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 995
date: Sat, 17 Dec 2022 13:47:03 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.updatepostecanada.com/file/cpc-main.css
91.229.90.152200 OK 106 kB URL HTTP/2 www.updatepostecanada.com/file/cpc-main.css
IP 91.229.90.152:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 106 kB (106391 bytes)
Hash 9d58a121cd7ad1bdd9538b2277109543
db0207b056b2b778b61fb6e990bf5ed3b3925026
d70ffbd592c403179b5912e0540969e4bacb22996f7eee7229914ae1406c2e91
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
GET /file/cpc-main.css HTTP/1.1
Host: www.updatepostecanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Cookie: PHPSESSID=a846a230c7658bf12597a697368d92c1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 13:47:03 GMT
content-type: text/css
last-modified: Thu, 08 Sep 2022 08:59:40 GMT
etag: "73970-6319aefc-b2d55d46c5d42317;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 106391
date: Sat, 17 Dec 2022 13:47:03 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.updatepostecanada.com/file/tools.css
91.229.90.152200 OK 1.1 kB URL HTTP/2 www.updatepostecanada.com/file/tools.css
IP 91.229.90.152:0
File type ASCII text, with CRLF line terminators
Hash f5c6a9a90cfaa8d0029a002047a15424
f086faefa9b3253507e739bdc27a7f3e8f8af687
16e3163fa66145a0c0faab909279df764a8b0dce5ed8f8e76cde383f89da6b3b
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
GET /file/tools.css HTTP/1.1
Host: www.updatepostecanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Cookie: PHPSESSID=a846a230c7658bf12597a697368d92c1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 13:47:03 GMT
content-type: text/css
last-modified: Thu, 08 Sep 2022 09:18:46 GMT
etag: "c74-6319b376-bbdc0dc38f180b6e;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1132
date: Sat, 17 Dec 2022 13:47:03 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.updatepostecanada.com/file/beacon.js
91.229.90.152200 OK 2.0 kB URL HTTP/2 www.updatepostecanada.com/file/beacon.js
IP 91.229.90.152:0
File type ASCII text, with very long lines (3936)
Hash cc337805f6ac7780832182130c1a7df7
1bff753e2dd2c04f8491c222cba4a0def7a41b59
e9846109d7ee4d10d6f3fa458da8a7b992beca036eed5d461a466e3e08445d4f
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /file/beacon.js HTTP/1.1
Host: www.updatepostecanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Cookie: PHPSESSID=a846a230c7658bf12597a697368d92c1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 13:47:03 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 08:59:40 GMT
etag: "f61-6319aefc-e260f03f5a22d1bd;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1969
date: Sat, 17 Dec 2022 13:47:03 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.updatepostecanada.com/file/f.txt
91.229.90.152200 OK 20 kB URL HTTP/2 www.updatepostecanada.com/file/f.txt
IP 91.229.90.152:0
File type ASCII text, with very long lines (1623)
Hash 0dfb86abfc05e7ec1e890311b24c4a39
aa8a4c0e356fa9c6699f66d952bd5640b9b6b365
4382b1d5203f422b6bffaa6f9b52f406a86b12615fa7692d378c95d41baa9596
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /file/f.txt HTTP/1.1
Host: www.updatepostecanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Cookie: PHPSESSID=a846a230c7658bf12597a697368d92c1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/plain
last-modified: Thu, 08 Sep 2022 08:59:40 GMT
etag: "a422-6319aefc-d3cb457cfdd4a119;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 19595
date: Sat, 17 Dec 2022 13:47:03 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.updatepostecanada.com/file/insight.min.js
91.229.90.152200 OK 3.4 kB URL HTTP/2 www.updatepostecanada.com/file/insight.min.js
IP 91.229.90.152:0
File type ASCII text, with very long lines (7751)
Hash 8db1005349ab554c09a98451fca04c6a
4e1318838a0869ebe3c0d6092042638044820b37
68b9c58408ccfcb50e671216c0f7d8bc868aa9a17ac5fc309c5f15b238f61ed0
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /file/insight.min.js HTTP/1.1
Host: www.updatepostecanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Cookie: PHPSESSID=a846a230c7658bf12597a697368d92c1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 13:47:03 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 08:59:42 GMT
etag: "1e48-6319aefe-6ea26168a0fc6ed2;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3363
date: Sat, 17 Dec 2022 13:47:03 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.updatepostecanada.com/file/614267586032718
91.229.90.152404 Not Found 708 B URL HTTP/2 www.updatepostecanada.com/file/614267586032718
IP 91.229.90.152:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 2382378378c002d88b9a507c712c3349
2e894db3808b554abadc8b144338ad9e2ea937ba
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /file/614267586032718 HTTP/1.1
Host: www.updatepostecanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Cookie: PHPSESSID=a846a230c7658bf12597a697368d92c1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 708
date: Sat, 17 Dec 2022 13:47:03 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
www.updatepostecanada.com/file/fbevents.js
91.229.90.152404 Not Found 708 B URL HTTP/2 www.updatepostecanada.com/file/fbevents.js
IP 91.229.90.152:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 2382378378c002d88b9a507c712c3349
2e894db3808b554abadc8b144338ad9e2ea937ba
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /file/fbevents.js HTTP/1.1
Host: www.updatepostecanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Cookie: PHPSESSID=a846a230c7658bf12597a697368d92c1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 708
date: Sat, 17 Dec 2022 13:47:03 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
www.updatepostecanada.com/file/modernizr.js
91.229.90.152200 OK 5.9 kB URL HTTP/2 www.updatepostecanada.com/file/modernizr.js
IP 91.229.90.152:0
File type Unicode text, UTF-8 text, with very long lines (12268)
Hash 45160d49cd70dfe6668255a450fdc0ee
dc6eaef70081628ded73ae5e04ad1993e7ff212e
31ad73b5011ba424c06fa79b72a8738c69db877c3203e1bedd6ff55e18d1d267
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /file/modernizr.js HTTP/1.1
Host: www.updatepostecanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Cookie: PHPSESSID=a846a230c7658bf12597a697368d92c1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 13:47:03 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 08:59:42 GMT
etag: "30f0-6319aefe-17d68fc37eb16546;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 5906
date: Sat, 17 Dec 2022 13:47:03 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.updatepostecanada.com/file/foundation.reveal.js
91.229.90.152200 OK 5.1 kB URL HTTP/2 www.updatepostecanada.com/file/foundation.reveal.js
IP 91.229.90.152:0
Hash 423a71ff03b19e39f33eec3ae8c9c31f
fd757da4b47c842ee4f1bac9cc5d5452a032b00f
e65f608f6c442d9dad3dd67feae03d90942bb211bba47e6c8b085e5e15641d9d
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /file/foundation.reveal.js HTTP/1.1
Host: www.updatepostecanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Cookie: PHPSESSID=a846a230c7658bf12597a697368d92c1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 13:47:03 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 08:59:42 GMT
etag: "4135-6319aefe-87f3aae49e3e01c4;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 5086
date: Sat, 17 Dec 2022 13:47:03 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.updatepostecanada.com/file/tools.js
91.229.90.152200 OK 122 B URL HTTP/2 www.updatepostecanada.com/file/tools.js
IP 91.229.90.152:0
Hash 0a55a61bc65245a773a3253aaf81e4f6
a2fd9ce6d25635b2138e640956c41fd65652f792
1e35a7196a71189199f08214fa6a5226661be7437810c6851a75e80e26bbe112
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /file/tools.js HTTP/1.1
Host: www.updatepostecanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Cookie: PHPSESSID=a846a230c7658bf12597a697368d92c1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 13:47:03 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 08:59:42 GMT
etag: "7a-6319aefe-9569c152a55f68d6;;;"
accept-ranges: bytes
content-length: 122
date: Sat, 17 Dec 2022 13:47:03 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
www.updatepostecanada.com/file/postal-guide.css
91.229.90.152200 OK 219 B URL HTTP/2 www.updatepostecanada.com/file/postal-guide.css
IP 91.229.90.152:0
Hash 2ee5ed7bd5030d2f8dce54670cf71745
5bfe846bb5ae8bfcb6246274559bea3cab9c8d78
43c1972f25c54d62c69c95d129d60ad4ac4c5b56cbd125e83169fd43fabffc7b
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
GET /file/postal-guide.css HTTP/1.1
Host: www.updatepostecanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Cookie: PHPSESSID=a846a230c7658bf12597a697368d92c1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 13:47:03 GMT
content-type: text/css
last-modified: Thu, 08 Sep 2022 09:26:50 GMT
etag: "177-6319b55a-15afb76bd3bd2ae0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 219
date: Sat, 17 Dec 2022 13:47:03 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.updatepostecanada.com/file/styles.css
91.229.90.152200 OK 16 kB URL HTTP/2 www.updatepostecanada.com/file/styles.css
IP 91.229.90.152:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash b9a0b278b86c1dfa2284228bf00c6260
2fc88034544b6640a1095db0a2ab2d6d55bf2b85
72cff4200659ac6b8367aacd599eded7d951844cda65f80ee6276ca24102e9e7
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
GET /file/styles.css HTTP/1.1
Host: www.updatepostecanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Cookie: PHPSESSID=a846a230c7658bf12597a697368d92c1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 13:47:03 GMT
content-type: text/css
last-modified: Thu, 08 Sep 2022 08:59:42 GMT
etag: "126b5-6319aefe-2a2bc23e4a0c244e;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 16124
date: Sat, 17 Dec 2022 13:47:03 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.updatepostecanada.com/file/uwt.js
91.229.90.152200 OK 22 kB URL HTTP/2 www.updatepostecanada.com/file/uwt.js
IP 91.229.90.152:0
File type ASCII text, with very long lines (57443), with no line terminators
Hash db2c157d6cc3fab7a1fda4ab2d05d979
e08005545c250c9211619a318e73b97cecc82af6
33340d1e06484b7a9e881f46816c9dd2533ba24d3905c28c3c63fbd3b6d728f2
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /file/uwt.js HTTP/1.1
Host: www.updatepostecanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Cookie: PHPSESSID=a846a230c7658bf12597a697368d92c1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 13:47:03 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 08:59:42 GMT
etag: "e063-6319aefe-b0b7c67a60bd0d81;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 21688
date: Sat, 17 Dec 2022 13:47:03 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.updatepostecanada.com/file/jquery.js
91.229.90.152200 OK 50 kB URL HTTP/2 www.updatepostecanada.com/file/jquery.js
IP 91.229.90.152:0
File type ASCII text, with very long lines (65451)
Hash 4503e93081774c975267a43be4e6f6aa
908860266a381934f3a9db5237e2c91682a09747
f8c6b239bc7542f8aa64f9b514375ec235481533cd81281bbd5e28a842b03f4d
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /file/jquery.js HTTP/1.1
Host: www.updatepostecanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Cookie: PHPSESSID=a846a230c7658bf12597a697368d92c1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 13:47:03 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 08:59:42 GMT
etag: "1b16c-6319aefe-68eccc0af9e706d3;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 49513
date: Sat, 17 Dec 2022 13:47:03 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.updatepostecanada.com/file/foundation.min.js
91.229.90.152200 OK 37 kB URL HTTP/2 www.updatepostecanada.com/file/foundation.min.js
IP 91.229.90.152:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (32024)
Hash f1b6d980c1b561066911d156489898c0
cd16908a596733dbda17291e685ce9c10c6c97da
8d5e71c86b4871e2eae33ebfdd220a275f9bc4a5012ae3b18b727729a0d01653
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /file/foundation.min.js HTTP/1.1
Host: www.updatepostecanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Cookie: PHPSESSID=a846a230c7658bf12597a697368d92c1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 13:47:03 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 08:59:42 GMT
etag: "190a5-6319aefe-6403dd8bf2294a63;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 36779
date: Sat, 17 Dec 2022 13:47:03 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.updatepostecanada.com/file/EXceb9b11658e548b18c0f3a95e66448d9-libraryCode_source.min.js
91.229.90.152200 OK 36 kB URL HTTP/2 www.updatepostecanada.com/file/EXceb9b11658e548b18c0f3a95e66448d9-libraryCode_source.min.js
IP 91.229.90.152:0
File type ASCII text, with very long lines (32768)
Hash 06f4f95ab30fcb0c8dfdd2efe22a5dec
b8c2ccbfdb8a94770ffa1f0e6e06b40ca2ab86fe
eba4ca63e1147de229e605ca8d2989f990cb1337bfa0fd55d92e18c1f9b0233f
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /file/EXceb9b11658e548b18c0f3a95e66448d9-libraryCode_source.min.js HTTP/1.1
Host: www.updatepostecanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Cookie: PHPSESSID=a846a230c7658bf12597a697368d92c1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 13:47:03 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 08:59:42 GMT
etag: "14b27-6319aefe-8a9e3a90b0e45ad4;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 36399
date: Sat, 17 Dec 2022 13:47:03 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.updatepostecanada.com/file/f(1).txt
91.229.90.152200 OK 1.2 kB URL HTTP/2 www.updatepostecanada.com/file/f(1).txt
IP 91.229.90.152:0
File type ASCII text, with very long lines (2402), with no line terminators
Hash 393ec35ff90e2758dbf9b112b9e06c5b
178c5426f0a547309a5ce601646d1e79d1508245
b49610c94d468aace72779c9c223d56e2a2a03215fd2d28991b2ad7c2d3f3cfe
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /file/f(1).txt HTTP/1.1
Host: www.updatepostecanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Cookie: PHPSESSID=a846a230c7658bf12597a697368d92c1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/plain
last-modified: Thu, 08 Sep 2022 08:59:44 GMT
etag: "962-6319af00-d8c28d659646dd0f;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1162
date: Sat, 17 Dec 2022 13:47:03 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.updatepostecanada.com/file/js(1)
91.229.90.152200 OK 107 kB URL HTTP/2 www.updatepostecanada.com/file/js(1)
IP 91.229.90.152:0
File type ASCII text, with very long lines (1615)
Size 107 kB (106924 bytes)
Hash 8db76da2ae8557f5ac7918807a8cfc0f
0538f9cd042428fb0552c10eb38eba3768f55bab
2a181651938ec7f59a29a52a9998392778602ae653f3ae7911de845986407e3f
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /file/js(1) HTTP/1.1
Host: www.updatepostecanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Cookie: PHPSESSID=a846a230c7658bf12597a697368d92c1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 08 Sep 2022 08:59:42 GMT
etag: "1a1ac-6319aefe-e88377baec14c06;;;"
accept-ranges: bytes
content-length: 106924
date: Sat, 17 Dec 2022 13:47:03 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
www.updatepostecanada.com/file/js(3)
91.229.90.152200 OK 107 kB URL HTTP/2 www.updatepostecanada.com/file/js(3)
IP 91.229.90.152:0
File type ASCII text, with very long lines (1615)
Size 107 kB (106890 bytes)
Hash 2872c8c0b367893cac4105e87dded92e
cc7495ce29491f93ce061609a1d0dfaed72bf58c
be497bd6cee5b026521ce6eb3c7937c84a02a83403a0417de3972f31116a4275
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /file/js(3) HTTP/1.1
Host: www.updatepostecanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Cookie: PHPSESSID=a846a230c7658bf12597a697368d92c1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 08 Sep 2022 08:59:42 GMT
etag: "1a18a-6319aefe-6b3f6d1bb0064587;;;"
accept-ranges: bytes
content-length: 106890
date: Sat, 17 Dec 2022 13:47:03 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.163.114.208101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.163.114.208:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: s9DE/SiN1xIJGSCBY4MLWQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: oV49IyJckLSSUSKMxT1MZKlXyEM=
www.updatepostecanada.com/file/f(3).txt
91.229.90.152200 OK 1.2 kB URL HTTP/2 www.updatepostecanada.com/file/f(3).txt
IP 91.229.90.152:0
File type ASCII text, with very long lines (2404), with no line terminators
Hash c75b6adc2c5861cd765bb75bc2365c0e
c22c68bdb2d2eb2a43c038e95af1fff3b901c11c
6f176d7bad9c26dfdc11a8381ebddb1f3de68f5dcdad4b8bc54aadd6512ed02d
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /file/f(3).txt HTTP/1.1
Host: www.updatepostecanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Cookie: PHPSESSID=a846a230c7658bf12597a697368d92c1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/plain
last-modified: Thu, 08 Sep 2022 08:59:44 GMT
etag: "964-6319af00-cefeb716a69e97ec;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1156
date: Sat, 17 Dec 2022 13:47:03 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.updatepostecanada.com/file/11.4dc17d50d8eb18566aef.chunk.js
91.229.90.152200 OK 25 kB URL HTTP/2 www.updatepostecanada.com/file/11.4dc17d50d8eb18566aef.chunk.js
IP 91.229.90.152:0
File type ASCII text, with very long lines (62147), with no line terminators
Hash af0ab8a976a04ea08c013ede72384e73
cc9137efa5cdc5e647f9c506e10ca3efa18032b3
f5ff7c8fd6f5b22a2f7e48fdd304ee0209e2a5cf95edb5a2e090fdb6ea69bbe2
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /file/11.4dc17d50d8eb18566aef.chunk.js HTTP/1.1
Host: www.updatepostecanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Cookie: PHPSESSID=a846a230c7658bf12597a697368d92c1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 13:47:03 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 08:59:44 GMT
etag: "f2c3-6319af00-9e471f50984fe049;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 24839
date: Sat, 17 Dec 2022 13:47:03 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.updatepostecanada.com/file/4.44a799399bc4cc3dbe48.chunk.js
91.229.90.152200 OK 898 B URL HTTP/2 www.updatepostecanada.com/file/4.44a799399bc4cc3dbe48.chunk.js
IP 91.229.90.152:0
File type ASCII text, with very long lines (1754), with no line terminators
Hash 1268bd975575d5969b4043e17d2fba23
426c61e0634245b49d08ee91458b848b37b1191c
cccd50c685ee0ca9e9a98ffba83d0d92064356d634deabf2939fb874e641937c
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /file/4.44a799399bc4cc3dbe48.chunk.js HTTP/1.1
Host: www.updatepostecanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Cookie: PHPSESSID=a846a230c7658bf12597a697368d92c1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 13:47:03 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 08:59:44 GMT
etag: "6da-6319af00-f8dc2b46e0477ac9;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 898
date: Sat, 17 Dec 2022 13:47:03 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.updatepostecanada.com/file/cpc-main-logo.svg
91.229.90.152200 OK 4.4 kB URL HTTP/2 www.updatepostecanada.com/file/cpc-main-logo.svg
IP 91.229.90.152:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (730)
Hash 7fc2f945db9a6c10452a18e2fb92bd30
e475feef4386402d5cbf33f8a38b17c1c5e66fb0
acb22ee1d5ce6a1c38ca05e244e1ee0cbbb542129afb5bcc11b0624d3f38ad2a
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /file/cpc-main-logo.svg HTTP/1.1
Host: www.updatepostecanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Cookie: PHPSESSID=a846a230c7658bf12597a697368d92c1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 13:47:03 GMT
content-type: image/svg+xml
last-modified: Thu, 08 Sep 2022 08:59:44 GMT
etag: "3037-6319af00-c9d2f1848efbbb7;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 4448
date: Sat, 17 Dec 2022 13:47:03 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.updatepostecanada.com/file/cpc-logo.svg
91.229.90.152200 OK 643 B URL HTTP/2 www.updatepostecanada.com/file/cpc-logo.svg
IP 91.229.90.152:0
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash df833f86ada6b6b5c2ab913f76a8fdf6
a8597a83f5c06de28ea27ade309ecab2d1d49b91
def3a80251ace03c22a14d01843f43a094a66af9ceb3dca11c7e9af9c0d42049
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /file/cpc-logo.svg HTTP/1.1
Host: www.updatepostecanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Cookie: PHPSESSID=a846a230c7658bf12597a697368d92c1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 13:47:03 GMT
content-type: image/svg+xml
last-modified: Thu, 08 Sep 2022 08:59:44 GMT
etag: "3aa-6319af00-75ab1da5e5ce8383;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 643
date: Sat, 17 Dec 2022 13:47:03 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.updatepostecanada.com/file/search.svg
91.229.90.152200 OK 231 B URL HTTP/2 www.updatepostecanada.com/file/search.svg
IP 91.229.90.152:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (320), with no line terminators
Hash e71d66200332fb2074c6eb30b3e6d8fc
5cc824a4a6282ed31dda41a64f64ee9820133e0a
a2c9675a12b9534e0653ecc6596148aa77fa3f8ea6421608f3031501726933dc
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /file/search.svg HTTP/1.1
Host: www.updatepostecanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Cookie: PHPSESSID=a846a230c7658bf12597a697368d92c1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 13:47:03 GMT
content-type: image/svg+xml
last-modified: Thu, 08 Sep 2022 08:59:44 GMT
etag: "140-6319af00-7a721a28df05652a;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 231
date: Sat, 17 Dec 2022 13:47:03 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.updatepostecanada.com/file/gov-canada-logo.svg
91.229.90.152200 OK 6.2 kB URL HTTP/2 www.updatepostecanada.com/file/gov-canada-logo.svg
IP 91.229.90.152:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2441)
Hash 1193ef2e5520c2168178eeaaa10dc6d3
330b20b7ef34e2be66827104970fa14eabc5e8f8
3f51e3a8aa85ec9fcf0f085f36a5d520b3d08d4a2598635a7eef659d1cff63f6
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /file/gov-canada-logo.svg HTTP/1.1
Host: www.updatepostecanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Cookie: PHPSESSID=a846a230c7658bf12597a697368d92c1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 13:47:03 GMT
content-type: image/svg+xml
last-modified: Thu, 08 Sep 2022 08:59:48 GMT
etag: "37b3-6319af04-931f4f4b9f01f243;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 6245
date: Sat, 17 Dec 2022 13:47:03 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.updatepostecanada.com/file/analytics.js
91.229.90.152200 OK 1.4 kB URL HTTP/2 www.updatepostecanada.com/file/analytics.js
IP 91.229.90.152:0
File type exported SGML document, ASCII text, with very long lines (832)
Hash 910fb242023a230516a0fb4a832ec55a
c1dee3dd93ed3b36289983ff28366be3a72b479b
34639c7c4dddbebb37789413b1cd2e2e747ca9666d64a3efb8b366bcd12ef721
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /file/analytics.js HTTP/1.1
Host: www.updatepostecanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Cookie: PHPSESSID=a846a230c7658bf12597a697368d92c1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 13:47:03 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 08:59:48 GMT
etag: "134d-6319af04-759403a78b7640fb;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1408
date: Sat, 17 Dec 2022 13:47:03 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.updatepostecanada.com/file/adsct
91.229.90.152200 OK 43 B URL HTTP/2 www.updatepostecanada.com/file/adsct
IP 91.229.90.152:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /file/adsct HTTP/1.1
Host: www.updatepostecanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Cookie: PHPSESSID=a846a230c7658bf12597a697368d92c1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 08 Sep 2022 08:59:48 GMT
etag: "2b-6319af04-67b64c63eebf5008;;;"
accept-ranges: bytes
content-length: 43
date: Sat, 17 Dec 2022 13:47:03 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
www.updatepostecanada.com/file/adsct(1)
91.229.90.152200 OK 43 B URL HTTP/2 www.updatepostecanada.com/file/adsct(1)
IP 91.229.90.152:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /file/adsct(1) HTTP/1.1
Host: www.updatepostecanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Cookie: PHPSESSID=a846a230c7658bf12597a697368d92c1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 08 Sep 2022 08:59:48 GMT
etag: "2b-6319af04-53fe0ffcdf9e56e6;;;"
accept-ranges: bytes
content-length: 43
date: Sat, 17 Dec 2022 13:47:03 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
www.updatepostecanada.com/file/saved_resource
91.229.90.152200 OK 7.3 kB URL HTTP/2 www.updatepostecanada.com/file/saved_resource
IP 91.229.90.152:0
File type ASCII text, with very long lines (6801)
Hash fde0df82113bedc394515cb3fb9b9c06
1e20cf816b890a02e28e8302a93f253cfc2b04e1
0b4b7dfd734b2da1c4989692d27d514c18c0f7c452125db673dfe9e133b4f56b
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /file/saved_resource HTTP/1.1
Host: www.updatepostecanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Cookie: PHPSESSID=a846a230c7658bf12597a697368d92c1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 08 Sep 2022 08:59:48 GMT
etag: "1c86-6319af04-ba258aa6cd9b3e07;;;"
accept-ranges: bytes
content-length: 7302
date: Sat, 17 Dec 2022 13:47:03 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
www.updatepostecanada.com/file/CoreModule.js
91.229.90.152200 OK 42 kB URL HTTP/2 www.updatepostecanada.com/file/CoreModule.js
IP 91.229.90.152:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash fd4e2e947aaee37543ef893459e0b58a
44ca11f4c25d63c1ee35f5c5e09ddc6d7bef2f28
5f80d9eb1e498fea9ca1847ddf3f6742cbd45ec24877f706350d9b75ef503560
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /file/CoreModule.js HTTP/1.1
Host: www.updatepostecanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Cookie: PHPSESSID=a846a230c7658bf12597a697368d92c1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 13:47:03 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 08:59:48 GMT
etag: "197ac-6319af04-e34120dfd7d15831;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 41452
date: Sat, 17 Dec 2022 13:47:03 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.updatepostecanada.com/file/UserDefinedHTMLModule.js
91.229.90.152200 OK 2.4 kB URL HTTP/2 www.updatepostecanada.com/file/UserDefinedHTMLModule.js
IP 91.229.90.152:0
File type ASCII text, with very long lines (6978), with no line terminators
Hash 88dc5dd79836a16ba727f57ca9db92e9
89d32abe957a7c1d7daf2a6e1bcc5a523b38a080
79e35c5308f3311bc956365c3a9f9bd681ec7ac75ebcf2478413e1b05b6b578f
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /file/UserDefinedHTMLModule.js HTTP/1.1
Host: www.updatepostecanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Cookie: PHPSESSID=a846a230c7658bf12597a697368d92c1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 13:47:03 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 08:59:48 GMT
etag: "1b42-6319af04-8af9d3d8477ebc41;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 2431
date: Sat, 17 Dec 2022 13:47:03 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.updatepostecanada.com/file/ScreenCaptureModule.js
91.229.90.152200 OK 9.3 kB URL HTTP/2 www.updatepostecanada.com/file/ScreenCaptureModule.js
IP 91.229.90.152:0
File type ASCII text, with very long lines (25906), with no line terminators
Hash 7d37c983e2addaed3db8fbeaf1bc2baa
00ec7e248dd7afa7af37c61a9129a730e15538b3
4029192db3850e3bd56e43aab501e69bd7a9687807d386ad6691d0cabeb248ba
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /file/ScreenCaptureModule.js HTTP/1.1
Host: www.updatepostecanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Cookie: PHPSESSID=a846a230c7658bf12597a697368d92c1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 13:47:03 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 08:59:48 GMT
etag: "6532-6319af04-7d21b6d7c353316a;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 9346
date: Sat, 17 Dec 2022 13:47:03 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.updatepostecanada.com/file/remove_screen_capture.png
91.229.90.152200 OK 857 B URL HTTP/2 www.updatepostecanada.com/file/remove_screen_capture.png
IP 91.229.90.152:0
File type PNG image data, 128 x 128, 8-bit gray+alpha, non-interlaced\012- data
Hash e4387ea5cc65d51d08a60765f46cbbcb
f8314def36b28e99c28cda0f4369e4786bf18ca4
37f7e4cae3c3a409193078169c5731a142552e04ca3bbb19c85e87432ce58afb
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
GET /file/remove_screen_capture.png HTTP/1.1
Host: www.updatepostecanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Cookie: PHPSESSID=a846a230c7658bf12597a697368d92c1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 13:47:03 GMT
content-type: image/png
last-modified: Thu, 08 Sep 2022 08:59:48 GMT
etag: "359-6319af04-71e1610bf46422df;;;"
accept-ranges: bytes
content-length: 857
date: Sat, 17 Dec 2022 13:47:03 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;0,900;1,300;1,400;1,500;1,700;1,900&display=swap
142.250.74.106200 OK 1.5 kB URL HTTP/2 fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;0,900;1,300;1,400;1,500;1,700;1,900&display=swap
IP 142.250.74.106:0
Hash 6d888a788116a21f02ac13a0d6777e8e
968ded120b8dbf64bbef4618678422af282b0761
b313ceaefc9b631699e5212392a2d0935c71e6a3fa6339090673db613e184c54
GET /css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;0,900;1,300;1,400;1,500;1,700;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 17 Dec 2022 13:47:03 GMT
date: Sat, 17 Dec 2022 13:47:03 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash adcdbcc032f763fb6df3452d06cec25f
92a7bf8209930989013619971c6abf39b5c639d4
25ac98be2316dd7238a2ef038b27642270be777b7425bbfcdb1ca09f8bedcb5f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 13:47:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.updatepostecanada.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Dec 2022 19:33:54 GMT
expires: Thu, 14 Dec 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 238389
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8cffeaa037aa43ee5dd38d9bf940f0ec
385130d35323155499a61e73e16a9d9e7a6448b5
2938e838bf98de278488e22b736756400136c887e31b44fc608c4da2a07e6ae4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 13:47:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8cffeaa037aa43ee5dd38d9bf940f0ec
385130d35323155499a61e73e16a9d9e7a6448b5
2938e838bf98de278488e22b736756400136c887e31b44fc608c4da2a07e6ae4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 13:47:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash adcdbcc032f763fb6df3452d06cec25f
92a7bf8209930989013619971c6abf39b5c639d4
25ac98be2316dd7238a2ef038b27642270be777b7425bbfcdb1ca09f8bedcb5f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 13:47:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=DC-9852050
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=DC-9852050
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 8c7ca2ea62b1c1c4fcde6cc7e51ccd9b
89fa4b8b411aa17e2060d26d147650b7fd68c340
7152e3c2a01105d241914de60c0487e7e3c465d09a191905b41048cfe3691ba3
GET /gtag/js?id=DC-9852050 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 17 Dec 2022 13:47:03 GMT
expires: Sat, 17 Dec 2022 13:47:03 GMT
cache-control: private, max-age=900
last-modified: Sat, 17 Dec 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44102
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
assets.adobedtm.com/0ccf8b9a711f/6e634e5f652e/375d62bfc4b5/EXceb9b11658e548b18c0f3a95e66448d9-libraryCode_source.min.js
2.18.172.233200 OK 29 kB URL HTTP/2 assets.adobedtm.com/0ccf8b9a711f/6e634e5f652e/375d62bfc4b5/EXceb9b11658e548b18c0f3a95e66448d9-libraryCode_source.min.js
IP 2.18.172.233:0
File type ASCII text, with very long lines (32768)
Hash 6dfcf60bb5658880c8e992bf1dbc87f1
d9ca4a3418547e13ea676f89ebb396698bbc8d4d
ef2a249ff0a3c5ada19a94f9c7b62014f5e5957a0e17695fd3b6d3d9ce406e32
GET /0ccf8b9a711f/6e634e5f652e/375d62bfc4b5/EXceb9b11658e548b18c0f3a95e66448d9-libraryCode_source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "ba6bf7eaba51cdf2a7931c5056449aa7:1662066393.427966"
last-modified: Thu, 01 Sep 2022 21:06:33 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Sat, 17 Dec 2022 14:47:03 GMT
date: Sat, 17 Dec 2022 13:47:03 GMT
content-length: 28612
access-control-allow-origin: https://www.updatepostecanada.com
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c28d8e0e24b5484f234063cc70733382
986091f68218cc884f8f67a9f441693e2dc3c237
b7b76113bd89cf0ba77b6534e36a3d930faece1ef724d469a949a22f99f49ee6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6089
Cache-Control: max-age=170742
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 13:47:03 GMT
Etag: "639da884-1d7"
Expires: Mon, 19 Dec 2022 13:12:45 GMT
Last-Modified: Sat, 17 Dec 2022 11:31:16 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8cffeaa037aa43ee5dd38d9bf940f0ec
385130d35323155499a61e73e16a9d9e7a6448b5
2938e838bf98de278488e22b736756400136c887e31b44fc608c4da2a07e6ae4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 13:47:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.updatepostecanada.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 16 Dec 2022 13:33:13 GMT
expires: Sat, 16 Dec 2023 13:33:13 GMT
cache-control: public, max-age=31536000
age: 87231
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.updatepostecanada.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Dec 2022 19:34:15 GMT
expires: Thu, 14 Dec 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 238369
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.updatepostecanada.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Dec 2022 19:33:56 GMT
expires: Thu, 14 Dec 2023 19:33:56 GMT
cache-control: public, max-age=31536000
age: 238388
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.updatepostecanada.com/file/open_in_a_new_window.svg
91.229.90.152404 Not Found 708 B URL HTTP/2 www.updatepostecanada.com/file/open_in_a_new_window.svg
IP 91.229.90.152:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 2382378378c002d88b9a507c712c3349
2e894db3808b554abadc8b144338ad9e2ea937ba
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /file/open_in_a_new_window.svg HTTP/1.1
Host: www.updatepostecanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/file/styles.css
Cookie: PHPSESSID=a846a230c7658bf12597a697368d92c1; AMCV_0C4E3704533345770A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C19344%7CvVersion%7C5.2.0; _gcl_au=1.1.2103685708.1671284821; at_check=true; s_vnc7=1671889620615%26vn%3D1; s_ivc=true; mbox=session#2a6db1ade950419785dadcb185cee85d#1671286681
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 708
date: Sat, 17 Dec 2022 13:47:04 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4179a93a79f675c5335663f88d3f170a
979395cf1efc2123d7d402373067c2d2533f7103
9e0624913435fdd60bb407ddc631785822811de74538283ef0bb5af56fc0ba4a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3352
Cache-Control: max-age=148547
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 13:47:04 GMT
Etag: "639d5c83-1d7"
Expires: Mon, 19 Dec 2022 07:02:51 GMT
Last-Modified: Sat, 17 Dec 2022 06:06:59 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0C4E3704533345770A490D44%40AdobeOrg&d_nsid=0&ts=1671284820580
52.30.48.135302 Found 0 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0C4E3704533345770A490D44%40AdobeOrg&d_nsid=0&ts=1671284820580
IP 52.30.48.135:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0C4E3704533345770A490D44%40AdobeOrg&d_nsid=0&ts=1671284820580 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://www.updatepostecanada.com
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.updatepostecanada.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v045-0a4852727.edge-irl1.demdex.com 2 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0C4E3704533345770A490D44%40AdobeOrg&d_nsid=0&ts=1671284820580
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=49363260328001740012250463993587126735; Max-Age=15552000; Expires=Thu, 15 Jun 2023 13:47:04 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: fF3dkCEKQYA=
Content-Length: 0
Connection: keep-alive
dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0C4E3704533345770A490D44%40AdobeOrg&d_nsid=0&ts=1671284820580
52.30.48.135200 OK 124 B URL HTTP/1.1 dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0C4E3704533345770A490D44%40AdobeOrg&d_nsid=0&ts=1671284820580
IP 52.30.48.135:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1f6783349ac4177ec3b3845fd520dca6
d84e7a43a8c8ff6f1a568ad6cb4162767f5b32b7
64bc30aa6a9d9e5396bb67c6af32c31f5ca6610641f0bdea10d759281df6adca
GET /id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0C4E3704533345770A490D44%40AdobeOrg&d_nsid=0&ts=1671284820580 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.updatepostecanada.com
Content-Type: application/x-www-form-urlencoded
Referer: https://www.updatepostecanada.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.updatepostecanada.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-2-v045-0687cfe76.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-Error: 172
X-TID: zZQy0uNzTTc=
Content-Length: 124
Connection: keep-alive
www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/search.svg
23.14.6.233200 OK 218 B URL HTTP/1.1 www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/search.svg
IP 23.14.6.233:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (320), with no line terminators
Hash d3a621feba2c9afadc8e74c4f71021e1
5364a043f80e5dcbc81b81e86d406eedfc1b69a4
9616a4bbe31bf59f3ec6fd4a9f237bfb89d3424a45238b625b7f1620377d5401
GET /cpc/assets/cpc/img/icons/search.svg HTTP/1.1
Host: www.canadapost-postescanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: image/svg+xml
ETag: "5a78a621-140"
Last-Modified: Mon, 05 Feb 2018 18:44:49 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
Cache-Control: max-age=86400, private
Expires: Thu, 17 Jun 2021 09:00:48 GMT
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
Content-Security-Policy: frame-ancestors 'self'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubdomains; preload
Content-Encoding: gzip
Content-Length: 218
Date: Sat, 17 Dec 2022 13:47:04 GMT
Connection: keep-alive
Vary: Accept-Encoding
www.googletagmanager.com/gtag/js?id=DC-9852050&l=dataLayer&cx=c
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=DC-9852050&l=dataLayer&cx=c
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 3173553819bf90d217e5ee0f9dfc99d9
af5f9e3dea1b0fb46b069810ff079bc38080cc25
49a7d4a347dae91d290a0f45f4fa93ba0c56c27fd0aa688b443b6bcb68161878
GET /gtag/js?id=DC-9852050&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 17 Dec 2022 13:47:04 GMT
expires: Sat, 17 Dec 2022 13:47:04 GMT
cache-control: private, max-age=900
last-modified: Sat, 17 Dec 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44118
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/toolbar-cg/feedback.svg
23.14.6.233200 OK 382 B URL HTTP/1.1 www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/toolbar-cg/feedback.svg
IP 23.14.6.233:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (724), with no line terminators
Hash b86b3f712d7d1224f22ce80ab788d8bc
1015427d965943c5acfda2a2b96174c96a30e715
827930f77d0aee840f92563e8da302b30e9f0b196f923edd0f6305faf4ae7df0
GET /cpc/assets/cpc/img/icons/toolbar-cg/feedback.svg HTTP/1.1
Host: www.canadapost-postescanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: image/svg+xml
ETag: "5a78a638-2d4"
Last-Modified: Mon, 05 Feb 2018 18:45:12 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
content-security-policy-report-only: object-src 'none'; connect-src 'self' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.cpggpc.ca https://www.google-analytics.com https://siteintercept.qualtrics.com https://www.facebook.com https://sslstats.canadapost.ca https://*.wistia.com https://dpm.demdex.net https://csi.gstatic.com https://adservice.google.com https://*.googlesyndication.com https://*.g.doubleclick.net https://maps.googleapis.com https://vmss.boldchat.com https://www.linkedin.com https://canadapost.tt.omtrdc.net https://services.postcodeanywhere.co.uk https://embedwistia-a.akamaihd.net https://cdn.cookielaw.org https://geolocation.onetrust.com; font-src 'self' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://fonts.gstatic.com https://*.arcgis.com; form-action 'self' https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.canadapost.ca https://*.epost.ca https://www.facebook.com https://google.com; frame-ancestors 'self' https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.canadapost.ca; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.epost.ca https://*.cpggpc.ca https://www.adobetag.com https://assets.adobedtm.com https://siteintercept.qualtrics.com https://zn0xleir6swszany9-canadapostdigital.siteintercept.qualtrics.com https://connect.facebook.net https://snap.licdn.com https://z.moatads.com https://static.ads-twitter.com https://www.googletagmanager.com https://www.google.com https://www.googletagservices.com https://*.google-analytics.com https://*.googleadservices.com https://www.gstatic.com https://*.googlesyndication.com https://adservice.google.com https://adservice.google.ca https://maps.googleapis.com https://cdn.ampproject.org https://*.doubleclick.net https://*.twitter.com https://cdn.syndication.twimg.com https://dpm.demdex.net https://*.wistia.com https://*.frontlinesvc.com https://*.arcgis.com https://www.linkedin.com https://vmss.boldchat.com https://sb.scorecardresearch.com https://www.rnengage.com https://sjs.bizographics.com https://www.instagram.com https://secure.adnxs.com https://app.five9.com https://cdn.cookielaw.org; style-src 'self' 'unsafe-inline' https://*.frontlinesvc.com https://fonts.googleapis.com https://translate.googleapis.com https://*.twitter.com https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.epost.ca https://*.arcgis.com https://*.arcgisonline.com https://app.five9.com; report-uri https://www.canadapost-postescanada.ca/cwc/components/rs/csp-reports;
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
Cache-Control: max-age=86400, private
Expires: Mon, 03 Oct 2022 07:02:38 GMT
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
Content-Security-Policy: frame-ancestors 'self'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubdomains; preload
Content-Encoding: gzip
Content-Length: 382
Date: Sat, 17 Dec 2022 13:47:04 GMT
Connection: keep-alive
Vary: Accept-Encoding
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 534517de7197b18f6a765e9a757c5adc
c34be0c2b74819341fb17bea644724b031f5cee0
8c393835d9a00aec5e1929d10a4a4b87e14adeb2615a55625640cf3f6e844ec0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 13:47:04 GMT
Server: ECS (amb/6B93)
Content-Length: 471
www.updatepostecanada.com/file/building_preview.gif
91.229.90.152200 OK 12 kB URL HTTP/2 www.updatepostecanada.com/file/building_preview.gif
IP 91.229.90.152:0
File type GIF image data, version 89a, 113 x 108\012- data
Hash 3c3ba37130de5fe15faf97c18908283e
c15b49cb09745a9939315132e18f2e40fa2ccf22
9096646da2177d5db92f79352509450582a376913bb5387557c1efd28d0c377b
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
GET /file/building_preview.gif HTTP/1.1
Host: www.updatepostecanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Cookie: PHPSESSID=a846a230c7658bf12597a697368d92c1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 13:47:04 GMT
content-type: image/gif
last-modified: Thu, 08 Sep 2022 08:59:48 GMT
etag: "3030-6319af04-5f9d993f695f3d3f;;;"
accept-ranges: bytes
content-length: 12336
date: Sat, 17 Dec 2022 13:47:04 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
www.updatepostecanada.com/file/saved_resource.html
91.229.90.152200 OK 26 kB URL HTTP/2 www.updatepostecanada.com/file/saved_resource.html
IP 91.229.90.152:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32924)
Hash bd35c29135a1af2708922bce6bdc10eb
bf4d2621c0aa9f0366b4db67fc59699462ab3e18
79296535da9a03c5824e273b2c290ffbb8425c271a8855dab876f80a8bac4b42
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /file/saved_resource.html HTTP/1.1
Host: www.updatepostecanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Cookie: PHPSESSID=a846a230c7658bf12597a697368d92c1; AMCV_0C4E3704533345770A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C19344%7CvVersion%7C5.2.0; _gcl_au=1.1.2103685708.1671284821; at_check=true; s_vnc7=1671889620615%26vn%3D1; s_ivc=true; mbox=session#2a6db1ade950419785dadcb185cee85d#1671286681
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Thu, 08 Sep 2022 09:31:06 GMT
etag: "dfa8-6319b65a-1d835e488cd0d4f2;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 26501
date: Sat, 17 Dec 2022 13:47:04 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.updatepostecanada.com/file/tools_chevron.svg
91.229.90.152200 OK 1.2 kB URL HTTP/2 www.updatepostecanada.com/file/tools_chevron.svg
IP 91.229.90.152:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (443)
Hash 31042bee295d59e22e5b20bced44b471
cf537ec24af539f9efbf896c6a17a526f201f680
393bc7ef57877b4038d74f319b27953f00edac0a5b08a3089d8e822dba2efa61
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
fortinet Phishing
GET /file/tools_chevron.svg HTTP/1.1
Host: www.updatepostecanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/file/tools.css
Cookie: PHPSESSID=a846a230c7658bf12597a697368d92c1; AMCV_0C4E3704533345770A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C19344%7CvVersion%7C5.2.0; _gcl_au=1.1.2103685708.1671284821; at_check=true; s_vnc7=1671889620615%26vn%3D1; s_ivc=true; mbox=session#2a6db1ade950419785dadcb185cee85d#1671286681
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 13:47:04 GMT
content-type: image/svg+xml
last-modified: Thu, 08 Sep 2022 00:24:54 GMT
etag: "cf2-63193656-85de471562b256f9;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1244
date: Sat, 17 Dec 2022 13:47:04 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.76.1&Q_CLIENTTYPE=web&Q_BRANDID=canadapostdigital
104.17.208.240200 OK 32 kB URL HTTP/2 siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.76.1&Q_CLIENTTYPE=web&Q_BRANDID=canadapostdigital
IP 104.17.208.240:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 16d82b4503a5a08c49c151d4501a8db4
3d53926a36c0b65fc81cffb4b054282419ec05c6
07d1def5c6dd20dbbf1e759e60faa46b533e890047ea23dbba16e156b97a514a
GET /dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.76.1&Q_CLIENTTYPE=web&Q_BRANDID=canadapostdigital HTTP/1.1
Host: siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 17 Dec 2022 13:47:04 GMT
content-type: application/javascript
cf-ray: 77b01bc74879b4f3-OSL
access-control-allow-origin: *
age: 273874
cache-control: public, max-age=604800, s-maxage=604800
etag: W/"19abd-182d0e95990"
last-modified: Wed, 24 Aug 2022 17:32:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify
cf-polished: origSize=105149
edge-control: max-age=604800
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0e5a8cf5962c05bf28a3b45f5c8745e2
9c5d7e8aeab26f9fd2e753ab4dc65d6fa8ea955f
f614642045fcd0ee373ed6cabe67514f4bb54c7fb4f1181b52eaec12d7e0479e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F614642045FCD0EE373ED6CABE67514F4BB54C7FB4F1181B52EAEC12D7E0479E"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8444
Expires: Sat, 17 Dec 2022 16:07:48 GMT
Date: Sat, 17 Dec 2022 13:47:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0e5a8cf5962c05bf28a3b45f5c8745e2
9c5d7e8aeab26f9fd2e753ab4dc65d6fa8ea955f
f614642045fcd0ee373ed6cabe67514f4bb54c7fb4f1181b52eaec12d7e0479e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F614642045FCD0EE373ED6CABE67514F4BB54C7FB4F1181B52EAEC12D7E0479E"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8444
Expires: Sat, 17 Dec 2022 16:07:48 GMT
Date: Sat, 17 Dec 2022 13:47:04 GMT
Connection: keep-alive
www.updatepostecanada.com/file/stylesheet.css
91.229.90.152200 OK 46 kB URL HTTP/2 www.updatepostecanada.com/file/stylesheet.css
IP 91.229.90.152:0
File type Unicode text, UTF-8 text, with very long lines (559)
Hash ecf97ec8eb7cac32cfac8895eedc180c
23876e544c83043314cfd04300cadd25db5b6fcb
5cc44c0105308979daea3e15c524a33ad3a5949e23533a843590408df0f9365b
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
openphish Canada Post
GET /file/stylesheet.css HTTP/1.1
Host: www.updatepostecanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/file/saved_resource.html
Cookie: PHPSESSID=a846a230c7658bf12597a697368d92c1; AMCV_0C4E3704533345770A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C19344%7CvVersion%7C5.2.0; _gcl_au=1.1.2103685708.1671284821; at_check=true; s_vnc7=1671889620615%26vn%3D1; s_ivc=true; mbox=session#2a6db1ade950419785dadcb185cee85d#1671286681; s_gpv_url=https%3A%2F%2Fwww.updatepostecanada.com%2F; QSI_HistorySession=https%3A%2F%2Fwww.updatepostecanada.com%2F~1671284820915
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 13:47:04 GMT
content-type: text/css
last-modified: Thu, 08 Sep 2022 08:59:50 GMT
etag: "29454-6319af06-5520fedb7c79bd1d;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 45859
date: Sat, 17 Dec 2022 13:47:04 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ae934ee-7c6e-4784-90fd-ef6c864097ef.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ae934ee-7c6e-4784-90fd-ef6c864097ef.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1c3454ef9b4c0d31eecf53e44471cecb
f1182e860380b637388fa7f90c36e0a8c9edd657
c474493452d48121f0050efdd197231909d3c9de0fccbe07bf5706162b848624
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ae934ee-7c6e-4784-90fd-ef6c864097ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7048
x-amzn-requestid: d2665a61-0c5f-429e-bd9c-f4c6aec4fe14
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dQjEvH6VIAMFd2Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639ce551-65d1775b5f07d8bf10beae48;Sampled=0
x-amzn-remapped-date: Fri, 16 Dec 2022 21:38:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OJNyzGWhcttjEcjKD669XnGbW8WYV_WzKlei6kkoRjgFR2jAhMRBwQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Dec 2022 21:49:11 GMT
age: 57473
etag: "f1182e860380b637388fa7f90c36e0a8c9edd657"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a0c4858-28d1-47b1-bfba-b4500f28eeae.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a0c4858-28d1-47b1-bfba-b4500f28eeae.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4fdbd1e175352e7ec7dc2a25f04a5a9d
954bdd8d6b2f3d0ec086631ecf1bbd76c6507fe2
bdba0c3d4509764e87db688c1b8086c309f4a2cbe95d1f2130ce01d184f2fa17
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a0c4858-28d1-47b1-bfba-b4500f28eeae.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9741
x-amzn-requestid: 5d9871d6-1512-4ffa-8b85-3c4c7595b723
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dEj3XGsxoAMFxIQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639819c8-7a65df352cc4e71e5aa518f8;Sampled=0
x-amzn-remapped-date: Tue, 13 Dec 2022 06:20:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _2xwG3Jz7sG9b8-JqXhu2knuIO_AyHIjOQ2luKB9Tk9NZnFNv8b8iQ==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Dec 2022 22:01:03 GMT
age: 56761
etag: "954bdd8d6b2f3d0ec086631ecf1bbd76c6507fe2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F340d7003-71e4-4f8e-a457-d067d05e0525.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F340d7003-71e4-4f8e-a457-d067d05e0525.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dce7a87ac0852f838007018af2e83cb5
379f7844a18284958ec0250cc45f2c91ac1ddfcf
31a5191700b9d5c2e471c0e6db15d43f1804b61c6a0867340e8001c32a0dabb5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F340d7003-71e4-4f8e-a457-d067d05e0525.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11667
x-amzn-requestid: f8f1832c-4269-4c4b-83c0-4c2d8c2fdd8f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dQjC7GLSIAMFd4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639ce545-4c54f9704a32da245a90ab0d;Sampled=0
x-amzn-remapped-date: Fri, 16 Dec 2022 21:38:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: CrmrekFQeOTjAkIBgbGSNGN66ysdrtGK1uuzJV-b6nB1WFrOrtf1OA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Dec 2022 21:40:19 GMT
age: 58005
etag: "379f7844a18284958ec0250cc45f2c91ac1ddfcf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F65c9cdbb-21b2-465b-8f75-329260ada5cc.webp
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F65c9cdbb-21b2-465b-8f75-329260ada5cc.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 86be9c16e4a62785e7f3a0cc8a956143
6cac191c918ff47d3e66e327e8c8a9c0fec9a88b
81dfec15eb1dc19acae5071663b9deaa9fa11f00378e36871c5b31a548a0626b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F65c9cdbb-21b2-465b-8f75-329260ada5cc.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8002
x-amzn-requestid: bcaeff23-947f-441a-8aea-1e0d54f2cc3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dQjD7GjdoAMFVIA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639ce54c-5fb0d9d76945c4f63d210806;Sampled=0
x-amzn-remapped-date: Fri, 16 Dec 2022 21:38:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lTaL4VGiiP30sAgykA1UmFV6qxCbS_3Aa5mXbKTwkG6deggokEkZFw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Dec 2022 22:01:03 GMT
age: 56761
etag: "6cac191c918ff47d3e66e327e8c8a9c0fec9a88b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
snap.licdn.com/li.lms-analytics/insight.min.js
95.101.11.57200 OK 4.7 kB URL HTTP/2 snap.licdn.com/li.lms-analytics/insight.min.js
IP 95.101.11.57:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (13063)
Hash bf269a225d9de1d11c6e2747d12ffbfb
f3edd2899cced3e0ae6107c6837e954d8b4f1d86
38bcbdd59ce5cac7da632ad8788f5c520aa88d30a53af4cedeb9a989af4d0986
GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 15 Dec 2022 18:31:06 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=86252
date: Sat, 17 Dec 2022 13:47:04 GMT
content-length: 4654
x-cdn: AKAM
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c8a49c10c60b31f85897b10f4ec4cf83
a36d1f2e9c383be9d1e8f3582e4245848c737942
96090cb245f690b7cc9a8b4cd11b6fbb1eede6e139f3a5485c8e58196024e7bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 13:47:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0e5a8cf5962c05bf28a3b45f5c8745e2
9c5d7e8aeab26f9fd2e753ab4dc65d6fa8ea955f
f614642045fcd0ee373ed6cabe67514f4bb54c7fb4f1181b52eaec12d7e0479e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F614642045FCD0EE373ED6CABE67514F4BB54C7FB4F1181B52EAEC12D7E0479E"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8444
Expires: Sat, 17 Dec 2022 16:07:48 GMT
Date: Sat, 17 Dec 2022 13:47:04 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff51ac90a-c2c5-496b-b25c-c63f50725d46.jpeg
34.120.237.76200 OK 3.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff51ac90a-c2c5-496b-b25c-c63f50725d46.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f07a84becb488cb02572fe128497847b
980c7c7808e8df6ba78b8f2567640b7d8f8e05a1
586d4afd9c889128c22ba61144df743d70a65b7b75b07a96f2cda821db1503af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff51ac90a-c2c5-496b-b25c-c63f50725d46.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3694
x-amzn-requestid: 49e877d8-c2cd-4497-8658-385caa25a6ae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dQjEbHJNIAMF8Mw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639ce54f-0c9c4b5d18502bdd5b3c9be9;Sampled=0
x-amzn-remapped-date: Fri, 16 Dec 2022 21:38:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: P_b17hLfntWIkfYHVfgiAvNgG0iZKOqFGLn8Tm56gD8E4NY9ftPYiQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Dec 2022 21:40:19 GMT
age: 58005
etag: "980c7c7808e8df6ba78b8f2567640b7d8f8e05a1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=0C4E3704533345770A490D44%40AdobeOrg&d_nsid=0&d_mid=43210982674820168081241383503604653047&ts=1671284821441
52.30.48.135200 OK 304 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=0C4E3704533345770A490D44%40AdobeOrg&d_nsid=0&d_mid=43210982674820168081241383503604653047&ts=1671284821441
IP 52.30.48.135:0
File type JSON data\012- , ASCII text, with very long lines (364), with no line terminators
Hash dbf5833d22a1e5c4521963721443e57a
0e249284c2c732a49b76dbb17870543e97724158
5ed2aa243c9ba00828fc9f3f3215b8db7876f019d394fa6801b36170f90f4f79
GET /id?d_visid_ver=5.2.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=0C4E3704533345770A490D44%40AdobeOrg&d_nsid=0&d_mid=43210982674820168081241383503604653047&ts=1671284821441 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://www.updatepostecanada.com
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.updatepostecanada.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-1-v045-0e6039550.edge-irl1.demdex.com 2 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=43231920283054072871239273283795380968; Max-Age=15552000; Expires=Thu, 15 Jun 2023 13:47:04 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: 5sf3uvunSLs=
Content-Length: 304
Connection: keep-alive
www.canadapost-postescanada.ca/cpc/assets/cpc/img/logos/favicon.ico
23.14.6.233200 OK 15 kB URL HTTP/1.1 www.canadapost-postescanada.ca/cpc/assets/cpc/img/logos/favicon.ico
IP 23.14.6.233:0
File type MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash b97eafae41beb90b3c3279fb07fdbc45
705234c0d283026cd13a35df046840f0aad05003
79abb9bc30ff5a68612b4e0967806186ed604f2dea0113e41e6069d6673b8a2b
GET /cpc/assets/cpc/img/logos/favicon.ico HTTP/1.1
Host: www.canadapost-postescanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 15086
Content-Type: image/x-icon
ETag: "596e5822-3aee"
Last-Modified: Tue, 18 Jul 2017 18:49:06 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
Cache-Control: max-age=86400, private
Expires: Mon, 06 Jun 2022 13:09:53 GMT
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
Content-Security-Policy: frame-ancestors 'self'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubdomains; preload
Date: Sat, 17 Dec 2022 13:47:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0e5a8cf5962c05bf28a3b45f5c8745e2
9c5d7e8aeab26f9fd2e753ab4dc65d6fa8ea955f
f614642045fcd0ee373ed6cabe67514f4bb54c7fb4f1181b52eaec12d7e0479e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F614642045FCD0EE373ED6CABE67514F4BB54C7FB4F1181B52EAEC12D7E0479E"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8444
Expires: Sat, 17 Dec 2022 16:07:48 GMT
Date: Sat, 17 Dec 2022 13:47:04 GMT
Connection: keep-alive
www.google.com/pagead/conversion_async.js
142.250.74.132200 OK 15 kB URL HTTP/2 www.google.com/pagead/conversion_async.js
IP 142.250.74.132:0
File type ASCII text, with very long lines (1654)
Hash a230d90d4cbc810710479aa22bf8e7d7
6cf80adbb744cea7f99dceeb4895de23c9f7ad26
291b67426b9fa61219253b7c6ccfe3c85a67ca150de809edb029f1ea3fdbfb97
GET /pagead/conversion_async.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 17 Dec 2022 13:47:04 GMT
expires: Sat, 17 Dec 2022 13:47:04 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 7620521014390440643
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 15183
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/1011747518/?random=1662540977732&cv=9&fst=1662537600000&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=2097440824&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
142.250.74.132200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/1011747518/?random=1662540977732&cv=9&fst=1662537600000&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=2097440824&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 142.250.74.132:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1011747518/?random=1662540977732&cv=9&fst=1662537600000&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=2097440824&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 13:47:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F716d5374-26a4-47e3-9c6a-62120a177040.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F716d5374-26a4-47e3-9c6a-62120a177040.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2fae5a52ce167de2a060dc814a744e98
4b108a79a4ad796a34f4b2b8950df907137680e3
61e1fe4a8c074a031e0628ca393449e42d70dcf3411481936c26c1fad7a5451b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F716d5374-26a4-47e3-9c6a-62120a177040.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9837
x-amzn-requestid: 7c104466-a4d8-4e03-94e6-79a18bd3bf54
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dQjWiEMlIAMFaaQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639ce5c3-4b0e776f4f0edd533795a6ee;Sampled=0
x-amzn-remapped-date: Fri, 16 Dec 2022 21:40:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XlYdfi_9fWjFtw83t9kvwNEzkpJSpsCtlZS3RLmUkk6FZqzVDvaIOg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Dec 2022 22:00:56 GMT
age: 56768
etag: "4b108a79a4ad796a34f4b2b8950df907137680e3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/10937558046/?random=1662540977733&cv=9&fst=1662537600000&num=1&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=1313587183&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
142.250.74.132200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/10937558046/?random=1662540977733&cv=9&fst=1662537600000&num=1&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=1313587183&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 142.250.74.132:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/10937558046/?random=1662540977733&cv=9&fst=1662537600000&num=1&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=1313587183&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 13:47:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 2dfba0647b4a8d12898d22e0ade84711
337999fec09d84544c7e8ccc5132c22aecb7c627
59a493558a1241f04e38269c4643375a594524bf7f76f139661c5cf36df4e2da
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 13:47:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c8a49c10c60b31f85897b10f4ec4cf83
a36d1f2e9c383be9d1e8f3582e4245848c737942
96090cb245f690b7cc9a8b4cd11b6fbb1eede6e139f3a5485c8e58196024e7bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 13:47:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 2dfba0647b4a8d12898d22e0ade84711
337999fec09d84544c7e8ccc5132c22aecb7c627
59a493558a1241f04e38269c4643375a594524bf7f76f139661c5cf36df4e2da
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 13:47:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com.hk/pagead/1p-user-list/10937558046/?random=1662540977733&cv=9&fst=1662537600000&num=1&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=1313587183&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.com.hk/pagead/1p-user-list/10937558046/?random=1662540977733&cv=9&fst=1662537600000&num=1&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=1313587183&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/10937558046/?random=1662540977733&cv=9&fst=1662537600000&num=1&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=1313587183&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 13:47:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 2dfba0647b4a8d12898d22e0ade84711
337999fec09d84544c7e8ccc5132c22aecb7c627
59a493558a1241f04e38269c4643375a594524bf7f76f139661c5cf36df4e2da
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 13:47:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/1p-user-list/1011747518/?random=1662540977731&cv=9&fst=1662537600000&num=1&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=2483747102&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
142.250.74.132200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/1011747518/?random=1662540977731&cv=9&fst=1662537600000&num=1&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=2483747102&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 142.250.74.132:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1011747518/?random=1662540977731&cv=9&fst=1662537600000&num=1&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=2483747102&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 13:47:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash b56a3548738502fa3cc2d975411a7900
e6584e903da8e7e6062fd14d0c927495f6819b83
8b4ed97669a9d9a093cb9b4c92f1676681ea9c279ac47105042fa922bb32057b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 13:47:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com.hk/pagead/1p-user-list/1011747518/?random=1662540977731&cv=9&fst=1662537600000&num=1&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=2483747102&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.com.hk/pagead/1p-user-list/1011747518/?random=1662540977731&cv=9&fst=1662537600000&num=1&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=2483747102&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1011747518/?random=1662540977731&cv=9&fst=1662537600000&num=1&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=2483747102&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 13:47:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4bc6958887043441cd1d7dbd141bf356
318e931f54a9435c95a6f4a1f88c9c3adc5b3a3c
b4dac55cd75a1278372225f7a47d92e877055eca1c8ca82c976cb2cf6cfce838
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4965
Cache-Control: max-age=105166
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 13:47:04 GMT
Etag: "639cacc2-1d7"
Expires: Sun, 18 Dec 2022 18:59:50 GMT
Last-Modified: Fri, 16 Dec 2022 17:37:06 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
www.google.com.hk/pagead/1p-user-list/1011747518/?random=1662540977732&cv=9&fst=1662537600000&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=2097440824&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.com.hk/pagead/1p-user-list/1011747518/?random=1662540977732&cv=9&fst=1662537600000&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=2097440824&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1011747518/?random=1662540977732&cv=9&fst=1662537600000&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=2097440824&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 13:47:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 2dfba0647b4a8d12898d22e0ade84711
337999fec09d84544c7e8ccc5132c22aecb7c627
59a493558a1241f04e38269c4643375a594524bf7f76f139661c5cf36df4e2da
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 13:47:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
px.ads.linkedin.com/collect?v=2&fmt=js&pid=&time=1671284820308&url=https%3A%2F%2Fwww.updatepostecanada.com%2F
13.107.42.14200 OK 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=&time=1671284820308&url=https%3A%2F%2Fwww.updatepostecanada.com%2F
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=&time=1671284820308&url=https%3A%2F%2Fwww.updatepostecanada.com%2F HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&e02db5da-6219-4b0a-86cf-f2d57dae69c2"; domain=.linkedin.com; Path=/; Secure; Expires=Sun, 17-Dec-2023 13:47:04 GMT; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2438:u=1:x=1:i=1671284824:t=1671371224:v=2:sig=AQGcSNwS8mDPtN73mT5mhHXwOgpiqZya"; Expires=Sun, 18 Dec 2022 13:47:04 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXwBlJM5J28FYzj6cyabg==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: B183F7A8B3CF443CAE58BA97F6DC1026 Ref B: OSL30EDGE0421 Ref C: 2022-12-17T13:47:04Z
date: Sat, 17 Dec 2022 13:47:04 GMT
content-length: 0
X-Firefox-Spdy: h2
canadapost.tt.omtrdc.net/m2/canadapost/mbox/json?mbox=target-global-mbox&mboxSession=2a6db1ade950419785dadcb185cee85d&mboxPC=&mboxPage=ca3d10115f7443ea824d3122294353b0&mboxRid=680d64bbb3f3405f9e262025706fd4a8&mboxVersion=1.8.3&mboxCount=1&mboxTime=1671284820617&mboxHost=www.updatepostecanada.com&mboxURL=https%3A%2F%2Fwww.updatepostecanada.com%2F&mboxReferrer=&browserHeight=939&browserWidth=1280&browserTimeOffset=0&screenHeight=1024&screenWidth=1280&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&user.status=anonymous&visitNumber=1&user.profileType=anonymous&mboxMCSDID=329BC8CAF2313CC7-3E9F69C2FAE1BEF5&vst.trk=sslstats.canadapost.ca&vst.trks=sslstats.canadapost.ca&mboxMCGVID=43210982674820168081241383503604653047
3.248.54.74200 OK 96 B URL HTTP/2 canadapost.tt.omtrdc.net/m2/canadapost/mbox/json?mbox=target-global-mbox&mboxSession=2a6db1ade950419785dadcb185cee85d&mboxPC=&mboxPage=ca3d10115f7443ea824d3122294353b0&mboxRid=680d64bbb3f3405f9e262025706fd4a8&mboxVersion=1.8.3&mboxCount=1&mboxTime=1671284820617&mboxHost=www.updatepostecanada.com&mboxURL=https%3A%2F%2Fwww.updatepostecanada.com%2F&mboxReferrer=&browserHeight=939&browserWidth=1280&browserTimeOffset=0&screenHeight=1024&screenWidth=1280&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&user.status=anonymous&visitNumber=1&user.profileType=anonymous&mboxMCSDID=329BC8CAF2313CC7-3E9F69C2FAE1BEF5&vst.trk=sslstats.canadapost.ca&vst.trks=sslstats.canadapost.ca&mboxMCGVID=43210982674820168081241383503604653047
IP 3.248.54.74:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 30bc7ff88bc731d7589986b87abe5dd9
abd66a58d84aec9422c79960b5b37acb19a8e508
e476aab3f7e8c3d5b2e605dbfc9261efdb22feb78acc9947dafdebfcab32e7a8
GET /m2/canadapost/mbox/json?mbox=target-global-mbox&mboxSession=2a6db1ade950419785dadcb185cee85d&mboxPC=&mboxPage=ca3d10115f7443ea824d3122294353b0&mboxRid=680d64bbb3f3405f9e262025706fd4a8&mboxVersion=1.8.3&mboxCount=1&mboxTime=1671284820617&mboxHost=www.updatepostecanada.com&mboxURL=https%3A%2F%2Fwww.updatepostecanada.com%2F&mboxReferrer=&browserHeight=939&browserWidth=1280&browserTimeOffset=0&screenHeight=1024&screenWidth=1280&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&user.status=anonymous&visitNumber=1&user.profileType=anonymous&mboxMCSDID=329BC8CAF2313CC7-3E9F69C2FAE1BEF5&vst.trk=sslstats.canadapost.ca&vst.trks=sslstats.canadapost.ca&mboxMCGVID=43210982674820168081241383503604653047 HTTP/1.1
Host: canadapost.tt.omtrdc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.updatepostecanada.com
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 17 Dec 2022 13:47:04 GMT
content-type: application/json;charset=UTF-8
content-length: 96
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://www.updatepostecanada.com
access-control-allow-credentials: true
x-request-id: 680d64bbb3f3405f9e262025706fd4a8
pragma: no-cache
cache-control: no-cache
timing-allow-origin: *
X-Firefox-Spdy: h2
sb.scorecardresearch.com/b?c1=2&c2=6035946&cs_it=b3&cv=3.8.0.210223&ns__t=1671284821445&ns_c=UTF-8&c7=https%3A%2F%2Fwww.updatepostecanada.com%2F&c8=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&c9=
143.204.55.8204 No Content 0 B URL HTTP/2 sb.scorecardresearch.com/b?c1=2&c2=6035946&cs_it=b3&cv=3.8.0.210223&ns__t=1671284821445&ns_c=UTF-8&c7=https%3A%2F%2Fwww.updatepostecanada.com%2F&c8=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&c9=
IP 143.204.55.8:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b?c1=2&c2=6035946&cs_it=b3&cv=3.8.0.210223&ns__t=1671284821445&ns_c=UTF-8&c7=https%3A%2F%2Fwww.updatepostecanada.com%2F&c8=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&c9= HTTP/1.1
Host: sb.scorecardresearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sat, 17 Dec 2022 13:47:04 GMT
set-cookie: UID=1F812cd514dbd82e6fa45061671284824; domain=.scorecardresearch.com; path=/; max-age=62208000
x-cache: Miss from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: XuSDxHKDRpOuUMVa4xW6yyBgqwIJnNug9f3rUoQKRQJHpWi7jmAB1g==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c7752844f399cd1f7dfb1ca6131bd407
d63b2b783ce290d2e032da1f60999584ab171579
2079c3ea0b15311a93e9bb07c107f209637e040327fd80a15cd17989acb83b81
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 13:47:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c7752844f399cd1f7dfb1ca6131bd407
d63b2b783ce290d2e032da1f60999584ab171579
2079c3ea0b15311a93e9bb07c107f209637e040327fd80a15cd17989acb83b81
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 13:47:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c7752844f399cd1f7dfb1ca6131bd407
d63b2b783ce290d2e032da1f60999584ab171579
2079c3ea0b15311a93e9bb07c107f209637e040327fd80a15cd17989acb83b81
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 13:47:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/10937558046/?random=1671284821530&cv=9&fst=1671284821530&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.updatepostecanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=2103685708.1671284821&hn=www.google.com&async=1&rfmt=3&fmt=4
172.217.21.162200 OK 976 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/10937558046/?random=1671284821530&cv=9&fst=1671284821530&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.updatepostecanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=2103685708.1671284821&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 172.217.21.162:0
File type ASCII text, with very long lines (2269), with no line terminators
Hash 5b868b9a5f9dcbc6607e3cc9e771c772
000b4177f4ada20df0a07cf3076d86a524594bc5
f31a6e6c8f691b817c1d093e1b78609fa34cb9c96c29fc4d30c7cae0d1ddf5dd
GET /pagead/viewthroughconversion/10937558046/?random=1671284821530&cv=9&fst=1671284821530&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.updatepostecanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=2103685708.1671284821&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 13:47:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 976
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 17-Dec-2022 14:02:05 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c7752844f399cd1f7dfb1ca6131bd407
d63b2b783ce290d2e032da1f60999584ab171579
2079c3ea0b15311a93e9bb07c107f209637e040327fd80a15cd17989acb83b81
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 13:47:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/1011747518/?random=1671284821518&cv=9&fst=1671284821518&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.updatepostecanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=2103685708.1671284821&hn=www.google.com&async=1&rfmt=3&fmt=4
172.217.21.162200 OK 974 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1011747518/?random=1671284821518&cv=9&fst=1671284821518&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.updatepostecanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=2103685708.1671284821&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 172.217.21.162:0
File type ASCII text, with very long lines (2267), with no line terminators
Hash 692ec4606b80e6c00a0ba882938ebe43
32c1426005adaed0f8ab2c0d91d3c20e112df084
94ea5670ebfebbf0aca8037d336869ff2db94cd5dbbcb6374f2537cd3f1eebbd
GET /pagead/viewthroughconversion/1011747518/?random=1671284821518&cv=9&fst=1671284821518&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.updatepostecanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=2103685708.1671284821&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 13:47:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 974
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 17-Dec-2022 14:02:05 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/1011747518/?random=1671284821526&cv=9&fst=1671284821526&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fwww.updatepostecanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=2103685708.1671284821&hn=www.google.com&async=1&rfmt=3&fmt=4
172.217.21.162200 OK 1.0 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1011747518/?random=1671284821526&cv=9&fst=1671284821526&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fwww.updatepostecanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=2103685708.1671284821&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 172.217.21.162:0
File type ASCII text, with very long lines (2609), with no line terminators
Hash 8b3de3fffc69535cb065e9a6a8c77897
37a5e9bcb6c463cab8f4eb0a7bf91aec2ccefc19
7688870a601d9b544e18059e64b62f3f17523682436d9c434f99a1ad40846cae
GET /pagead/viewthroughconversion/1011747518/?random=1671284821526&cv=9&fst=1671284821526&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fwww.updatepostecanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=2103685708.1671284821&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 13:47:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1045
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 17-Dec-2022 14:02:05 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c7752844f399cd1f7dfb1ca6131bd407
d63b2b783ce290d2e032da1f60999584ab171579
2079c3ea0b15311a93e9bb07c107f209637e040327fd80a15cd17989acb83b81
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 13:47:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/1011747518/?random=1671284821521&cv=9&fst=1671284821521&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fwww.updatepostecanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=2103685708.1671284821&hn=www.google.com&async=1&rfmt=3&fmt=4
172.217.21.162200 OK 1.0 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1011747518/?random=1671284821521&cv=9&fst=1671284821521&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fwww.updatepostecanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=2103685708.1671284821&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 172.217.21.162:0
File type ASCII text, with very long lines (2609), with no line terminators
Hash b6350434ffe7f716fdbc156595ccdd93
b1153f0c1ad7b49a9d396b27bf4f305e6499e454
3d66f23cf67e69c2ea7f732230a01d9c4faac6cfeb11fe01eb2f0334b2146dea
GET /pagead/viewthroughconversion/1011747518/?random=1671284821521&cv=9&fst=1671284821521&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fwww.updatepostecanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=2103685708.1671284821&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 13:47:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1048
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 17-Dec-2022 14:02:05 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
canadapost.demdex.net/dest5.html?d_nsid=0
52.16.99.144200 OK 2.8 kB URL HTTP/1.1 canadapost.demdex.net/dest5.html?d_nsid=0
IP 52.16.99.144:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Hash ccbdcb1e84c241950763ec4cd516cdfc
55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12
GET /dest5.html?d_nsid=0 HTTP/1.1
Host: canadapost.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Sat, 17 Dec 2022 13:47:05 GMT
DCS: dcs-prod-irl1-1-v045-093556e0f.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Fri, 28 Oct 2022 11:02:57 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: hnjcKzoVTV4=
Content-Length: 2791
Connection: keep-alive
googleads.g.doubleclick.net/pagead/viewthroughconversion/1011747518/?random=1671284821525&cv=9&fst=1671284821525&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.updatepostecanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=2103685708.1671284821&hn=www.google.com&async=1&rfmt=3&fmt=4
172.217.21.162200 OK 974 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1011747518/?random=1671284821525&cv=9&fst=1671284821525&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.updatepostecanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=2103685708.1671284821&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 172.217.21.162:0
File type ASCII text, with very long lines (2267), with no line terminators
Hash ab90e87f235404dfdf1bfac6108c6b8a
c27bffd2e60a5136fd3f4c518b5c633b1d14858c
46076a55fddb7b6befa4c22e55d3ed11ba6944603d1ae2ba93ee8a085db85155
GET /pagead/viewthroughconversion/1011747518/?random=1671284821525&cv=9&fst=1671284821525&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.updatepostecanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=2103685708.1671284821&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 13:47:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 974
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 17-Dec-2022 14:02:05 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/10937558046/?random=1671284821529&cv=9&fst=1671284821529&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.updatepostecanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=2103685708.1671284821&hn=www.google.com&async=1&rfmt=3&fmt=4
172.217.21.162200 OK 975 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/10937558046/?random=1671284821529&cv=9&fst=1671284821529&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.updatepostecanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=2103685708.1671284821&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 172.217.21.162:0
File type ASCII text, with very long lines (2269), with no line terminators
Hash dbad7af0a10b142d58210153524c9d9f
7726808d21d5f8c4f97f5709e834d2ad8ca76007
14a7e706a133fd2197c57c9af47d7c1475e77b829ae9eb3c723b696f6a125e5e
GET /pagead/viewthroughconversion/10937558046/?random=1671284821529&cv=9&fst=1671284821529&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.updatepostecanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=2103685708.1671284821&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 13:47:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 975
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 17-Dec-2022 14:02:05 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c7752844f399cd1f7dfb1ca6131bd407
d63b2b783ce290d2e032da1f60999584ab171579
2079c3ea0b15311a93e9bb07c107f209637e040327fd80a15cd17989acb83b81
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 13:47:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.linkedin.oribi.io/partner/9198/domain/updatepostecanada.com/token
54.230.111.78200 OK 0 B URL HTTP/2 cdn.linkedin.oribi.io/partner/9198/domain/updatepostecanada.com/token
IP 54.230.111.78:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
OPTIONS /partner/9198/domain/updatepostecanada.com/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://www.updatepostecanada.com/
Origin: https://www.updatepostecanada.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 0
date: Sat, 17 Dec 2022 02:52:18 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: content-type
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KLjBKZ8s1FumEZ2hdm2HoBDsMyo93eo5aeQRrkH82EKfG2WKN0mvlA==
age: 39286
X-Firefox-Spdy: h2
sslstats.canadapost.ca/b/ss/canadapostcapool/1/JS-2.5.0-LCUM/s84590592692194?AQB=1&ndh=1&pf=1&t=17%2F11%2F2022%2013%3A47%3A1%206%200&sdid=329BC8CAF2313CC7-3E9F69C2FAE1BEF5&mid=43210982674820168081241383503604653047&aamlh=6&ce=UTF-8&ns=canadapost&cdp=2&fpCookieDomainPeriods=2&pageName=cpc.ca%3A%20%3E%20en%20%3E%20common%20%3E%20psi%20%3E%20Postal%20indicia%20tool&g=https%3A%2F%2Fwww.updatepostecanada.com%2F&c.&getVisitNum=4.2&endOfDatePeriod=1.2&.c&cc=CAD&ch=psi&server=www.updatepostecanada.com&events=event96%3D11&aamb=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&h1=psi&c3=D%3DpageName&v3=D%3DpageName&c8=www.updatepostecanada.com&c9=D%3DpageName&v9=D%3DpageName&c10=D%3DpageName&v10=D%3DpageName&c11=D%3DpageName&v11=D%3DpageName&c13=D%3DpageName&v13=D%3DpageName&c14=common&v14=common&c15=en&v15=en&c16=standard&v16=standard&c17=anonymous&v17=anonymous&c24=www.updatepostecanada.com&v24=www.updatepostecanada.com&v30=D%3Dv122&c34=8%3A30&v34=8%3A30&c35=Saturday&v35=Saturday&c36=weekend&v36=weekend&v37=First%20Visit&c39=New&v39=New&c56=None&v56=D%3Dc56&v69=D%3DUser-Agent&c70=D%3Dv70&v70=https%3A%2F%2Fwww.updatepostecanada.com%2F&c72=11&v85=Saturday%202022-12-17&v122=anonymous&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=0C4E3704533345770A490D44%40AdobeOrg&AQE=1
15.236.176.210200 OK 43 B URL HTTP/2 sslstats.canadapost.ca/b/ss/canadapostcapool/1/JS-2.5.0-LCUM/s84590592692194?AQB=1&ndh=1&pf=1&t=17%2F11%2F2022%2013%3A47%3A1%206%200&sdid=329BC8CAF2313CC7-3E9F69C2FAE1BEF5&mid=43210982674820168081241383503604653047&aamlh=6&ce=UTF-8&ns=canadapost&cdp=2&fpCookieDomainPeriods=2&pageName=cpc.ca%3A%20%3E%20en%20%3E%20common%20%3E%20psi%20%3E%20Postal%20indicia%20tool&g=https%3A%2F%2Fwww.updatepostecanada.com%2F&c.&getVisitNum=4.2&endOfDatePeriod=1.2&.c&cc=CAD&ch=psi&server=www.updatepostecanada.com&events=event96%3D11&aamb=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&h1=psi&c3=D%3DpageName&v3=D%3DpageName&c8=www.updatepostecanada.com&c9=D%3DpageName&v9=D%3DpageName&c10=D%3DpageName&v10=D%3DpageName&c11=D%3DpageName&v11=D%3DpageName&c13=D%3DpageName&v13=D%3DpageName&c14=common&v14=common&c15=en&v15=en&c16=standard&v16=standard&c17=anonymous&v17=anonymous&c24=www.updatepostecanada.com&v24=www.updatepostecanada.com&v30=D%3Dv122&c34=8%3A30&v34=8%3A30&c35=Saturday&v35=Saturday&c36=weekend&v36=weekend&v37=First%20Visit&c39=New&v39=New&c56=None&v56=D%3Dc56&v69=D%3DUser-Agent&c70=D%3Dv70&v70=https%3A%2F%2Fwww.updatepostecanada.com%2F&c72=11&v85=Saturday%202022-12-17&v122=anonymous&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=0C4E3704533345770A490D44%40AdobeOrg&AQE=1
IP 15.236.176.210:0
File type GIF image data, version 89a, 2 x 2\012- data
Hash ad480fd0732d0f6f1a8b06359e3a42bb
a544538683a2dfe574eeb2e358ac8fcc78289d50
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
GET /b/ss/canadapostcapool/1/JS-2.5.0-LCUM/s84590592692194?AQB=1&ndh=1&pf=1&t=17%2F11%2F2022%2013%3A47%3A1%206%200&sdid=329BC8CAF2313CC7-3E9F69C2FAE1BEF5&mid=43210982674820168081241383503604653047&aamlh=6&ce=UTF-8&ns=canadapost&cdp=2&fpCookieDomainPeriods=2&pageName=cpc.ca%3A%20%3E%20en%20%3E%20common%20%3E%20psi%20%3E%20Postal%20indicia%20tool&g=https%3A%2F%2Fwww.updatepostecanada.com%2F&c.&getVisitNum=4.2&endOfDatePeriod=1.2&.c&cc=CAD&ch=psi&server=www.updatepostecanada.com&events=event96%3D11&aamb=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&h1=psi&c3=D%3DpageName&v3=D%3DpageName&c8=www.updatepostecanada.com&c9=D%3DpageName&v9=D%3DpageName&c10=D%3DpageName&v10=D%3DpageName&c11=D%3DpageName&v11=D%3DpageName&c13=D%3DpageName&v13=D%3DpageName&c14=common&v14=common&c15=en&v15=en&c16=standard&v16=standard&c17=anonymous&v17=anonymous&c24=www.updatepostecanada.com&v24=www.updatepostecanada.com&v30=D%3Dv122&c34=8%3A30&v34=8%3A30&c35=Saturday&v35=Saturday&c36=weekend&v36=weekend&v37=First%20Visit&c39=New&v39=New&c56=None&v56=D%3Dc56&v69=D%3DUser-Agent&c70=D%3Dv70&v70=https%3A%2F%2Fwww.updatepostecanada.com%2F&c72=11&v85=Saturday%202022-12-17&v122=anonymous&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=0C4E3704533345770A490D44%40AdobeOrg&AQE=1 HTTP/1.1
Host: sslstats.canadapost.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
date: Sat, 17 Dec 2022 13:47:05 GMT
expires: Fri, 16 Dec 2022 13:47:05 GMT
last-modified: Sun, 18 Dec 2022 13:47:05 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
etag: 3589056833172307968-4619643277723799098
vary: *
content-type: image/gif;charset=utf-8
content-length: 43
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 598c54ccef3aeb519adff05ff8773be1
1372acb8de8613c15c97c6c3250aad1c8bb47cb8
6784f3f6ac1ee62a3310a8e70a3b6f0215fb72043a899b9de5d91aaa6ab10e63
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 17 Dec 2022 13:47:05 GMT
Last-Modified: Sat, 17 Dec 2022 12:53:40 GMT
Server: ECS (nyb/1D08)
X-Cache: Miss from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 6yTXHEgfMSPGAP9f6M1j2uxbOrFyw-G5RpbGaK7GUK05ByJkcqcXTw==
Age: 3205
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8b1f3ab941f9af9d95c8b8de3919330c
581032c8d194a696e353070d25165321504c0176
852cc4977786c9e7c01867e8d4fafc93fa44fd1c4c6d25a9986cf6856aff991c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 13:47:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8b1f3ab941f9af9d95c8b8de3919330c
581032c8d194a696e353070d25165321504c0176
852cc4977786c9e7c01867e8d4fafc93fa44fd1c4c6d25a9986cf6856aff991c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 13:47:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8b1f3ab941f9af9d95c8b8de3919330c
581032c8d194a696e353070d25165321504c0176
852cc4977786c9e7c01867e8d4fafc93fa44fd1c4c6d25a9986cf6856aff991c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 13:47:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8b1f3ab941f9af9d95c8b8de3919330c
581032c8d194a696e353070d25165321504c0176
852cc4977786c9e7c01867e8d4fafc93fa44fd1c4c6d25a9986cf6856aff991c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 13:47:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8b1f3ab941f9af9d95c8b8de3919330c
581032c8d194a696e353070d25165321504c0176
852cc4977786c9e7c01867e8d4fafc93fa44fd1c4c6d25a9986cf6856aff991c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 13:47:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/10937558046/?random=1671284821529&cv=9&fst=1671282000000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.updatepostecanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=1442432862&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/10937558046/?random=1671284821529&cv=9&fst=1671282000000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.updatepostecanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=1442432862&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/10937558046/?random=1671284821529&cv=9&fst=1671282000000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.updatepostecanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=1442432862&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 13:47:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/1011747518/?random=1671284821525&cv=9&fst=1671282000000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.updatepostecanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=2427823398&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1011747518/?random=1671284821525&cv=9&fst=1671282000000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.updatepostecanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=2427823398&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1011747518/?random=1671284821525&cv=9&fst=1671282000000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.updatepostecanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=2427823398&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 13:47:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/10937558046/?random=1671284821530&cv=9&fst=1671282000000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.updatepostecanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=2699057800&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/10937558046/?random=1671284821530&cv=9&fst=1671282000000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.updatepostecanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=2699057800&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/10937558046/?random=1671284821530&cv=9&fst=1671282000000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.updatepostecanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=2699057800&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 13:47:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cm.everesttech.net/cm/dd?d_uuid=43231920283054072871239273283795380968
46.137.71.247302 0 B URL HTTP/1.1 cm.everesttech.net/cm/dd?d_uuid=43231920283054072871239273283795380968
IP 46.137.71.247:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/dd?d_uuid=43231920283054072871239273283795380968 HTTP/1.1
Host: cm.everesttech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302
Date: Sat, 17 Dec 2022 13:47:05 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: everest_g_v2=g_surferid~Y53IWQAAAHwf3QN-; Domain=.everesttech.net; Expires=Sun, 17-Dec-2023 13:47:05 GMT; Path=/
everest_session_v2=Y53IWQAAAHwf3gN-; Domain=.everesttech.net; Path=/
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y53IWQAAAHwf3QN-
Server: AMO-cookiemap/1.1
www.google.no/pagead/1p-user-list/1011747518/?random=1671284821526&cv=9&fst=1671282000000&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fwww.updatepostecanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=1742204701&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1011747518/?random=1671284821526&cv=9&fst=1671282000000&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fwww.updatepostecanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=1742204701&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1011747518/?random=1671284821526&cv=9&fst=1671282000000&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fwww.updatepostecanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=1742204701&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 13:47:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/1011747518/?random=1671284821518&cv=9&fst=1671282000000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.updatepostecanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=1229335027&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1011747518/?random=1671284821518&cv=9&fst=1671282000000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.updatepostecanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=1229335027&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1011747518/?random=1671284821518&cv=9&fst=1671282000000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.updatepostecanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=1229335027&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 13:47:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/1011747518/?random=1671284821521&cv=9&fst=1671282000000&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fwww.updatepostecanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=2228870265&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1011747518/?random=1671284821521&cv=9&fst=1671282000000&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fwww.updatepostecanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=2228870265&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1011747518/?random=1671284821521&cv=9&fst=1671282000000&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fwww.updatepostecanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=2228870265&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 13:47:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8b1f3ab941f9af9d95c8b8de3919330c
581032c8d194a696e353070d25165321504c0176
852cc4977786c9e7c01867e8d4fafc93fa44fd1c4c6d25a9986cf6856aff991c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 13:47:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dpm.demdex.net/ibs:dpid=411&dpuuid=Y53IWQAAAHwf3QN-
52.30.48.135302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=411&dpuuid=Y53IWQAAAHwf3QN-
IP 52.30.48.135:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=411&dpuuid=Y53IWQAAAHwf3QN- HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.updatepostecanada.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-1-v045-0ba8f5f7e.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y53IWQAAAHwf3QN-
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=80168761150969787200533525225586521271; Max-Age=15552000; Expires=Thu, 15 Jun 2023 13:47:05 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: UHyX67qrRe0=
Content-Length: 0
Connection: keep-alive
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y53IWQAAAHwf3QN-
52.30.48.135200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y53IWQAAAHwf3QN-
IP 52.30.48.135:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y53IWQAAAHwf3QN- HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.updatepostecanada.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-1-v045-07e4ed132.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: xXHOQO7pRMI=
Content-Length: 59
Connection: keep-alive
www.updatepostecanada.com/file/f(2).txt
91.229.90.152200 OK 0 B URL HTTP/2 www.updatepostecanada.com/file/f(2).txt
IP 91.229.90.152:0
Analyzer Verdict Alert openphish Canada Post
fortinet Phishing
GET /file/f(2).txt HTTP/1.1
Host: www.updatepostecanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Cookie: PHPSESSID=a846a230c7658bf12597a697368d92c1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/plain
last-modified: Thu, 08 Sep 2022 08:59:44 GMT
etag: "ab8-6319af00-1e9d3fccfbdf56de;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1255
date: Sat, 17 Dec 2022 13:47:03 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.updatepostecanada.com/file/1.0f15e3ad6ddcff4e902e.chunk.js
91.229.90.152200 OK 0 B URL HTTP/2 www.updatepostecanada.com/file/1.0f15e3ad6ddcff4e902e.chunk.js
IP 91.229.90.152:0
Analyzer Verdict Alert openphish Canada Post
fortinet Phishing
GET /file/1.0f15e3ad6ddcff4e902e.chunk.js HTTP/1.1
Host: www.updatepostecanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Cookie: PHPSESSID=a846a230c7658bf12597a697368d92c1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 13:47:03 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 08:59:44 GMT
etag: "707d-6319af00-57e88e800e1d00f5;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 8314
date: Sat, 17 Dec 2022 13:47:03 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_0xleIR6sWSZaNY9&Q_CLIENTVERSION=1.76.1&Q_CLIENTTYPE=web
104.17.208.240200 OK 0 B URL HTTP/2 siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_0xleIR6sWSZaNY9&Q_CLIENTVERSION=1.76.1&Q_CLIENTTYPE=web
IP 104.17.208.240:0
POST /WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_0xleIR6sWSZaNY9&Q_CLIENTVERSION=1.76.1&Q_CLIENTTYPE=web HTTP/1.1
Host: siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 87
Origin: https://www.updatepostecanada.com
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 17 Dec 2022 13:47:04 GMT
content-type: application/json
cf-ray: 77b01bc60f31b4f3-OSL
access-control-allow-origin: https://www.updatepostecanada.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
trace-id: 1b2f136c462006fe
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
sb.scorecardresearch.com/beacon.js
143.204.55.8200 OK 0 B URL HTTP/2 sb.scorecardresearch.com/beacon.js
IP 143.204.55.8:0
GET /beacon.js HTTP/1.1
Host: sb.scorecardresearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Sat, 17 Dec 2022 08:09:40 GMT
cache-control: max-age=86400
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Br5yoaZSCX6jTSeD9OauRPqwBMkEk7JOmaxt-FE9YMChfC5rGHZByA==
age: 20244
X-Firefox-Spdy: h2
siteintercept.qualtrics.com/dxjsmodule/1.7d5648fd7c0291d649aa.chunk.js?Q_CLIENTVERSION=1.82.1&Q_CLIENTTYPE=web&Q_BRANDID=canadapostdigital
104.17.208.240200 OK 0 B URL HTTP/2 siteintercept.qualtrics.com/dxjsmodule/1.7d5648fd7c0291d649aa.chunk.js?Q_CLIENTVERSION=1.82.1&Q_CLIENTTYPE=web&Q_BRANDID=canadapostdigital
IP 104.17.208.240:0
GET /dxjsmodule/1.7d5648fd7c0291d649aa.chunk.js?Q_CLIENTVERSION=1.82.1&Q_CLIENTTYPE=web&Q_BRANDID=canadapostdigital HTTP/1.1
Host: siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 17 Dec 2022 13:47:05 GMT
content-type: application/javascript
cf-ray: 77b01bd029aeb4f3-OSL
access-control-allow-origin: *
age: 280839
cache-control: public, max-age=604800, s-maxage=604800
etag: W/"73bc-184eb224ae0"
last-modified: Wed, 07 Dec 2022 05:50:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify
cf-polished: origSize=29628
edge-control: max-age=604800
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.updatepostecanada.com/file/js
91.229.90.152200 OK 0 B URL HTTP/2 www.updatepostecanada.com/file/js
IP 91.229.90.152:0
Analyzer Verdict Alert openphish Canada Post
fortinet Phishing
GET /file/js HTTP/1.1
Host: www.updatepostecanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Cookie: PHPSESSID=a846a230c7658bf12597a697368d92c1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 08 Sep 2022 08:59:42 GMT
etag: "263c8-6319aefe-8d764a1b1de7f349;;;"
accept-ranges: bytes
content-length: 156616
date: Sat, 17 Dec 2022 13:47:03 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
www.updatepostecanada.com/file/js(2)
91.229.90.152200 OK 0 B URL HTTP/2 www.updatepostecanada.com/file/js(2)
IP 91.229.90.152:0
Analyzer Verdict Alert openphish Canada Post
fortinet Phishing
GET /file/js(2) HTTP/1.1
Host: www.updatepostecanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Cookie: PHPSESSID=a846a230c7658bf12597a697368d92c1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 08 Sep 2022 08:59:42 GMT
etag: "1c73d-6319aefe-afb4c6b438c5aba1;;;"
accept-ranges: bytes
content-length: 116541
date: Sat, 17 Dec 2022 13:47:03 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
cdn.linkedin.oribi.io/partner/9198/domain/updatepostecanada.com/token
54.230.111.78200 OK 0 B URL HTTP/2 cdn.linkedin.oribi.io/partner/9198/domain/updatepostecanada.com/token
IP 54.230.111.78:0
GET /partner/9198/domain/updatepostecanada.com/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://www.updatepostecanada.com
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
date: Sat, 17 Dec 2022 12:06:08 GMT
access-control-allow-origin: *
cache-control: public, max-age=20346
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: tNAtg1-GC3XTkHAvEhefJ-FcnjIEH9H1PvFnPmwkEQU8o6KZcGHQZA==
age: 6057
X-Firefox-Spdy: h2
zn0xleir6swszany9-canadapostdigital.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_0xleIR6sWSZaNY9&Q_LOC=https%3A%2F%2Fwww.updatepostecanada.com%2F&t=1671284821999
104.17.208.240200 OK 0 B URL HTTP/2 zn0xleir6swszany9-canadapostdigital.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_0xleIR6sWSZaNY9&Q_LOC=https%3A%2F%2Fwww.updatepostecanada.com%2F&t=1671284821999
IP 104.17.208.240:0
GET /WRSiteInterceptEngine/?Q_ZID=ZN_0xleIR6sWSZaNY9&Q_LOC=https%3A%2F%2Fwww.updatepostecanada.com%2F&t=1671284821999 HTTP/1.1
Host: zn0xleir6swszany9-canadapostdigital.siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 17 Dec 2022 13:47:05 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 77b01bce5fa9b4f3-OSL
access-control-allow-origin: *
age: 377849
cache-control: public, max-age=3600, s-maxage=604800
etag: W/"2127-GU0FAth0DUxdI3/tV1rpl6wukyo"
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify
cf-polished: origSize=8487
edge-control: max-age=604800
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.updatepostecanada.com/file/satelliteLib-f2fc6f00da802a0747b6ffed3c12e3931bfca496.js
91.229.90.152200 OK 0 B URL HTTP/2 www.updatepostecanada.com/file/satelliteLib-f2fc6f00da802a0747b6ffed3c12e3931bfca496.js
IP 91.229.90.152:0
Analyzer Verdict Alert openphish Canada Post
fortinet Phishing
GET /file/satelliteLib-f2fc6f00da802a0747b6ffed3c12e3931bfca496.js HTTP/1.1
Host: www.updatepostecanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.updatepostecanada.com/
Cookie: PHPSESSID=a846a230c7658bf12597a697368d92c1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 13:47:03 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 08:59:42 GMT
etag: "96be1-6319aefe-ab2ef736c0c63172;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 219464
date: Sat, 17 Dec 2022 13:47:03 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.updatepostecanada.com/
91.229.90.152200 OK 0 B URL HTTP/2 www.updatepostecanada.com/
IP 91.229.90.152:0
Analyzer Verdict Alert openphish Canada Post
fortinet Phishing
GET / HTTP/1.1
Host: www.updatepostecanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
set-cookie: PHPSESSID=a846a230c7658bf12597a697368d92c1; path=/; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding,User-Agent
date: Sat, 17 Dec 2022 13:47:03 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2