www.delivery-postcanada.com/
91.229.90.148301 Moved Permanently 707 B URL HTTP/1.1 www.delivery-postcanada.com/
IP 91.229.90.148:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.delivery-postcanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Sat, 26 Nov 2022 21:16:41 GMT
server: LiteSpeed
location: https://www.delivery-postcanada.com/
vary: User-Agent
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7c60904d097cde276e4e5632cef1b9f1
4f805026462589345d85e8df2d18eafba6237504
12af026999398f4976749e320667d43da3f99b7a2e8254aca7a410a964a106aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12AF026999398F4976749E320667D43DA3F99B7A2E8254ACA7A410A964A106AA"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2997
Expires: Sat, 26 Nov 2022 22:06:38 GMT
Date: Sat, 26 Nov 2022 21:16:41 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 15b59d5e62caedb4bec3ba6724906c1e
960f801e608a56fdd11449f4face29f62cad2b21
8c72a45737c2eeddf328b0ed3236f3243551d904e94ec9dd7254972ebfb9229e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4185
Cache-Control: max-age=138252
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:16:41 GMT
Etag: "6381eaec-1d7"
Expires: Mon, 28 Nov 2022 11:40:53 GMT
Last-Modified: Sat, 26 Nov 2022 10:31:08 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 26 Nov 2022 20:17:33 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3548
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 71f9c681a82440fd55e76c780a20e55d
3147768cfbcdd06e0c6e69684292e68e99917a80
5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3674
Expires: Sat, 26 Nov 2022 22:17:55 GMT
Date: Sat, 26 Nov 2022 21:16:41 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: AuumfxMLvZuLBPINTMieYbneyG+ZzIQDDPXnHcxyy/0bzjp/HlPmLeP9hOWXDZnTJ6OYmck/YH1pbJ5zDvW1Tw==
x-amz-request-id: 6A338R76B6TNK6KX
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 26 Nov 2022 20:41:21 GMT
age: 2120
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 21:16:41 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 86a859f79523cc37e4af057b8ebd0e18
6feaf41fd9b42167327715bfe7387101e8376a34
b8c006fda7c16077a1b03790527b982538bd1ae7a82e90dbf5c28d4458e14fbf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B8C006FDA7C16077A1B03790527B982538BD1AE7A82E90DBF5C28D4458E14FBF"
Last-Modified: Thu, 24 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 27 Nov 2022 03:16:42 GMT
Date: Sat, 26 Nov 2022 21:16:42 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 26 Nov 2022 21:11:12 GMT
cache-control: public,max-age=3600
age: 330
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d3df71aab146eefc49acb608796aab63
8401892995193919376dfcd798b09c8261579454
a616c1e54e896576601e6107c1814adbebf35364d8ed807cdd89ac36b8200c88
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5863
Cache-Control: max-age=134872
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:16:42 GMT
Etag: "6381d72b-1d7"
Expires: Mon, 28 Nov 2022 10:44:34 GMT
Last-Modified: Sat, 26 Nov 2022 09:06:51 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
www.delivery-postcanada.com/file/foundation-config.css
91.229.90.148200 OK 27 B URL HTTP/2 www.delivery-postcanada.com/file/foundation-config.css
IP 91.229.90.148:0
File type ASCII text, with no line terminators
Hash 235e981df1f4eedaa0589ffda58717d6
d7e9f36ce7e793910b1cb8b3df49c60cd162a4f9
6ab579f7452650aa72688543ccc21851e03c767a3f04669321da4476e4f50ba0
GET /file/foundation-config.css HTTP/1.1
Host: www.delivery-postcanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Cookie: PHPSESSID=7a9bbcc3c5058a0398e9c902173bd124
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 03 Dec 2022 21:16:42 GMT
content-type: text/css
last-modified: Thu, 08 Sep 2022 08:59:40 GMT
etag: "1b-6319aefc-5ba4dfb140727894;;;"
accept-ranges: bytes
content-length: 27
date: Sat, 26 Nov 2022 21:16:42 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
www.delivery-postcanada.com/
91.229.90.148200 OK 103 kB URL HTTP/2 www.delivery-postcanada.com/
IP 91.229.90.148:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (7181)
Size 103 kB (102884 bytes)
Hash 11b1460f4ec15c32c5a3bfc4a9d2e3e6
46120bbf75f881bd9df24ddd33d88e92c3b49a5e
9af4297c5f6b66ea5fceab30ea0584f3f7a715362fda8d33a223aa41d1fee5f0
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.delivery-postcanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
set-cookie: PHPSESSID=7a9bbcc3c5058a0398e9c902173bd124; path=/; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding,User-Agent
date: Sat, 26 Nov 2022 21:16:42 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
www.delivery-postcanada.com/file/normalize.css
91.229.90.148200 OK 995 B URL HTTP/2 www.delivery-postcanada.com/file/normalize.css
IP 91.229.90.148:0
File type ASCII text, with very long lines (2011)
Hash fb47db9a73e62c29983c97245ff1a0b1
1d8e7bd48874522b8979c9ab2ae9ef09d3a6cf39
af66e48b3dde10dd39f871e0cd4326b1e3a5de75831584c7bab725c6bee03037
GET /file/normalize.css HTTP/1.1
Host: www.delivery-postcanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Cookie: PHPSESSID=7a9bbcc3c5058a0398e9c902173bd124
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 03 Dec 2022 21:16:42 GMT
content-type: text/css
last-modified: Thu, 08 Sep 2022 08:59:40 GMT
etag: "7dc-6319aefc-a9b04128b4053029;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 995
date: Sat, 26 Nov 2022 21:16:42 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.delivery-postcanada.com/file/cpc-main.css
91.229.90.148200 OK 106 kB URL HTTP/2 www.delivery-postcanada.com/file/cpc-main.css
IP 91.229.90.148:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 106 kB (106391 bytes)
Hash 9d58a121cd7ad1bdd9538b2277109543
db0207b056b2b778b61fb6e990bf5ed3b3925026
d70ffbd592c403179b5912e0540969e4bacb22996f7eee7229914ae1406c2e91
GET /file/cpc-main.css HTTP/1.1
Host: www.delivery-postcanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Cookie: PHPSESSID=7a9bbcc3c5058a0398e9c902173bd124
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 03 Dec 2022 21:16:42 GMT
content-type: text/css
last-modified: Thu, 08 Sep 2022 08:59:40 GMT
etag: "73970-6319aefc-2838c0aa68c25d1;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 106391
date: Sat, 26 Nov 2022 21:16:42 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.delivery-postcanada.com/file/tools.css
91.229.90.148200 OK 1.1 kB URL HTTP/2 www.delivery-postcanada.com/file/tools.css
IP 91.229.90.148:0
File type ASCII text, with CRLF line terminators
Hash f5c6a9a90cfaa8d0029a002047a15424
f086faefa9b3253507e739bdc27a7f3e8f8af687
16e3163fa66145a0c0faab909279df764a8b0dce5ed8f8e76cde383f89da6b3b
GET /file/tools.css HTTP/1.1
Host: www.delivery-postcanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Cookie: PHPSESSID=7a9bbcc3c5058a0398e9c902173bd124
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 03 Dec 2022 21:16:42 GMT
content-type: text/css
last-modified: Thu, 08 Sep 2022 09:18:46 GMT
etag: "c74-6319b376-effd903c493338f4;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1132
date: Sat, 26 Nov 2022 21:16:42 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.delivery-postcanada.com/file/beacon.js
91.229.90.148200 OK 2.0 kB URL HTTP/2 www.delivery-postcanada.com/file/beacon.js
IP 91.229.90.148:0
File type ASCII text, with very long lines (3936)
Hash cc337805f6ac7780832182130c1a7df7
1bff753e2dd2c04f8491c222cba4a0def7a41b59
e9846109d7ee4d10d6f3fa458da8a7b992beca036eed5d461a466e3e08445d4f
Analyzer Verdict Alert fortinet Phishing
GET /file/beacon.js HTTP/1.1
Host: www.delivery-postcanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Cookie: PHPSESSID=7a9bbcc3c5058a0398e9c902173bd124
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 03 Dec 2022 21:16:42 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 08:59:40 GMT
etag: "f61-6319aefc-b4a125c134f7c40a;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1969
date: Sat, 26 Nov 2022 21:16:42 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.delivery-postcanada.com/file/f.txt
91.229.90.148200 OK 20 kB URL HTTP/2 www.delivery-postcanada.com/file/f.txt
IP 91.229.90.148:0
File type ASCII text, with very long lines (1623)
Hash 0dfb86abfc05e7ec1e890311b24c4a39
aa8a4c0e356fa9c6699f66d952bd5640b9b6b365
4382b1d5203f422b6bffaa6f9b52f406a86b12615fa7692d378c95d41baa9596
Analyzer Verdict Alert fortinet Phishing
GET /file/f.txt HTTP/1.1
Host: www.delivery-postcanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Cookie: PHPSESSID=7a9bbcc3c5058a0398e9c902173bd124
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/plain
last-modified: Thu, 08 Sep 2022 08:59:40 GMT
etag: "a422-6319aefc-1e9f1e2d479aa566;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 19595
date: Sat, 26 Nov 2022 21:16:42 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.delivery-postcanada.com/file/insight.min.js
91.229.90.148200 OK 3.4 kB URL HTTP/2 www.delivery-postcanada.com/file/insight.min.js
IP 91.229.90.148:0
File type ASCII text, with very long lines (7751)
Hash 8db1005349ab554c09a98451fca04c6a
4e1318838a0869ebe3c0d6092042638044820b37
68b9c58408ccfcb50e671216c0f7d8bc868aa9a17ac5fc309c5f15b238f61ed0
Analyzer Verdict Alert fortinet Phishing
GET /file/insight.min.js HTTP/1.1
Host: www.delivery-postcanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Cookie: PHPSESSID=7a9bbcc3c5058a0398e9c902173bd124
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 03 Dec 2022 21:16:42 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 08:59:42 GMT
etag: "1e48-6319aefe-320986e5e47c27da;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3363
date: Sat, 26 Nov 2022 21:16:42 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.delivery-postcanada.com/file/614267586032718
91.229.90.148404 Not Found 708 B URL HTTP/2 www.delivery-postcanada.com/file/614267586032718
IP 91.229.90.148:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 2382378378c002d88b9a507c712c3349
2e894db3808b554abadc8b144338ad9e2ea937ba
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa
Analyzer Verdict Alert fortinet Phishing
GET /file/614267586032718 HTTP/1.1
Host: www.delivery-postcanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Cookie: PHPSESSID=7a9bbcc3c5058a0398e9c902173bd124
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 708
date: Sat, 26 Nov 2022 21:16:42 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
www.delivery-postcanada.com/file/fbevents.js
91.229.90.148404 Not Found 708 B URL HTTP/2 www.delivery-postcanada.com/file/fbevents.js
IP 91.229.90.148:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 2382378378c002d88b9a507c712c3349
2e894db3808b554abadc8b144338ad9e2ea937ba
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa
Analyzer Verdict Alert fortinet Phishing
GET /file/fbevents.js HTTP/1.1
Host: www.delivery-postcanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Cookie: PHPSESSID=7a9bbcc3c5058a0398e9c902173bd124
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 708
date: Sat, 26 Nov 2022 21:16:42 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
www.delivery-postcanada.com/file/modernizr.js
91.229.90.148200 OK 5.9 kB URL HTTP/2 www.delivery-postcanada.com/file/modernizr.js
IP 91.229.90.148:0
File type Unicode text, UTF-8 text, with very long lines (12268)
Hash 45160d49cd70dfe6668255a450fdc0ee
dc6eaef70081628ded73ae5e04ad1993e7ff212e
31ad73b5011ba424c06fa79b72a8738c69db877c3203e1bedd6ff55e18d1d267
Analyzer Verdict Alert fortinet Phishing
GET /file/modernizr.js HTTP/1.1
Host: www.delivery-postcanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Cookie: PHPSESSID=7a9bbcc3c5058a0398e9c902173bd124
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 03 Dec 2022 21:16:42 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 08:59:42 GMT
etag: "30f0-6319aefe-a00486ff421f3d0f;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 5906
date: Sat, 26 Nov 2022 21:16:42 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.delivery-postcanada.com/file/foundation.reveal.js
91.229.90.148200 OK 5.1 kB URL HTTP/2 www.delivery-postcanada.com/file/foundation.reveal.js
IP 91.229.90.148:0
Hash 423a71ff03b19e39f33eec3ae8c9c31f
fd757da4b47c842ee4f1bac9cc5d5452a032b00f
e65f608f6c442d9dad3dd67feae03d90942bb211bba47e6c8b085e5e15641d9d
Analyzer Verdict Alert fortinet Phishing
GET /file/foundation.reveal.js HTTP/1.1
Host: www.delivery-postcanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Cookie: PHPSESSID=7a9bbcc3c5058a0398e9c902173bd124
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 03 Dec 2022 21:16:42 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 08:59:42 GMT
etag: "4135-6319aefe-f6365084a43bc9af;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 5086
date: Sat, 26 Nov 2022 21:16:42 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.delivery-postcanada.com/file/tools.js
91.229.90.148200 OK 122 B URL HTTP/2 www.delivery-postcanada.com/file/tools.js
IP 91.229.90.148:0
Hash 0a55a61bc65245a773a3253aaf81e4f6
a2fd9ce6d25635b2138e640956c41fd65652f792
1e35a7196a71189199f08214fa6a5226661be7437810c6851a75e80e26bbe112
Analyzer Verdict Alert fortinet Phishing
GET /file/tools.js HTTP/1.1
Host: www.delivery-postcanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Cookie: PHPSESSID=7a9bbcc3c5058a0398e9c902173bd124
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 03 Dec 2022 21:16:42 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 08:59:42 GMT
etag: "7a-6319aefe-ef0078b03f09df55;;;"
accept-ranges: bytes
content-length: 122
date: Sat, 26 Nov 2022 21:16:42 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
www.delivery-postcanada.com/file/postal-guide.css
91.229.90.148200 OK 219 B URL HTTP/2 www.delivery-postcanada.com/file/postal-guide.css
IP 91.229.90.148:0
Hash 2ee5ed7bd5030d2f8dce54670cf71745
5bfe846bb5ae8bfcb6246274559bea3cab9c8d78
43c1972f25c54d62c69c95d129d60ad4ac4c5b56cbd125e83169fd43fabffc7b
GET /file/postal-guide.css HTTP/1.1
Host: www.delivery-postcanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Cookie: PHPSESSID=7a9bbcc3c5058a0398e9c902173bd124
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 03 Dec 2022 21:16:42 GMT
content-type: text/css
last-modified: Thu, 08 Sep 2022 09:26:50 GMT
etag: "177-6319b55a-3068056d21eeef75;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 219
date: Sat, 26 Nov 2022 21:16:42 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.delivery-postcanada.com/file/styles.css
91.229.90.148200 OK 16 kB URL HTTP/2 www.delivery-postcanada.com/file/styles.css
IP 91.229.90.148:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash b9a0b278b86c1dfa2284228bf00c6260
2fc88034544b6640a1095db0a2ab2d6d55bf2b85
72cff4200659ac6b8367aacd599eded7d951844cda65f80ee6276ca24102e9e7
GET /file/styles.css HTTP/1.1
Host: www.delivery-postcanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Cookie: PHPSESSID=7a9bbcc3c5058a0398e9c902173bd124
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 03 Dec 2022 21:16:42 GMT
content-type: text/css
last-modified: Thu, 08 Sep 2022 08:59:42 GMT
etag: "126b5-6319aefe-f7e1f46305d310a5;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 16124
date: Sat, 26 Nov 2022 21:16:42 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.delivery-postcanada.com/file/f(1).txt
91.229.90.148200 OK 1.2 kB URL HTTP/2 www.delivery-postcanada.com/file/f(1).txt
IP 91.229.90.148:0
File type ASCII text, with very long lines (2402), with no line terminators
Hash 393ec35ff90e2758dbf9b112b9e06c5b
178c5426f0a547309a5ce601646d1e79d1508245
b49610c94d468aace72779c9c223d56e2a2a03215fd2d28991b2ad7c2d3f3cfe
Analyzer Verdict Alert fortinet Phishing
GET /file/f(1).txt HTTP/1.1
Host: www.delivery-postcanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Cookie: PHPSESSID=7a9bbcc3c5058a0398e9c902173bd124
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/plain
last-modified: Thu, 08 Sep 2022 08:59:44 GMT
etag: "962-6319af00-4a7bb9f51c2d11a7;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1162
date: Sat, 26 Nov 2022 21:16:42 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.delivery-postcanada.com/file/f(2).txt
91.229.90.148200 OK 1.3 kB URL HTTP/2 www.delivery-postcanada.com/file/f(2).txt
IP 91.229.90.148:0
File type ASCII text, with very long lines (2744), with no line terminators
Hash 25a715e415123b59970ee567f2ff8056
5c9c27a60f25c5b8b0d8fad5b479c142dbdb71cb
5f2dfb910f7a71259bff4050eac52dc3c7fd0a3cc00486e28ae008fbf719c67d
Analyzer Verdict Alert fortinet Phishing
GET /file/f(2).txt HTTP/1.1
Host: www.delivery-postcanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Cookie: PHPSESSID=7a9bbcc3c5058a0398e9c902173bd124
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/plain
last-modified: Thu, 08 Sep 2022 08:59:44 GMT
etag: "ab8-6319af00-88f4cbe14d96f052;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1255
date: Sat, 26 Nov 2022 21:16:42 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.delivery-postcanada.com/file/f(3).txt
91.229.90.148200 OK 1.2 kB URL HTTP/2 www.delivery-postcanada.com/file/f(3).txt
IP 91.229.90.148:0
File type ASCII text, with very long lines (2404), with no line terminators
Hash c75b6adc2c5861cd765bb75bc2365c0e
c22c68bdb2d2eb2a43c038e95af1fff3b901c11c
6f176d7bad9c26dfdc11a8381ebddb1f3de68f5dcdad4b8bc54aadd6512ed02d
Analyzer Verdict Alert fortinet Phishing
GET /file/f(3).txt HTTP/1.1
Host: www.delivery-postcanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Cookie: PHPSESSID=7a9bbcc3c5058a0398e9c902173bd124
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/plain
last-modified: Thu, 08 Sep 2022 08:59:44 GMT
etag: "964-6319af00-8f0225af539580c6;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1156
date: Sat, 26 Nov 2022 21:16:42 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.delivery-postcanada.com/file/11.4dc17d50d8eb18566aef.chunk.js
91.229.90.148200 OK 25 kB URL HTTP/2 www.delivery-postcanada.com/file/11.4dc17d50d8eb18566aef.chunk.js
IP 91.229.90.148:0
File type ASCII text, with very long lines (62147), with no line terminators
Hash af0ab8a976a04ea08c013ede72384e73
cc9137efa5cdc5e647f9c506e10ca3efa18032b3
f5ff7c8fd6f5b22a2f7e48fdd304ee0209e2a5cf95edb5a2e090fdb6ea69bbe2
Analyzer Verdict Alert fortinet Phishing
GET /file/11.4dc17d50d8eb18566aef.chunk.js HTTP/1.1
Host: www.delivery-postcanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Cookie: PHPSESSID=7a9bbcc3c5058a0398e9c902173bd124
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 03 Dec 2022 21:16:42 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 08:59:44 GMT
etag: "f2c3-6319af00-1d20f3e78a7a5321;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 24839
date: Sat, 26 Nov 2022 21:16:42 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.delivery-postcanada.com/file/4.44a799399bc4cc3dbe48.chunk.js
91.229.90.148200 OK 898 B URL HTTP/2 www.delivery-postcanada.com/file/4.44a799399bc4cc3dbe48.chunk.js
IP 91.229.90.148:0
File type ASCII text, with very long lines (1754), with no line terminators
Hash 1268bd975575d5969b4043e17d2fba23
426c61e0634245b49d08ee91458b848b37b1191c
cccd50c685ee0ca9e9a98ffba83d0d92064356d634deabf2939fb874e641937c
Analyzer Verdict Alert fortinet Phishing
GET /file/4.44a799399bc4cc3dbe48.chunk.js HTTP/1.1
Host: www.delivery-postcanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Cookie: PHPSESSID=7a9bbcc3c5058a0398e9c902173bd124
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 03 Dec 2022 21:16:42 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 08:59:44 GMT
etag: "6da-6319af00-30de38d5206b6d7a;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 898
date: Sat, 26 Nov 2022 21:16:42 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.delivery-postcanada.com/file/1.0f15e3ad6ddcff4e902e.chunk.js
91.229.90.148200 OK 8.3 kB URL HTTP/2 www.delivery-postcanada.com/file/1.0f15e3ad6ddcff4e902e.chunk.js
IP 91.229.90.148:0
File type ASCII text, with very long lines (28797), with no line terminators
Hash 27fd6de3338ea6c0e6f716a8fe649dad
d54ac7b394e2e053ed72db701aee595513cd6968
df28452c55e330461aa0e5c5778a7d33b58ea911e3fd1460ae9fe0af650dcf51
Analyzer Verdict Alert fortinet Phishing
GET /file/1.0f15e3ad6ddcff4e902e.chunk.js HTTP/1.1
Host: www.delivery-postcanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Cookie: PHPSESSID=7a9bbcc3c5058a0398e9c902173bd124
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 03 Dec 2022 21:16:42 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 08:59:44 GMT
etag: "707d-6319af00-6189ff90765b688;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 8314
date: Sat, 26 Nov 2022 21:16:42 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.delivery-postcanada.com/file/uwt.js
91.229.90.148200 OK 22 kB URL HTTP/2 www.delivery-postcanada.com/file/uwt.js
IP 91.229.90.148:0
File type ASCII text, with very long lines (57443), with no line terminators
Hash db2c157d6cc3fab7a1fda4ab2d05d979
e08005545c250c9211619a318e73b97cecc82af6
33340d1e06484b7a9e881f46816c9dd2533ba24d3905c28c3c63fbd3b6d728f2
Analyzer Verdict Alert fortinet Phishing
GET /file/uwt.js HTTP/1.1
Host: www.delivery-postcanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Cookie: PHPSESSID=7a9bbcc3c5058a0398e9c902173bd124
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 03 Dec 2022 21:16:42 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 08:59:42 GMT
etag: "e063-6319aefe-6aa76d79d3391cd4;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 21688
date: Sat, 26 Nov 2022 21:16:42 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.delivery-postcanada.com/file/foundation.min.js
91.229.90.148200 OK 37 kB URL HTTP/2 www.delivery-postcanada.com/file/foundation.min.js
IP 91.229.90.148:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (32024)
Hash f1b6d980c1b561066911d156489898c0
cd16908a596733dbda17291e685ce9c10c6c97da
8d5e71c86b4871e2eae33ebfdd220a275f9bc4a5012ae3b18b727729a0d01653
Analyzer Verdict Alert fortinet Phishing
GET /file/foundation.min.js HTTP/1.1
Host: www.delivery-postcanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Cookie: PHPSESSID=7a9bbcc3c5058a0398e9c902173bd124
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 03 Dec 2022 21:16:42 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 08:59:42 GMT
etag: "190a5-6319aefe-e798e04c0b182746;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 36779
date: Sat, 26 Nov 2022 21:16:42 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.delivery-postcanada.com/file/EXceb9b11658e548b18c0f3a95e66448d9-libraryCode_source.min.js
91.229.90.148200 OK 36 kB URL HTTP/2 www.delivery-postcanada.com/file/EXceb9b11658e548b18c0f3a95e66448d9-libraryCode_source.min.js
IP 91.229.90.148:0
File type ASCII text, with very long lines (32768)
Hash 06f4f95ab30fcb0c8dfdd2efe22a5dec
b8c2ccbfdb8a94770ffa1f0e6e06b40ca2ab86fe
eba4ca63e1147de229e605ca8d2989f990cb1337bfa0fd55d92e18c1f9b0233f
Analyzer Verdict Alert fortinet Phishing
GET /file/EXceb9b11658e548b18c0f3a95e66448d9-libraryCode_source.min.js HTTP/1.1
Host: www.delivery-postcanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Cookie: PHPSESSID=7a9bbcc3c5058a0398e9c902173bd124
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 03 Dec 2022 21:16:42 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 08:59:42 GMT
etag: "14b27-6319aefe-8eb5edb4216fa316;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 36399
date: Sat, 26 Nov 2022 21:16:42 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.delivery-postcanada.com/file/jquery.js
91.229.90.148200 OK 50 kB URL HTTP/2 www.delivery-postcanada.com/file/jquery.js
IP 91.229.90.148:0
File type ASCII text, with very long lines (65451)
Hash 4503e93081774c975267a43be4e6f6aa
908860266a381934f3a9db5237e2c91682a09747
f8c6b239bc7542f8aa64f9b514375ec235481533cd81281bbd5e28a842b03f4d
Analyzer Verdict Alert fortinet Phishing
GET /file/jquery.js HTTP/1.1
Host: www.delivery-postcanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Cookie: PHPSESSID=7a9bbcc3c5058a0398e9c902173bd124
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 03 Dec 2022 21:16:42 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 08:59:42 GMT
etag: "1b16c-6319aefe-33bdd3c8888e13f9;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 49513
date: Sat, 26 Nov 2022 21:16:42 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.delivery-postcanada.com/file/js(3)
91.229.90.148200 OK 107 kB URL HTTP/2 www.delivery-postcanada.com/file/js(3)
IP 91.229.90.148:0
File type ASCII text, with very long lines (1615)
Size 107 kB (106890 bytes)
Hash 2872c8c0b367893cac4105e87dded92e
cc7495ce29491f93ce061609a1d0dfaed72bf58c
be497bd6cee5b026521ce6eb3c7937c84a02a83403a0417de3972f31116a4275
Analyzer Verdict Alert fortinet Phishing
GET /file/js(3) HTTP/1.1
Host: www.delivery-postcanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Cookie: PHPSESSID=7a9bbcc3c5058a0398e9c902173bd124
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 08 Sep 2022 08:59:42 GMT
etag: "1a18a-6319aefe-c0b67188e78668f4;;;"
accept-ranges: bytes
content-length: 106890
date: Sat, 26 Nov 2022 21:16:42 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
www.delivery-postcanada.com/file/saved_resource
91.229.90.148200 OK 7.3 kB URL HTTP/2 www.delivery-postcanada.com/file/saved_resource
IP 91.229.90.148:0
File type ASCII text, with very long lines (6801)
Hash fde0df82113bedc394515cb3fb9b9c06
1e20cf816b890a02e28e8302a93f253cfc2b04e1
0b4b7dfd734b2da1c4989692d27d514c18c0f7c452125db673dfe9e133b4f56b
Analyzer Verdict Alert fortinet Phishing
GET /file/saved_resource HTTP/1.1
Host: www.delivery-postcanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Cookie: PHPSESSID=7a9bbcc3c5058a0398e9c902173bd124
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 08 Sep 2022 08:59:48 GMT
etag: "1c86-6319af04-50fece188ffa80a0;;;"
accept-ranges: bytes
content-length: 7302
date: Sat, 26 Nov 2022 21:16:42 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
www.delivery-postcanada.com/file/CoreModule.js
91.229.90.148200 OK 42 kB URL HTTP/2 www.delivery-postcanada.com/file/CoreModule.js
IP 91.229.90.148:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash fd4e2e947aaee37543ef893459e0b58a
44ca11f4c25d63c1ee35f5c5e09ddc6d7bef2f28
5f80d9eb1e498fea9ca1847ddf3f6742cbd45ec24877f706350d9b75ef503560
Analyzer Verdict Alert fortinet Phishing
GET /file/CoreModule.js HTTP/1.1
Host: www.delivery-postcanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Cookie: PHPSESSID=7a9bbcc3c5058a0398e9c902173bd124
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 03 Dec 2022 21:16:42 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 08:59:48 GMT
etag: "197ac-6319af04-f895b28282458b5c;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 41452
date: Sat, 26 Nov 2022 21:16:42 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.delivery-postcanada.com/file/UserDefinedHTMLModule.js
91.229.90.148200 OK 2.4 kB URL HTTP/2 www.delivery-postcanada.com/file/UserDefinedHTMLModule.js
IP 91.229.90.148:0
File type ASCII text, with very long lines (6978), with no line terminators
Hash 88dc5dd79836a16ba727f57ca9db92e9
89d32abe957a7c1d7daf2a6e1bcc5a523b38a080
79e35c5308f3311bc956365c3a9f9bd681ec7ac75ebcf2478413e1b05b6b578f
Analyzer Verdict Alert fortinet Phishing
GET /file/UserDefinedHTMLModule.js HTTP/1.1
Host: www.delivery-postcanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Cookie: PHPSESSID=7a9bbcc3c5058a0398e9c902173bd124
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 03 Dec 2022 21:16:42 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 08:59:48 GMT
etag: "1b42-6319af04-da0941c4b9a711cf;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 2431
date: Sat, 26 Nov 2022 21:16:42 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.delivery-postcanada.com/file/ScreenCaptureModule.js
91.229.90.148200 OK 9.3 kB URL HTTP/2 www.delivery-postcanada.com/file/ScreenCaptureModule.js
IP 91.229.90.148:0
File type ASCII text, with very long lines (25906), with no line terminators
Hash 7d37c983e2addaed3db8fbeaf1bc2baa
00ec7e248dd7afa7af37c61a9129a730e15538b3
4029192db3850e3bd56e43aab501e69bd7a9687807d386ad6691d0cabeb248ba
Analyzer Verdict Alert fortinet Phishing
GET /file/ScreenCaptureModule.js HTTP/1.1
Host: www.delivery-postcanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Cookie: PHPSESSID=7a9bbcc3c5058a0398e9c902173bd124
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 03 Dec 2022 21:16:42 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 08:59:48 GMT
etag: "6532-6319af04-2cf0701ffd51cbc0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 9346
date: Sat, 26 Nov 2022 21:16:42 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.delivery-postcanada.com/file/js(2)
91.229.90.148200 OK 116 kB URL HTTP/2 www.delivery-postcanada.com/file/js(2)
IP 91.229.90.148:0
File type ASCII text, with very long lines (1615)
Size 116 kB (116541 bytes)
Hash 705b15727af88f7e0c4e90bd32b62324
9dd2c5add195a25ac8e610614011260339b894ef
2e35d9527046efca52202bc27e5eaa654b114bf8e1c89fb3b2214e7cdef06aef
Analyzer Verdict Alert fortinet Phishing
GET /file/js(2) HTTP/1.1
Host: www.delivery-postcanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Cookie: PHPSESSID=7a9bbcc3c5058a0398e9c902173bd124
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 08 Sep 2022 08:59:42 GMT
etag: "1c73d-6319aefe-6738b9a1a62491b5;;;"
accept-ranges: bytes
content-length: 116541
date: Sat, 26 Nov 2022 21:16:42 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
www.delivery-postcanada.com/file/cpc-main-logo.svg
91.229.90.148200 OK 4.4 kB URL HTTP/2 www.delivery-postcanada.com/file/cpc-main-logo.svg
IP 91.229.90.148:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (730)
Hash 7fc2f945db9a6c10452a18e2fb92bd30
e475feef4386402d5cbf33f8a38b17c1c5e66fb0
acb22ee1d5ce6a1c38ca05e244e1ee0cbbb542129afb5bcc11b0624d3f38ad2a
Analyzer Verdict Alert fortinet Phishing
GET /file/cpc-main-logo.svg HTTP/1.1
Host: www.delivery-postcanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Cookie: PHPSESSID=7a9bbcc3c5058a0398e9c902173bd124
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 03 Dec 2022 21:16:42 GMT
content-type: image/svg+xml
last-modified: Thu, 08 Sep 2022 08:59:44 GMT
etag: "3037-6319af00-cead761d1e0570a6;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 4448
date: Sat, 26 Nov 2022 21:16:42 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.delivery-postcanada.com/file/cpc-logo.svg
91.229.90.148200 OK 643 B URL HTTP/2 www.delivery-postcanada.com/file/cpc-logo.svg
IP 91.229.90.148:0
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash df833f86ada6b6b5c2ab913f76a8fdf6
a8597a83f5c06de28ea27ade309ecab2d1d49b91
def3a80251ace03c22a14d01843f43a094a66af9ceb3dca11c7e9af9c0d42049
Analyzer Verdict Alert fortinet Phishing
GET /file/cpc-logo.svg HTTP/1.1
Host: www.delivery-postcanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Cookie: PHPSESSID=7a9bbcc3c5058a0398e9c902173bd124
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 03 Dec 2022 21:16:42 GMT
content-type: image/svg+xml
last-modified: Thu, 08 Sep 2022 08:59:44 GMT
etag: "3aa-6319af00-e1ab48b91a0d591;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 643
date: Sat, 26 Nov 2022 21:16:42 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.delivery-postcanada.com/file/search.svg
91.229.90.148200 OK 231 B URL HTTP/2 www.delivery-postcanada.com/file/search.svg
IP 91.229.90.148:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (320), with no line terminators
Hash e71d66200332fb2074c6eb30b3e6d8fc
5cc824a4a6282ed31dda41a64f64ee9820133e0a
a2c9675a12b9534e0653ecc6596148aa77fa3f8ea6421608f3031501726933dc
Analyzer Verdict Alert fortinet Phishing
GET /file/search.svg HTTP/1.1
Host: www.delivery-postcanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Cookie: PHPSESSID=7a9bbcc3c5058a0398e9c902173bd124
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 03 Dec 2022 21:16:42 GMT
content-type: image/svg+xml
last-modified: Thu, 08 Sep 2022 08:59:44 GMT
etag: "140-6319af00-a59a187bc9a60c24;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 231
date: Sat, 26 Nov 2022 21:16:42 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.delivery-postcanada.com/file/gov-canada-logo.svg
91.229.90.148200 OK 6.2 kB URL HTTP/2 www.delivery-postcanada.com/file/gov-canada-logo.svg
IP 91.229.90.148:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2441)
Hash 1193ef2e5520c2168178eeaaa10dc6d3
330b20b7ef34e2be66827104970fa14eabc5e8f8
3f51e3a8aa85ec9fcf0f085f36a5d520b3d08d4a2598635a7eef659d1cff63f6
Analyzer Verdict Alert fortinet Phishing
GET /file/gov-canada-logo.svg HTTP/1.1
Host: www.delivery-postcanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Cookie: PHPSESSID=7a9bbcc3c5058a0398e9c902173bd124
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 03 Dec 2022 21:16:42 GMT
content-type: image/svg+xml
last-modified: Thu, 08 Sep 2022 08:59:48 GMT
etag: "37b3-6319af04-c21c95da8c83d16a;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 6245
date: Sat, 26 Nov 2022 21:16:42 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.delivery-postcanada.com/file/adsct(1)
91.229.90.148200 OK 43 B URL HTTP/2 www.delivery-postcanada.com/file/adsct(1)
IP 91.229.90.148:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Analyzer Verdict Alert fortinet Phishing
GET /file/adsct(1) HTTP/1.1
Host: www.delivery-postcanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Cookie: PHPSESSID=7a9bbcc3c5058a0398e9c902173bd124
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 08 Sep 2022 08:59:48 GMT
etag: "2b-6319af04-518746da913f6eb;;;"
accept-ranges: bytes
content-length: 43
date: Sat, 26 Nov 2022 21:16:42 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
www.delivery-postcanada.com/file/remove_screen_capture.png
91.229.90.148200 OK 857 B URL HTTP/2 www.delivery-postcanada.com/file/remove_screen_capture.png
IP 91.229.90.148:0
File type PNG image data, 128 x 128, 8-bit gray+alpha, non-interlaced\012- data
Hash e4387ea5cc65d51d08a60765f46cbbcb
f8314def36b28e99c28cda0f4369e4786bf18ca4
37f7e4cae3c3a409193078169c5731a142552e04ca3bbb19c85e87432ce58afb
GET /file/remove_screen_capture.png HTTP/1.1
Host: www.delivery-postcanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Cookie: PHPSESSID=7a9bbcc3c5058a0398e9c902173bd124
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 03 Dec 2022 21:16:42 GMT
content-type: image/png
last-modified: Thu, 08 Sep 2022 08:59:48 GMT
etag: "359-6319af04-a1f07e76a89f9e0d;;;"
accept-ranges: bytes
content-length: 857
date: Sat, 26 Nov 2022 21:16:42 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 619fa0039b94697fc8a5bd24f57e8aa2
53a366391a51d625029cc6d32fb4e8b6060990fd
dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:16:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;0,900;1,300;1,400;1,500;1,700;1,900&display=swap
142.250.74.10200 OK 1.5 kB URL HTTP/2 fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;0,900;1,300;1,400;1,500;1,700;1,900&display=swap
IP 142.250.74.10:0
Hash 6db572b683cbc5bbde1ce587589324b3
e42c8349233ea32f70d5f492b8dd4b7083ed7d1d
36f53bb14944b504cdf83d8e41e178b45cd7177704ae9af7428d5a4722e4e070
GET /css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;0,900;1,300;1,400;1,500;1,700;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 26 Nov 2022 21:16:43 GMT
date: Sat, 26 Nov 2022 21:16:43 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.89.217.163101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.217.163:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: drwMWROq8loQBJCaiZ85jw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: HGpLf4buERqS62RHPKCYTIQmn04=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:16:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.delivery-postcanada.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:34:08 GMT
expires: Thu, 23 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 265355
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e388353a642bc503beff27c23339e2b5
7849301df8cbfa3f9c019b1d4033b66e0f44c4bd
5e595e9ce96c6147c3ff79ebba0068ddb0d997237a671936cb05d9575c59a424
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:16:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e388353a642bc503beff27c23339e2b5
7849301df8cbfa3f9c019b1d4033b66e0f44c4bd
5e595e9ce96c6147c3ff79ebba0068ddb0d997237a671936cb05d9575c59a424
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:16:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:16:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=DC-9852050
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=DC-9852050
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash dac3f1431bafe7b8ac45c5c4efe81308
de276d59f9fa85a8e7dda532e7c55a270639cd31
001baba345dda0bfa78b077063ed002e49f5baee7a3e8be05b41b799b1519aaf
GET /gtag/js?id=DC-9852050 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 26 Nov 2022 21:16:43 GMT
expires: Sat, 26 Nov 2022 21:16:43 GMT
cache-control: private, max-age=900
last-modified: Sat, 26 Nov 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44182
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=DC-9852050&l=dataLayer&cx=c
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=DC-9852050&l=dataLayer&cx=c
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 1862b8a514833b45b2bdf10e7938c8ee
e24d7924da057369ce89cecde1a2bf76e1e96eee
1127e908a5eec19243d1fad23ddf711908c9cc5093e6cb9d0341ec4d3771a560
GET /gtag/js?id=DC-9852050&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 26 Nov 2022 21:16:43 GMT
expires: Sat, 26 Nov 2022 21:16:43 GMT
cache-control: private, max-age=900
last-modified: Sat, 26 Nov 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44200
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.delivery-postcanada.com/file/saved_resource.html
91.229.90.148200 OK 26 kB URL HTTP/2 www.delivery-postcanada.com/file/saved_resource.html
IP 91.229.90.148:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32924)
Hash bd35c29135a1af2708922bce6bdc10eb
bf4d2621c0aa9f0366b4db67fc59699462ab3e18
79296535da9a03c5824e273b2c290ffbb8425c271a8855dab876f80a8bac4b42
Analyzer Verdict Alert fortinet Phishing
GET /file/saved_resource.html HTTP/1.1
Host: www.delivery-postcanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Cookie: PHPSESSID=7a9bbcc3c5058a0398e9c902173bd124; AMCV_0C4E3704533345770A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C19323%7CvVersion%7C5.2.0; _gcl_au=1.1.1288814463.1669497403; at_check=true; s_vnc7=1670102203203%26vn%3D1; s_ivc=true; mbox=session#0295c2b2ef6f4782b01c90b24a9691c4#1669499264
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Thu, 08 Sep 2022 09:31:06 GMT
etag: "dfa8-6319b65a-4cac0e60bf585174;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 26501
date: Sat, 26 Nov 2022 21:16:43 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1d9982c4a878719ddada7e301fb40eca
b088389e7b4dca42ef7391324d6ebc7fc7d8e796
64dbc2a8bcfd6e778293004e63430dc61138124ce7a82e564d9bde62e90b5a60
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4296
Cache-Control: max-age=122509
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:16:43 GMT
Etag: "6381ad01-1d7"
Expires: Mon, 28 Nov 2022 07:18:32 GMT
Last-Modified: Sat, 26 Nov 2022 06:06:57 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e388353a642bc503beff27c23339e2b5
7849301df8cbfa3f9c019b1d4033b66e0f44c4bd
5e595e9ce96c6147c3ff79ebba0068ddb0d997237a671936cb05d9575c59a424
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:16:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a7255dc5b5346ecf1026e5df5a411055
87a0e0e6fd231f1bfecab57ed287f699034a2abd
87dbd4167e91f3ebf6de8c03de2f90e2f87cf6e7358ff6480dae40db214ce6d2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5799
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:16:43 GMT
Last-Modified: Sat, 26 Nov 2022 19:40:04 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0C4E3704533345770A490D44%40AdobeOrg&d_nsid=0&ts=1669497403150
108.128.213.98302 Found 0 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0C4E3704533345770A490D44%40AdobeOrg&d_nsid=0&ts=1669497403150
IP 108.128.213.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0C4E3704533345770A490D44%40AdobeOrg&d_nsid=0&ts=1669497403150 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://www.delivery-postcanada.com
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.delivery-postcanada.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v045-00d737c39.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0C4E3704533345770A490D44%40AdobeOrg&d_nsid=0&ts=1669497403150
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=22546342320756037751004159975320546292; Max-Age=15552000; Expires=Thu, 25 May 2023 21:16:43 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: 1IVchtIMTvw=
Content-Length: 0
Connection: keep-alive
assets.adobedtm.com/0ccf8b9a711f/6e634e5f652e/375d62bfc4b5/EXceb9b11658e548b18c0f3a95e66448d9-libraryCode_source.min.js
23.38.200.237200 OK 29 kB URL HTTP/2 assets.adobedtm.com/0ccf8b9a711f/6e634e5f652e/375d62bfc4b5/EXceb9b11658e548b18c0f3a95e66448d9-libraryCode_source.min.js
IP 23.38.200.237:0
File type ASCII text, with very long lines (32768)
Hash 6dfcf60bb5658880c8e992bf1dbc87f1
d9ca4a3418547e13ea676f89ebb396698bbc8d4d
ef2a249ff0a3c5ada19a94f9c7b62014f5e5957a0e17695fd3b6d3d9ce406e32
GET /0ccf8b9a711f/6e634e5f652e/375d62bfc4b5/EXceb9b11658e548b18c0f3a95e66448d9-libraryCode_source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "ba6bf7eaba51cdf2a7931c5056449aa7:1662066393.427966"
last-modified: Thu, 01 Sep 2022 21:06:33 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Sat, 26 Nov 2022 22:16:43 GMT
date: Sat, 26 Nov 2022 21:16:43 GMT
content-length: 28612
access-control-allow-origin: https://www.delivery-postcanada.com
timing-allow-origin: *
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.delivery-postcanada.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:53:49 GMT
expires: Thu, 23 Nov 2023 18:53:49 GMT
cache-control: public, max-age=31536000
age: 267774
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.delivery-postcanada.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:34:21 GMT
expires: Thu, 23 Nov 2023 19:34:21 GMT
cache-control: public, max-age=31536000
age: 265342
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.delivery-postcanada.com/file/tools_chevron.svg
91.229.90.148200 OK 1.2 kB URL HTTP/2 www.delivery-postcanada.com/file/tools_chevron.svg
IP 91.229.90.148:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (443)
Hash 31042bee295d59e22e5b20bced44b471
cf537ec24af539f9efbf896c6a17a526f201f680
393bc7ef57877b4038d74f319b27953f00edac0a5b08a3089d8e822dba2efa61
Analyzer Verdict Alert fortinet Phishing
GET /file/tools_chevron.svg HTTP/1.1
Host: www.delivery-postcanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/file/tools.css
Cookie: PHPSESSID=7a9bbcc3c5058a0398e9c902173bd124; AMCV_0C4E3704533345770A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C19323%7CvVersion%7C5.2.0; _gcl_au=1.1.1288814463.1669497403; at_check=true; s_vnc7=1670102203203%26vn%3D1; s_ivc=true; mbox=session#0295c2b2ef6f4782b01c90b24a9691c4#1669499264
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 03 Dec 2022 21:16:43 GMT
content-type: image/svg+xml
last-modified: Thu, 08 Sep 2022 00:24:54 GMT
etag: "cf2-63193656-fa1ab789a0c16957;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1244
date: Sat, 26 Nov 2022 21:16:43 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.delivery-postcanada.com/file/open_in_a_new_window.svg
91.229.90.148404 Not Found 708 B URL HTTP/2 www.delivery-postcanada.com/file/open_in_a_new_window.svg
IP 91.229.90.148:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 2382378378c002d88b9a507c712c3349
2e894db3808b554abadc8b144338ad9e2ea937ba
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa
Analyzer Verdict Alert fortinet Phishing
GET /file/open_in_a_new_window.svg HTTP/1.1
Host: www.delivery-postcanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/file/styles.css
Cookie: PHPSESSID=7a9bbcc3c5058a0398e9c902173bd124; AMCV_0C4E3704533345770A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C19323%7CvVersion%7C5.2.0; _gcl_au=1.1.1288814463.1669497403; at_check=true; s_vnc7=1670102203203%26vn%3D1; s_ivc=true; mbox=session#0295c2b2ef6f4782b01c90b24a9691c4#1669499264
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 708
date: Sat, 26 Nov 2022 21:16:43 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.delivery-postcanada.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 14:07:32 GMT
expires: Thu, 23 Nov 2023 14:07:32 GMT
cache-control: public, max-age=31536000
age: 284951
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/toolbar-cg/feedback.svg
23.61.214.200200 OK 382 B URL HTTP/1.1 www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/toolbar-cg/feedback.svg
IP 23.61.214.200:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (724), with no line terminators
Hash b86b3f712d7d1224f22ce80ab788d8bc
1015427d965943c5acfda2a2b96174c96a30e715
827930f77d0aee840f92563e8da302b30e9f0b196f923edd0f6305faf4ae7df0
GET /cpc/assets/cpc/img/icons/toolbar-cg/feedback.svg HTTP/1.1
Host: www.canadapost-postescanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: image/svg+xml
ETag: "5a78a638-2d4"
Last-Modified: Mon, 05 Feb 2018 18:45:12 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
content-security-policy-report-only: object-src 'none'; connect-src 'self' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.cpggpc.ca https://www.google-analytics.com https://siteintercept.qualtrics.com https://www.facebook.com https://sslstats.canadapost.ca https://*.wistia.com https://dpm.demdex.net https://csi.gstatic.com https://adservice.google.com https://*.googlesyndication.com https://*.g.doubleclick.net https://maps.googleapis.com https://vmss.boldchat.com https://www.linkedin.com https://canadapost.tt.omtrdc.net https://services.postcodeanywhere.co.uk https://embedwistia-a.akamaihd.net https://cdn.cookielaw.org https://geolocation.onetrust.com; font-src 'self' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://fonts.gstatic.com https://*.arcgis.com; form-action 'self' https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.canadapost.ca https://*.epost.ca https://www.facebook.com https://google.com; frame-ancestors 'self' https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.canadapost.ca; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.epost.ca https://*.cpggpc.ca https://www.adobetag.com https://assets.adobedtm.com https://siteintercept.qualtrics.com https://zn0xleir6swszany9-canadapostdigital.siteintercept.qualtrics.com https://connect.facebook.net https://snap.licdn.com https://z.moatads.com https://static.ads-twitter.com https://www.googletagmanager.com https://www.google.com https://www.googletagservices.com https://*.google-analytics.com https://*.googleadservices.com https://www.gstatic.com https://*.googlesyndication.com https://adservice.google.com https://adservice.google.ca https://maps.googleapis.com https://cdn.ampproject.org https://*.doubleclick.net https://*.twitter.com https://cdn.syndication.twimg.com https://dpm.demdex.net https://*.wistia.com https://*.frontlinesvc.com https://*.arcgis.com https://www.linkedin.com https://vmss.boldchat.com https://sb.scorecardresearch.com https://www.rnengage.com https://sjs.bizographics.com https://www.instagram.com https://secure.adnxs.com https://app.five9.com https://cdn.cookielaw.org; style-src 'self' 'unsafe-inline' https://*.frontlinesvc.com https://fonts.googleapis.com https://translate.googleapis.com https://*.twitter.com https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.epost.ca https://*.arcgis.com https://*.arcgisonline.com https://app.five9.com; report-uri https://www.canadapost-postescanada.ca/cwc/components/rs/csp-reports;
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
Cache-Control: max-age=86400, private
Expires: Mon, 03 Oct 2022 07:02:38 GMT
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
Content-Security-Policy: frame-ancestors 'self'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubdomains; preload
Content-Encoding: gzip
Content-Length: 382
Date: Sat, 26 Nov 2022 21:16:43 GMT
Connection: keep-alive
Vary: Accept-Encoding
www.delivery-postcanada.com/file/stylesheet.css
91.229.90.148200 OK 46 kB URL HTTP/2 www.delivery-postcanada.com/file/stylesheet.css
IP 91.229.90.148:0
File type Unicode text, UTF-8 text, with very long lines (559)
Hash ecf97ec8eb7cac32cfac8895eedc180c
23876e544c83043314cfd04300cadd25db5b6fcb
5cc44c0105308979daea3e15c524a33ad3a5949e23533a843590408df0f9365b
GET /file/stylesheet.css HTTP/1.1
Host: www.delivery-postcanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/file/saved_resource.html
Cookie: PHPSESSID=7a9bbcc3c5058a0398e9c902173bd124; AMCV_0C4E3704533345770A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C19323%7CvVersion%7C5.2.0; _gcl_au=1.1.1288814463.1669497403; at_check=true; s_vnc7=1670102203203%26vn%3D1; s_ivc=true; mbox=session#0295c2b2ef6f4782b01c90b24a9691c4#1669499264; s_gpv_url=https%3A%2F%2Fwww.delivery-postcanada.com%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 03 Dec 2022 21:16:43 GMT
content-type: text/css
last-modified: Thu, 08 Sep 2022 08:59:50 GMT
etag: "29454-6319af06-c4289986ad78d371;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 45859
date: Sat, 26 Nov 2022 21:16:43 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_0xleIR6sWSZaNY9&Q_CLIENTVERSION=1.76.1&Q_CLIENTTYPE=web
104.17.209.240200 OK 2.7 kB URL HTTP/2 siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_0xleIR6sWSZaNY9&Q_CLIENTVERSION=1.76.1&Q_CLIENTTYPE=web
IP 104.17.209.240:0
File type JSON data\012- , ASCII text, with very long lines (19287), with no line terminators
Hash 7d49c6ef816806477cee0f401be8c577
5a38c0a54fee050760e17a1980f85773acc937c5
4f5453242b8f3e0b9708a5cf79e74b3328451b26978c16827b8318b114d0ce55
POST /WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_0xleIR6sWSZaNY9&Q_CLIENTVERSION=1.76.1&Q_CLIENTTYPE=web HTTP/1.1
Host: siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 89
Origin: https://www.delivery-postcanada.com
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 21:16:43 GMT
content-type: application/json
cf-ray: 7705a593c977fac8-OSL
access-control-allow-origin: https://www.delivery-postcanada.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
trace-id: 9b8ef8e1697d08f3
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.delivery-postcanada.com/file/building_preview.gif
91.229.90.148200 OK 12 kB URL HTTP/2 www.delivery-postcanada.com/file/building_preview.gif
IP 91.229.90.148:0
File type GIF image data, version 89a, 113 x 108\012- data
Hash 3c3ba37130de5fe15faf97c18908283e
c15b49cb09745a9939315132e18f2e40fa2ccf22
9096646da2177d5db92f79352509450582a376913bb5387557c1efd28d0c377b
GET /file/building_preview.gif HTTP/1.1
Host: www.delivery-postcanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Cookie: PHPSESSID=7a9bbcc3c5058a0398e9c902173bd124
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 03 Dec 2022 21:16:43 GMT
content-type: image/gif
last-modified: Thu, 08 Sep 2022 08:59:48 GMT
etag: "3030-6319af04-e15eae34d573d232;;;"
accept-ranges: bytes
content-length: 12336
date: Sat, 26 Nov 2022 21:16:43 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/search.svg
23.61.214.200200 OK 218 B URL HTTP/1.1 www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/search.svg
IP 23.61.214.200:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (320), with no line terminators
Hash d3a621feba2c9afadc8e74c4f71021e1
5364a043f80e5dcbc81b81e86d406eedfc1b69a4
9616a4bbe31bf59f3ec6fd4a9f237bfb89d3424a45238b625b7f1620377d5401
GET /cpc/assets/cpc/img/icons/search.svg HTTP/1.1
Host: www.canadapost-postescanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: image/svg+xml
ETag: "5a78a621-140"
Last-Modified: Mon, 05 Feb 2018 18:44:49 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
content-security-policy-report-only: object-src 'none'; connect-src 'self' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.cpggpc.ca https://www.google-analytics.com https://siteintercept.qualtrics.com https://www.facebook.com https://sslstats.canadapost.ca https://*.wistia.com https://dpm.demdex.net https://csi.gstatic.com https://adservice.google.com https://*.googlesyndication.com https://*.g.doubleclick.net https://maps.googleapis.com https://vmss.boldchat.com https://www.linkedin.com https://canadapost.tt.omtrdc.net https://services.postcodeanywhere.co.uk https://embedwistia-a.akamaihd.net https://cdn.cookielaw.org https://geolocation.onetrust.com; font-src 'self' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://fonts.gstatic.com https://*.arcgis.com; form-action 'self' https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.canadapost.ca https://*.epost.ca https://www.facebook.com https://google.com; frame-ancestors 'self' https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.canadapost.ca; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.epost.ca https://*.cpggpc.ca https://www.adobetag.com https://assets.adobedtm.com https://siteintercept.qualtrics.com https://zn0xleir6swszany9-canadapostdigital.siteintercept.qualtrics.com https://connect.facebook.net https://snap.licdn.com https://z.moatads.com https://static.ads-twitter.com https://www.googletagmanager.com https://www.google.com https://www.googletagservices.com https://*.google-analytics.com https://*.googleadservices.com https://www.gstatic.com https://*.googlesyndication.com https://adservice.google.com https://adservice.google.ca https://maps.googleapis.com https://cdn.ampproject.org https://*.doubleclick.net https://*.twitter.com https://cdn.syndication.twimg.com https://dpm.demdex.net https://*.wistia.com https://*.frontlinesvc.com https://*.arcgis.com https://www.linkedin.com https://vmss.boldchat.com https://sb.scorecardresearch.com https://www.rnengage.com https://sjs.bizographics.com https://www.instagram.com https://secure.adnxs.com https://app.five9.com https://cdn.cookielaw.org; style-src 'self' 'unsafe-inline' https://*.frontlinesvc.com https://fonts.googleapis.com https://translate.googleapis.com https://*.twitter.com https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.epost.ca https://*.arcgis.com https://*.arcgisonline.com https://app.five9.com; report-uri https://www.canadapost-postescanada.ca/cwc/components/rs/csp-reports;
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
Cache-Control: max-age=86400, private
Expires: Thu, 15 Sep 2022 16:23:11 GMT
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
Content-Security-Policy: frame-ancestors 'self'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubdomains; preload
Content-Encoding: gzip
Content-Length: 218
Date: Sat, 26 Nov 2022 21:16:43 GMT
Connection: keep-alive
Vary: Accept-Encoding
www.canadapost-postescanada.ca/cpc/assets/cpc/img/logos/favicon.ico
23.61.214.200200 OK 15 kB URL HTTP/1.1 www.canadapost-postescanada.ca/cpc/assets/cpc/img/logos/favicon.ico
IP 23.61.214.200:0
File type MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash b97eafae41beb90b3c3279fb07fdbc45
705234c0d283026cd13a35df046840f0aad05003
79abb9bc30ff5a68612b4e0967806186ed604f2dea0113e41e6069d6673b8a2b
GET /cpc/assets/cpc/img/logos/favicon.ico HTTP/1.1
Host: www.canadapost-postescanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 15086
Content-Type: image/x-icon
ETag: "596e5822-3aee"
Last-Modified: Tue, 18 Jul 2017 18:49:06 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
Cache-Control: max-age=86400, private
Expires: Mon, 06 Jun 2022 13:09:53 GMT
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
Content-Security-Policy: frame-ancestors 'self'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubdomains; preload
Date: Sat, 26 Nov 2022 21:16:44 GMT
Connection: keep-alive
snap.licdn.com/li.lms-analytics/insight.min.js
23.36.76.121200 OK 4.6 kB URL HTTP/2 snap.licdn.com/li.lms-analytics/insight.min.js
IP 23.36.76.121:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (12961)
Hash c1a25b303b61b25e995516f5559bcdea
3c16a6fa3a2a6dc59d57a9ea1588c4f259884688
2063d2d1415ce9437e9331cb9a798714a5b2e106a65d6dc0ef0d426a5a4c30f2
GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 17 Nov 2022 18:52:45 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=78351
date: Sat, 26 Nov 2022 21:16:44 GMT
content-length: 4581
x-cdn: AKAM
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash abe2cafed9bb23303f477a326ea0a92c
b03552d06666e7fccc435aee8aa0cd1e1c05b302
0fa011fb8bfc063397354a74c204682e07878af72be8b5c7b79935c6b6fee201
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=121464
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:16:44 GMT
Etag: "6381b9b4-1d7"
Expires: Mon, 28 Nov 2022 07:01:08 GMT
Last-Modified: Sat, 26 Nov 2022 07:01:08 GMT
Server: nginx
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 30f833b25d6e5af2229d9584c6f6cf97
ee79c3fa994d53c1d0687ca61353d63cce459e25
1bc091991c4663dbc86ae735e47ddc3e887a24661050ad9f24b8d458bfd11a6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:16:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/1p-user-list/1011747518/?random=1662540977731&cv=9&fst=1662537600000&num=1&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=2483747102&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/1011747518/?random=1662540977731&cv=9&fst=1662537600000&num=1&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=2483747102&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1011747518/?random=1662540977731&cv=9&fst=1662537600000&num=1&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=2483747102&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 21:16:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 8cc0ab0925eae8adcb3b303a10003016
19d1a2eaaa540aa6b4b52c17cbfdf4c98ad759ad
3cd3ec494adb7ca3fa76eb0d37f28a358b18ada02309c8862c8d508b88d16170
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:16:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sslstats.canadapost.ca/id?d_visid_ver=5.2.0&d_fieldgroup=MC&mcorgid=0C4E3704533345770A490D44%40AdobeOrg&ts=1669497403681
15.188.95.229200 OK 48 B URL HTTP/2 sslstats.canadapost.ca/id?d_visid_ver=5.2.0&d_fieldgroup=MC&mcorgid=0C4E3704533345770A490D44%40AdobeOrg&ts=1669497403681
IP 15.188.95.229:0
File type JSON data\012- , ASCII text, with no line terminators
Hash bb592c5ba14ae4963c594bb20a88e821
5f7cb23583bd519dda1dd125f971bdf3fb1ee5dc
22750b838b5e751c957c211a3e1c36011c6eddf48ed0683a959186882b3cf463
GET /id?d_visid_ver=5.2.0&d_fieldgroup=MC&mcorgid=0C4E3704533345770A490D44%40AdobeOrg&ts=1669497403681 HTTP/1.1
Host: sslstats.canadapost.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://www.delivery-postcanada.com
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.delivery-postcanada.com
access-control-allow-credentials: true
date: Sat, 26 Nov 2022 21:16:44 GMT
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: AMCV_0C4E3704533345770A490D44%40AdobeOrg=0%7CMCMID%7C28400652817820745401794340903206781035; Path=/; Domain=canadapost.ca; Max-Age=63072000; Expires=Mon, 25 Nov 2024 21:16:16 GMT;
s_ecid=MCMID%7C28400652817820745401794340903206781035; Path=/; Domain=canadapost.ca; Max-Age=63072000; Expires=Mon, 25 Nov 2024 21:16:16 GMT; SameSite=Lax;
vary: Origin
content-type: application/x-javascript;charset=utf-8
content-length: 48
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/10937558046/?random=1662540977733&cv=9&fst=1662537600000&num=1&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=1313587183&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/10937558046/?random=1662540977733&cv=9&fst=1662537600000&num=1&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=1313587183&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/10937558046/?random=1662540977733&cv=9&fst=1662537600000&num=1&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=1313587183&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 21:16:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 30f833b25d6e5af2229d9584c6f6cf97
ee79c3fa994d53c1d0687ca61353d63cce459e25
1bc091991c4663dbc86ae735e47ddc3e887a24661050ad9f24b8d458bfd11a6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:16:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com.hk/pagead/1p-user-list/1011747518/?random=1662540977732&cv=9&fst=1662537600000&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=2097440824&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.com.hk/pagead/1p-user-list/1011747518/?random=1662540977732&cv=9&fst=1662537600000&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=2097440824&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1011747518/?random=1662540977732&cv=9&fst=1662537600000&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=2097440824&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 21:16:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 30f833b25d6e5af2229d9584c6f6cf97
ee79c3fa994d53c1d0687ca61353d63cce459e25
1bc091991c4663dbc86ae735e47ddc3e887a24661050ad9f24b8d458bfd11a6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:16:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 8cc0ab0925eae8adcb3b303a10003016
19d1a2eaaa540aa6b4b52c17cbfdf4c98ad759ad
3cd3ec494adb7ca3fa76eb0d37f28a358b18ada02309c8862c8d508b88d16170
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:16:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/conversion_async.js
142.250.74.164200 OK 15 kB URL HTTP/2 www.google.com/pagead/conversion_async.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (1654)
Hash ccc839aae3b4ff22e82de9305c51746b
f646be3ede92e09d1e26bf47bf5be59fe70b34ee
0873ef0f0234ff4f2d47c5764d96646140964f2d030d213e9a96f727e27c699f
GET /pagead/conversion_async.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 26 Nov 2022 21:16:44 GMT
expires: Sat, 26 Nov 2022 21:16:44 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 6657920381332615615
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 15184
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 8cc0ab0925eae8adcb3b303a10003016
19d1a2eaaa540aa6b4b52c17cbfdf4c98ad759ad
3cd3ec494adb7ca3fa76eb0d37f28a358b18ada02309c8862c8d508b88d16170
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:16:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sb.scorecardresearch.com/b?c1=2&c2=6035946&cs_it=b3&cv=3.8.0.210223&ns__t=1669497403995&ns_c=UTF-8&c7=https%3A%2F%2Fwww.delivery-postcanada.com%2F&c8=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&c9=
143.204.55.25204 No Content 0 B URL HTTP/2 sb.scorecardresearch.com/b?c1=2&c2=6035946&cs_it=b3&cv=3.8.0.210223&ns__t=1669497403995&ns_c=UTF-8&c7=https%3A%2F%2Fwww.delivery-postcanada.com%2F&c8=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&c9=
IP 143.204.55.25:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b?c1=2&c2=6035946&cs_it=b3&cv=3.8.0.210223&ns__t=1669497403995&ns_c=UTF-8&c7=https%3A%2F%2Fwww.delivery-postcanada.com%2F&c8=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&c9= HTTP/1.1
Host: sb.scorecardresearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sat, 26 Nov 2022 21:16:44 GMT
set-cookie: UID=1487871bf7f1a126d382d561669497404; domain=.scorecardresearch.com; path=/; max-age=62208000
x-cache: Miss from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: zOj1nFzfXQX2MTZ-2DL6bxgx2b2w1yXH-xLIbHqvMiejwwlsHrHadw==
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20030
Expires: Sun, 27 Nov 2022 02:50:34 GMT
Date: Sat, 26 Nov 2022 21:16:44 GMT
Connection: keep-alive
www.google.com/pagead/1p-user-list/1011747518/?random=1662540977732&cv=9&fst=1662537600000&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=2097440824&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/1011747518/?random=1662540977732&cv=9&fst=1662537600000&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=2097440824&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1011747518/?random=1662540977732&cv=9&fst=1662537600000&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=2097440824&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 21:16:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com.hk/pagead/1p-user-list/1011747518/?random=1662540977731&cv=9&fst=1662537600000&num=1&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=2483747102&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.com.hk/pagead/1p-user-list/1011747518/?random=1662540977731&cv=9&fst=1662537600000&num=1&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=2483747102&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1011747518/?random=1662540977731&cv=9&fst=1662537600000&num=1&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=2483747102&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 21:16:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20030
Expires: Sun, 27 Nov 2022 02:50:34 GMT
Date: Sat, 26 Nov 2022 21:16:44 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34ec689c-96b7-450b-b77e-e0ecb4d89c3c.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34ec689c-96b7-450b-b77e-e0ecb4d89c3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c8dc4b8a7e9f7f4f84f0da568b43392b
3d32bff85cb7ec118c4496d0c3802829fdc9af3b
4b0ffde427085c796a7a5823604b29a4af43dbb93e99ec41f34feb37f52ac7d9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34ec689c-96b7-450b-b77e-e0ecb4d89c3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9049
x-amzn-requestid: 6cbd9639-c29d-4ff4-8091-3168f64f4c78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVVGHzKoAMFSuA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638135ba-100ea4235fdf1df8491041c8;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:38:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: utbUF-6Z7rMqPNdRKHJyI-IZoyTy6HpkNBY-60xcZ-6NDXBz1XN6-Q==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:48:40 GMT
age: 84484
etag: "3d32bff85cb7ec118c4496d0c3802829fdc9af3b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: a22b4d7e-e208-4bda-81c2-d13e6463380e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: blE0hGNioAMF_Tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371e81c-1b13846866f56a0e47675e56;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 07:02:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0sYKpJWi2Tv9Atz3PYXm5j7kmncAOxjcLcK4hgAkJ5b4pNMDmjdB6g==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 02:19:43 GMT
age: 68221
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20030
Expires: Sun, 27 Nov 2022 02:50:34 GMT
Date: Sat, 26 Nov 2022 21:16:44 GMT
Connection: keep-alive
www.google.com.hk/pagead/1p-user-list/10937558046/?random=1662540977733&cv=9&fst=1662537600000&num=1&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=1313587183&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.com.hk/pagead/1p-user-list/10937558046/?random=1662540977733&cv=9&fst=1662537600000&num=1&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=1313587183&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/10937558046/?random=1662540977733&cv=9&fst=1662537600000&num=1&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=1313587183&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 21:16:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f5318cc-4728-4160-afd1-9d20b79b7de9.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f5318cc-4728-4160-afd1-9d20b79b7de9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3b1c6878914466cfece680fa7cb73502
47fac81a2dd809df5c42ca1362f71d553572d2b1
6458883dfa2bdfd483e92e5f847a229508ef00ce1dbd11f49eec369d0bd3160a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f5318cc-4728-4160-afd1-9d20b79b7de9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9914
x-amzn-requestid: 4db4ed29-20b4-4ca7-8835-2463d0989d5b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVVFHQYIAMFc4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638135b9-613da006118724124e345b29;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:38:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qKxrYxVsJWOXAbrn6IpwLycF3rknFLkQeDyKOLq5WyflvTLeUjg_Lg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:18:42 GMT
age: 82682
etag: "47fac81a2dd809df5c42ca1362f71d553572d2b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=&time=1669497402744&url=https%3A%2F%2Fwww.delivery-postcanada.com%2F
13.107.42.14200 OK 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=&time=1669497402744&url=https%3A%2F%2Fwww.delivery-postcanada.com%2F
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=&time=1669497402744&url=https%3A%2F%2Fwww.delivery-postcanada.com%2F HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&f24b7854-5589-4a16-8337-097e9b28dc79"; domain=.linkedin.com; Path=/; Secure; Expires=Sun, 26-Nov-2023 21:16:44 GMT; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2377:u=1:x=1:i=1669497404:t=1669583804:v=2:sig=AQGRjefRvxSZPhatTcGYWaT4TuGDxPIB"; Expires=Sun, 27 Nov 2022 21:16:44 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXuZie6cmB1WychND+wYg==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: F5BED27B4A1A49189236EA948B2F128B Ref B: OSL30EDGE0417 Ref C: 2022-11-26T21:16:44Z
date: Sat, 26 Nov 2022 21:16:43 GMT
content-length: 0
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20030
Expires: Sun, 27 Nov 2022 02:50:34 GMT
Date: Sat, 26 Nov 2022 21:16:44 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg
34.120.237.76200 OK 3.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a783df85f30f9c555f9df6b99f61744d
61f9bed607e81606be78285596acdc5e0e4f4994
19db42201d0fa059f680d890ede6683c04e893e6308a2256d0203f826a7f34de
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3502
x-amzn-requestid: ca3f2610-e03c-48a7-abb3-fbbab76f63d2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvYUHO5IAMFqDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5ce-7e36137711dc4668278c1c94;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:03:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: SRN-oOfa8Z0mQZFYkWAv32XFiXChfGjfwZkfWz-IzHubwrKgzwoTxQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 03:55:38 GMT
age: 62466
etag: "61f9bed607e81606be78285596acdc5e0e4f4994"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20030
Expires: Sun, 27 Nov 2022 02:50:34 GMT
Date: Sat, 26 Nov 2022 21:16:44 GMT
Connection: keep-alive
dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=0C4E3704533345770A490D44%40AdobeOrg&d_nsid=0&d_mid=28400652817820745401794340903206781035&ts=1669497404144
108.128.213.98200 OK 306 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=0C4E3704533345770A490D44%40AdobeOrg&d_nsid=0&d_mid=28400652817820745401794340903206781035&ts=1669497404144
IP 108.128.213.98:0
File type JSON data\012- , ASCII text, with very long lines (364), with no line terminators
Hash 47603d51eb3b2dc0ae7e7ec0d9476541
9e918e1b707d6f3d5b92dff40f8ccec44479691d
b5d98463e6e9c06757c21cb68fced888b5826587192fa78fd3170d73dab9c8ab
GET /id?d_visid_ver=5.2.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=0C4E3704533345770A490D44%40AdobeOrg&d_nsid=0&d_mid=28400652817820745401794340903206781035&ts=1669497404144 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://www.delivery-postcanada.com
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.delivery-postcanada.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-1-v045-0a888e68a.edge-irl1.demdex.com 2 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=28376895307242367231796452805838106996; Max-Age=15552000; Expires=Thu, 25 May 2023 21:16:44 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: BgPPL9GtRdM=
Content-Length: 306
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1de44df6-bdc7-487f-a2a0-b42d26be2420.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1de44df6-bdc7-487f-a2a0-b42d26be2420.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 17ebe470d040a6ea8c57e9b9d4f4e828
1ac7a410cd4f3709f476c776dd5646dd982dcfa8
d65114b68fcc12344c6df7bf294718b79822fa9782d3bd54ca044b66f82052b1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1de44df6-bdc7-487f-a2a0-b42d26be2420.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15818
x-amzn-requestid: a6570859-3b03-492e-9f84-e25b01223da2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLXrUF3bIAMF8CA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381397b-379b1bcf2ac0715835e10e48;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:54:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TI0cacek54dPUYW7fYy0xm-1CKdRXZGqBH1vGURakUsBbm-WGcW-vA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:17:55 GMT
age: 82729
etag: "1ac7a410cd4f3709f476c776dd5646dd982dcfa8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.linkedin.oribi.io/partner/9198/domain/delivery-postcanada.com/token
54.230.111.42200 OK 0 B URL HTTP/2 cdn.linkedin.oribi.io/partner/9198/domain/delivery-postcanada.com/token
IP 54.230.111.42:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /partner/9198/domain/delivery-postcanada.com/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://www.delivery-postcanada.com/
Origin: https://www.delivery-postcanada.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
date: Sat, 26 Nov 2022 02:49:29 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: content-type
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: DFM_M7RgRtnuZzp-O1e6AN8s9sckLyavN8nLl9Zm_5k8ZDJT6SRfsA==
age: 66435
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e922b25acaba2d7f8921ebe973a4b261
5dd4c237c84a652cbcf3db163529f3788ceafc46
a7856c7777aa01b671ddae097494f2b031cbbddc7b244fe8714a8c02b85d8589
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:16:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93728079-c686-4b9a-9313-1cc6778793d2.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93728079-c686-4b9a-9313-1cc6778793d2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 96437d0cb1ceaffa77124f0dcfeb38cf
3f4a47cdd9ea3bbd20fec37e4a9dbfa9af2acc50
89244601b0a4bc150033e52dc56cf0fbe2846ebba7532c477146258a70783e05
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93728079-c686-4b9a-9313-1cc6778793d2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7799
x-amzn-requestid: 4b3bf619-fb69-4cfe-b8e7-7de4ea127853
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLXADFOvoAMFXQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813866-77f561ae3496d84c75541300;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:49:26 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lt_7H9W9LVUS5gKPrBF_vGiXg-anP_bGV5izsxPiGhiasy2eBnltuw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:33:39 GMT
age: 81785
etag: "3f4a47cdd9ea3bbd20fec37e4a9dbfa9af2acc50"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a22bc94a1116f343d9c3377cfd4fc5b2
b0bad6a620abd0c33a96c32721ad87849da9f9e6
294cd4b44650b17a93cbe9a4de887ad1da8ab8c11105707cccff17812a8d5890
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:16:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 8cc0ab0925eae8adcb3b303a10003016
19d1a2eaaa540aa6b4b52c17cbfdf4c98ad759ad
3cd3ec494adb7ca3fa76eb0d37f28a358b18ada02309c8862c8d508b88d16170
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:16:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a22bc94a1116f343d9c3377cfd4fc5b2
b0bad6a620abd0c33a96c32721ad87849da9f9e6
294cd4b44650b17a93cbe9a4de887ad1da8ab8c11105707cccff17812a8d5890
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:16:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a22bc94a1116f343d9c3377cfd4fc5b2
b0bad6a620abd0c33a96c32721ad87849da9f9e6
294cd4b44650b17a93cbe9a4de887ad1da8ab8c11105707cccff17812a8d5890
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:16:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/1011747518/?random=1669497404105&cv=9&fst=1669497404105&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.delivery-postcanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=1288814463.1669497403&hn=www.google.com&async=1&rfmt=3&fmt=4
142.250.74.162200 OK 975 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1011747518/?random=1669497404105&cv=9&fst=1669497404105&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.delivery-postcanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=1288814463.1669497403&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 142.250.74.162:0
File type ASCII text, with very long lines (2271), with no line terminators
Hash 03cc04193b535481bc43b87963bf50ea
392cd80a3a30e55e1cf212a259ba5426bdb5ac64
971a586a837ff70da735a4f456aabd4285df2404fe154da4d8e55e0d0a10ab0a
GET /pagead/viewthroughconversion/1011747518/?random=1669497404105&cv=9&fst=1669497404105&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.delivery-postcanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=1288814463.1669497403&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 21:16:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 975
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 26-Nov-2022 21:31:44 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d669b9e0a1c08b051bf86cc86eb09418
96e9a8b6b180edb3ebd7b213a0e0e96f51ea1336
d94f7e3f7050b0f7c84eb8428e91bc65fbca027c27ad6ee8b8a7ec9c2b0cc551
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5914
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:16:44 GMT
Last-Modified: Sat, 26 Nov 2022 19:38:11 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
googleads.g.doubleclick.net/pagead/viewthroughconversion/10937558046/?random=1669497404110&cv=9&fst=1669497404110&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.delivery-postcanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=1288814463.1669497403&hn=www.google.com&async=1&rfmt=3&fmt=4
142.250.74.162200 OK 975 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/10937558046/?random=1669497404110&cv=9&fst=1669497404110&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.delivery-postcanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=1288814463.1669497403&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 142.250.74.162:0
File type ASCII text, with very long lines (2273), with no line terminators
Hash fc54065fce75f22ad1266397921f150c
f76a201a00031132bb8fef4f3e7d0357d6671e69
1c858c9e3eea686a31a3097c31ad73f1439dcd2e9160cfb82bfa7aae27ab0e24
GET /pagead/viewthroughconversion/10937558046/?random=1669497404110&cv=9&fst=1669497404110&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.delivery-postcanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=1288814463.1669497403&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 21:16:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 975
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 26-Nov-2022 21:31:44 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/10937558046/?random=1669497404109&cv=9&fst=1669497404109&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.delivery-postcanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=1288814463.1669497403&hn=www.google.com&async=1&rfmt=3&fmt=4
142.250.74.162200 OK 975 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/10937558046/?random=1669497404109&cv=9&fst=1669497404109&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.delivery-postcanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=1288814463.1669497403&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 142.250.74.162:0
File type ASCII text, with very long lines (2273), with no line terminators
Hash 728488f16a50a9a78d1cc6045d2c68f2
9dd592a46c08f8dc9254ae771c49260270ad2dc0
63f6ea03333a556ecd0b55857e86e09778f079af359c922ec2a7a530c727d449
GET /pagead/viewthroughconversion/10937558046/?random=1669497404109&cv=9&fst=1669497404109&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.delivery-postcanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=1288814463.1669497403&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 21:16:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 975
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 26-Nov-2022 21:31:44 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/1011747518/?random=1669497404106&cv=9&fst=1669497404106&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fwww.delivery-postcanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=1288814463.1669497403&hn=www.google.com&async=1&rfmt=3&fmt=4
142.250.74.162200 OK 1.0 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1011747518/?random=1669497404106&cv=9&fst=1669497404106&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fwww.delivery-postcanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=1288814463.1669497403&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 142.250.74.162:0
File type ASCII text, with very long lines (2613), with no line terminators
Hash 8bbec36597e34e5df5689dd624d20f16
46c50e9554ad1687f8061603a75733098c08e6d2
2e710da95e44fa75b945a8d56317c0436db273b85256473acb8b9eb749222a31
GET /pagead/viewthroughconversion/1011747518/?random=1669497404106&cv=9&fst=1669497404106&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fwww.delivery-postcanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=1288814463.1669497403&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 21:16:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1046
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 26-Nov-2022 21:31:44 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/1011747518/?random=1669497404100&cv=9&fst=1669497404100&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.delivery-postcanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=1288814463.1669497403&hn=www.google.com&async=1&rfmt=3&fmt=4
142.250.74.162200 OK 973 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1011747518/?random=1669497404100&cv=9&fst=1669497404100&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.delivery-postcanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=1288814463.1669497403&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 142.250.74.162:0
File type ASCII text, with very long lines (2269), with no line terminators
Hash 600ecc75c89d67b0b90591daaaa501ef
34cf9a8ce5a30f588f96466b27f71834ec173c7b
03f8802abc971347dd24feef92a2232318962badadfae98b15dab5eb0799c72d
GET /pagead/viewthroughconversion/1011747518/?random=1669497404100&cv=9&fst=1669497404100&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.delivery-postcanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=1288814463.1669497403&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 21:16:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 973
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 26-Nov-2022 21:31:44 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/1011747518/?random=1669497404102&cv=9&fst=1669497404102&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fwww.delivery-postcanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=1288814463.1669497403&hn=www.google.com&async=1&rfmt=3&fmt=4
142.250.74.162200 OK 1.0 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1011747518/?random=1669497404102&cv=9&fst=1669497404102&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fwww.delivery-postcanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=1288814463.1669497403&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 142.250.74.162:0
File type ASCII text, with very long lines (2613), with no line terminators
Hash 01bbb27934a7911925644323f4f0cbf7
e26d2354a5a4b2254cbd8bad14ede5bbe7f6a2ae
679fa8b576357bda7b807f197e64e17cecff4fedb1f53fe588683c937cc129ec
GET /pagead/viewthroughconversion/1011747518/?random=1669497404102&cv=9&fst=1669497404102&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fwww.delivery-postcanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=1288814463.1669497403&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 21:16:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1048
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 26-Nov-2022 21:31:44 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a22bc94a1116f343d9c3377cfd4fc5b2
b0bad6a620abd0c33a96c32721ad87849da9f9e6
294cd4b44650b17a93cbe9a4de887ad1da8ab8c11105707cccff17812a8d5890
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:16:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
canadapost.tt.omtrdc.net/m2/canadapost/mbox/json?mbox=target-global-mbox&mboxSession=0295c2b2ef6f4782b01c90b24a9691c4&mboxPC=&mboxPage=fd7a9d7568e7475c9d6a009bbc0fbaa6&mboxRid=3ed2935027714cb88975fa2895c4ac39&mboxVersion=1.8.3&mboxCount=1&mboxTime=1669497403207&mboxHost=www.delivery-postcanada.com&mboxURL=https%3A%2F%2Fwww.delivery-postcanada.com%2F&mboxReferrer=&browserHeight=939&browserWidth=1280&browserTimeOffset=0&screenHeight=1024&screenWidth=1280&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&user.status=anonymous&visitNumber=1&user.profileType=anonymous&mboxMCSDID=1F175D986F8384AB-4FCE5EBD86FDD7AD&vst.trk=sslstats.canadapost.ca&vst.trks=sslstats.canadapost.ca&mboxMCGVID=28400652817820745401794340903206781035
52.211.216.135200 OK 96 B URL HTTP/2 canadapost.tt.omtrdc.net/m2/canadapost/mbox/json?mbox=target-global-mbox&mboxSession=0295c2b2ef6f4782b01c90b24a9691c4&mboxPC=&mboxPage=fd7a9d7568e7475c9d6a009bbc0fbaa6&mboxRid=3ed2935027714cb88975fa2895c4ac39&mboxVersion=1.8.3&mboxCount=1&mboxTime=1669497403207&mboxHost=www.delivery-postcanada.com&mboxURL=https%3A%2F%2Fwww.delivery-postcanada.com%2F&mboxReferrer=&browserHeight=939&browserWidth=1280&browserTimeOffset=0&screenHeight=1024&screenWidth=1280&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&user.status=anonymous&visitNumber=1&user.profileType=anonymous&mboxMCSDID=1F175D986F8384AB-4FCE5EBD86FDD7AD&vst.trk=sslstats.canadapost.ca&vst.trks=sslstats.canadapost.ca&mboxMCGVID=28400652817820745401794340903206781035
IP 52.211.216.135:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 95a8941fb1399add84ca348a7e614d9a
7f316467bcbe5677cdbd7a6f8a0ed275e961a424
6f14acdb9aaf52f2b2ce5f51a490d04f155eed81075c1019c946b45f82c7f8f1
GET /m2/canadapost/mbox/json?mbox=target-global-mbox&mboxSession=0295c2b2ef6f4782b01c90b24a9691c4&mboxPC=&mboxPage=fd7a9d7568e7475c9d6a009bbc0fbaa6&mboxRid=3ed2935027714cb88975fa2895c4ac39&mboxVersion=1.8.3&mboxCount=1&mboxTime=1669497403207&mboxHost=www.delivery-postcanada.com&mboxURL=https%3A%2F%2Fwww.delivery-postcanada.com%2F&mboxReferrer=&browserHeight=939&browserWidth=1280&browserTimeOffset=0&screenHeight=1024&screenWidth=1280&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&user.status=anonymous&visitNumber=1&user.profileType=anonymous&mboxMCSDID=1F175D986F8384AB-4FCE5EBD86FDD7AD&vst.trk=sslstats.canadapost.ca&vst.trks=sslstats.canadapost.ca&mboxMCGVID=28400652817820745401794340903206781035 HTTP/1.1
Host: canadapost.tt.omtrdc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.delivery-postcanada.com
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 21:16:44 GMT
content-type: application/json;charset=UTF-8
content-length: 96
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://www.delivery-postcanada.com
access-control-allow-credentials: true
x-request-id: 3ed2935027714cb88975fa2895c4ac39
pragma: no-cache
cache-control: no-cache
timing-allow-origin: *
X-Firefox-Spdy: h2
cdn.linkedin.oribi.io/partner/9198/domain/delivery-postcanada.com/token
54.230.111.42200 OK 104 B URL HTTP/2 cdn.linkedin.oribi.io/partner/9198/domain/delivery-postcanada.com/token
IP 54.230.111.42:0
Hash f300e2a4e2aa8ab2dbe3727e273fe4dd
5aa7e29e67ba7e1c003ea9902d9e407e9ed1de33
aad40f368d389709abeef0de0ac56af4c39ef25c8a5aa91bc851e6088a4366a6
GET /partner/9198/domain/delivery-postcanada.com/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://www.delivery-postcanada.com
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
date: Sat, 26 Nov 2022 20:46:41 GMT
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: jdYt6B7AQV4kR6eZkVw55lQTvvf6pMX_w7wE3SMN5sWnaZGEs9K6Bg==
age: 1803
X-Firefox-Spdy: h2
sb.scorecardresearch.com/beacon.js
143.204.55.25200 OK 1.9 kB URL HTTP/2 sb.scorecardresearch.com/beacon.js
IP 143.204.55.25:0
Hash b7d545c36dfcbb2b4644ede9c8e7c3f1
c437ef44b17a08eea9a49d768cd6e47985b90880
b6f20c49abf7582010bf9234836edde65ab516f2778c65841edc8457001a604e
GET /beacon.js HTTP/1.1
Host: sb.scorecardresearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Sat, 26 Nov 2022 01:57:24 GMT
cache-control: max-age=86400
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: HUpFdxNdNFPv7jA64nT6wfjoNJqC15_5BrYRKd5xoDGdiyyFCTeicA==
age: 69564
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f3424fd0abb5ab18be62cd209cb3d3dc
dbb2a21b12e92c8837c4346b6d052454bb6dffd6
e69548655278cf6a48fce549928656eb5a91d787e7b1afc12959e2bffb58990b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:16:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f3424fd0abb5ab18be62cd209cb3d3dc
dbb2a21b12e92c8837c4346b6d052454bb6dffd6
e69548655278cf6a48fce549928656eb5a91d787e7b1afc12959e2bffb58990b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:16:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f3424fd0abb5ab18be62cd209cb3d3dc
dbb2a21b12e92c8837c4346b6d052454bb6dffd6
e69548655278cf6a48fce549928656eb5a91d787e7b1afc12959e2bffb58990b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:16:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f3424fd0abb5ab18be62cd209cb3d3dc
dbb2a21b12e92c8837c4346b6d052454bb6dffd6
e69548655278cf6a48fce549928656eb5a91d787e7b1afc12959e2bffb58990b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:16:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/1011747518/?random=1669497404105&cv=9&fst=1669496400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.delivery-postcanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=3830529155&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1011747518/?random=1669497404105&cv=9&fst=1669496400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.delivery-postcanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=3830529155&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1011747518/?random=1669497404105&cv=9&fst=1669496400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.delivery-postcanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=3830529155&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 21:16:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/1011747518/?random=1669497404100&cv=9&fst=1669496400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.delivery-postcanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=884782013&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1011747518/?random=1669497404100&cv=9&fst=1669496400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.delivery-postcanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=884782013&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1011747518/?random=1669497404100&cv=9&fst=1669496400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.delivery-postcanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=884782013&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 21:16:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/10937558046/?random=1669497404110&cv=9&fst=1669496400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.delivery-postcanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=1932455694&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/10937558046/?random=1669497404110&cv=9&fst=1669496400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.delivery-postcanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=1932455694&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/10937558046/?random=1669497404110&cv=9&fst=1669496400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.delivery-postcanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=1932455694&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 21:16:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f3424fd0abb5ab18be62cd209cb3d3dc
dbb2a21b12e92c8837c4346b6d052454bb6dffd6
e69548655278cf6a48fce549928656eb5a91d787e7b1afc12959e2bffb58990b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:16:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/1011747518/?random=1669497404106&cv=9&fst=1669496400000&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fwww.delivery-postcanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=1378714410&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1011747518/?random=1669497404106&cv=9&fst=1669496400000&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fwww.delivery-postcanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=1378714410&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1011747518/?random=1669497404106&cv=9&fst=1669496400000&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fwww.delivery-postcanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=1378714410&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 21:16:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/10937558046/?random=1669497404109&cv=9&fst=1669496400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.delivery-postcanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=3554484729&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/10937558046/?random=1669497404109&cv=9&fst=1669496400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.delivery-postcanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=3554484729&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/10937558046/?random=1669497404109&cv=9&fst=1669496400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.delivery-postcanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=3554484729&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 21:16:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f3424fd0abb5ab18be62cd209cb3d3dc
dbb2a21b12e92c8837c4346b6d052454bb6dffd6
e69548655278cf6a48fce549928656eb5a91d787e7b1afc12959e2bffb58990b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 21:16:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/1011747518/?random=1669497404102&cv=9&fst=1669496400000&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fwww.delivery-postcanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=1277136092&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1011747518/?random=1669497404102&cv=9&fst=1669496400000&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fwww.delivery-postcanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=1277136092&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1011747518/?random=1669497404102&cv=9&fst=1669496400000&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fwww.delivery-postcanada.com%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=1277136092&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 21:16:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
canadapost.demdex.net/dest5.html?d_nsid=0
54.228.235.72200 OK 2.8 kB URL HTTP/1.1 canadapost.demdex.net/dest5.html?d_nsid=0
IP 54.228.235.72:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Hash ccbdcb1e84c241950763ec4cd516cdfc
55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12
GET /dest5.html?d_nsid=0 HTTP/1.1
Host: canadapost.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Sat, 26 Nov 2022 21:16:44 GMT
DCS: dcs-prod-irl1-2-v045-0f14bb97f.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Fri, 28 Oct 2022 11:22:24 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: OUI8YIQ1SjA=
transfer-encoding: chunked
Connection: keep-alive
sslstats.canadapost.ca/b/ss/canadapostcapool/1/JS-2.5.0-LCUM/s34580613193222?AQB=1&ndh=1&pf=1&t=26%2F10%2F2022%2021%3A16%3A44%206%200&sdid=1F175D986F8384AB-4FCE5EBD86FDD7AD&mid=28400652817820745401794340903206781035&aamlh=6&ce=UTF-8&ns=canadapost&cdp=2&fpCookieDomainPeriods=2&pageName=cpc.ca%3A%20%3E%20en%20%3E%20common%20%3E%20psi%20%3E%20Postal%20indicia%20tool&g=https%3A%2F%2Fwww.delivery-postcanada.com%2F&c.&getVisitNum=4.2&endOfDatePeriod=1.2&.c&cc=CAD&ch=psi&server=www.delivery-postcanada.com&events=event96%3D12&aamb=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&h1=psi&c3=D%3DpageName&v3=D%3DpageName&c8=www.delivery-postcanada.com&c9=D%3DpageName&v9=D%3DpageName&c10=D%3DpageName&v10=D%3DpageName&c11=D%3DpageName&v11=D%3DpageName&c13=D%3DpageName&v13=D%3DpageName&c14=common&v14=common&c15=en&v15=en&c16=standard&v16=standard&c17=anonymous&v17=anonymous&c24=www.delivery-postcanada.com&v24=www.delivery-postcanada.com&v30=D%3Dv122&c34=16%3A00&v34=16%3A00&c35=Saturday&v35=Saturday&c36=weekend&v36=weekend&v37=First%20Visit&c39=New&v39=New&c56=None&v56=D%3Dc56&v69=D%3DUser-Agent&c70=D%3Dv70&v70=https%3A%2F%2Fwww.delivery-postcanada.com%2F&c72=12&v85=Saturday%202022-11-26&v122=anonymous&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=0C4E3704533345770A490D44%40AdobeOrg&AQE=1
15.188.95.229200 OK 43 B URL HTTP/2 sslstats.canadapost.ca/b/ss/canadapostcapool/1/JS-2.5.0-LCUM/s34580613193222?AQB=1&ndh=1&pf=1&t=26%2F10%2F2022%2021%3A16%3A44%206%200&sdid=1F175D986F8384AB-4FCE5EBD86FDD7AD&mid=28400652817820745401794340903206781035&aamlh=6&ce=UTF-8&ns=canadapost&cdp=2&fpCookieDomainPeriods=2&pageName=cpc.ca%3A%20%3E%20en%20%3E%20common%20%3E%20psi%20%3E%20Postal%20indicia%20tool&g=https%3A%2F%2Fwww.delivery-postcanada.com%2F&c.&getVisitNum=4.2&endOfDatePeriod=1.2&.c&cc=CAD&ch=psi&server=www.delivery-postcanada.com&events=event96%3D12&aamb=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&h1=psi&c3=D%3DpageName&v3=D%3DpageName&c8=www.delivery-postcanada.com&c9=D%3DpageName&v9=D%3DpageName&c10=D%3DpageName&v10=D%3DpageName&c11=D%3DpageName&v11=D%3DpageName&c13=D%3DpageName&v13=D%3DpageName&c14=common&v14=common&c15=en&v15=en&c16=standard&v16=standard&c17=anonymous&v17=anonymous&c24=www.delivery-postcanada.com&v24=www.delivery-postcanada.com&v30=D%3Dv122&c34=16%3A00&v34=16%3A00&c35=Saturday&v35=Saturday&c36=weekend&v36=weekend&v37=First%20Visit&c39=New&v39=New&c56=None&v56=D%3Dc56&v69=D%3DUser-Agent&c70=D%3Dv70&v70=https%3A%2F%2Fwww.delivery-postcanada.com%2F&c72=12&v85=Saturday%202022-11-26&v122=anonymous&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=0C4E3704533345770A490D44%40AdobeOrg&AQE=1
IP 15.188.95.229:0
File type GIF image data, version 89a, 2 x 2\012- data
Hash ad480fd0732d0f6f1a8b06359e3a42bb
a544538683a2dfe574eeb2e358ac8fcc78289d50
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
GET /b/ss/canadapostcapool/1/JS-2.5.0-LCUM/s34580613193222?AQB=1&ndh=1&pf=1&t=26%2F10%2F2022%2021%3A16%3A44%206%200&sdid=1F175D986F8384AB-4FCE5EBD86FDD7AD&mid=28400652817820745401794340903206781035&aamlh=6&ce=UTF-8&ns=canadapost&cdp=2&fpCookieDomainPeriods=2&pageName=cpc.ca%3A%20%3E%20en%20%3E%20common%20%3E%20psi%20%3E%20Postal%20indicia%20tool&g=https%3A%2F%2Fwww.delivery-postcanada.com%2F&c.&getVisitNum=4.2&endOfDatePeriod=1.2&.c&cc=CAD&ch=psi&server=www.delivery-postcanada.com&events=event96%3D12&aamb=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&h1=psi&c3=D%3DpageName&v3=D%3DpageName&c8=www.delivery-postcanada.com&c9=D%3DpageName&v9=D%3DpageName&c10=D%3DpageName&v10=D%3DpageName&c11=D%3DpageName&v11=D%3DpageName&c13=D%3DpageName&v13=D%3DpageName&c14=common&v14=common&c15=en&v15=en&c16=standard&v16=standard&c17=anonymous&v17=anonymous&c24=www.delivery-postcanada.com&v24=www.delivery-postcanada.com&v30=D%3Dv122&c34=16%3A00&v34=16%3A00&c35=Saturday&v35=Saturday&c36=weekend&v36=weekend&v37=First%20Visit&c39=New&v39=New&c56=None&v56=D%3Dc56&v69=D%3DUser-Agent&c70=D%3Dv70&v70=https%3A%2F%2Fwww.delivery-postcanada.com%2F&c72=12&v85=Saturday%202022-11-26&v122=anonymous&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=0C4E3704533345770A490D44%40AdobeOrg&AQE=1 HTTP/1.1
Host: sslstats.canadapost.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
date: Sat, 26 Nov 2022 21:16:44 GMT
expires: Fri, 25 Nov 2022 21:16:44 GMT
last-modified: Sun, 27 Nov 2022 21:16:44 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
etag: 3585218377440788480-4619815694291701523
vary: *
content-type: image/gif;charset=utf-8
content-length: 43
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash d3a5b4edb3e666614bdc18634f9588f7
7562e9eefe1da0a93c457950466c805d60278ddd
e43bf5f136f59507ca4d69c5fe57cdda15f97a857ea7237093725bff3f246800
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=151363
Date: Sat, 26 Nov 2022 21:16:44 GMT
Etag: "63821c1d-1d7"
Expires: Mon, 28 Nov 2022 15:19:27 GMT
Last-Modified: Sat, 26 Nov 2022 14:01:01 GMT
Server: ECS (bsa/EB20)
X-Cache: Miss from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: MeCKJmgJi94z0l0x1kygV7j1U6ZqawgGUPEfkDdi88G-f6huhz5F1A==
Age: 4707
cm.everesttech.net/cm/dd?d_uuid=28376895307242367231796452805838106996
99.80.65.0302 0 B URL HTTP/1.1 cm.everesttech.net/cm/dd?d_uuid=28376895307242367231796452805838106996
IP 99.80.65.0:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/dd?d_uuid=28376895307242367231796452805838106996 HTTP/1.1
Host: cm.everesttech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302
Date: Sat, 26 Nov 2022 21:16:44 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: everest_g_v2=g_surferid~Y4KCPAAAALX1bwN6; Domain=.everesttech.net; Expires=Sun, 26-Nov-2023 21:16:44 GMT; Path=/
everest_session_v2=Y4KCPAAAALX1cAN6; Domain=.everesttech.net; Path=/
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y4KCPAAAALX1bwN6
Server: AMO-cookiemap/1.1
dpm.demdex.net/ibs:dpid=411&dpuuid=Y4KCPAAAALX1bwN6
108.128.213.98302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=411&dpuuid=Y4KCPAAAALX1bwN6
IP 108.128.213.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=411&dpuuid=Y4KCPAAAALX1bwN6 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.delivery-postcanada.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-1-v045-06d6ad95b.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y4KCPAAAALX1bwN6
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=72209667802335343403794576869763077922; Max-Age=15552000; Expires=Thu, 25 May 2023 21:16:44 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: cngYZnf8T38=
Content-Length: 0
Connection: keep-alive
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y4KCPAAAALX1bwN6
108.128.213.98200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y4KCPAAAALX1bwN6
IP 108.128.213.98:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y4KCPAAAALX1bwN6 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.delivery-postcanada.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-2-v045-03da2f349.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: rwvjN7s/SEI=
Content-Length: 59
Connection: keep-alive
zn0xleir6swszany9-canadapostdigital.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_0xleIR6sWSZaNY9&Q_LOC=https%3A%2F%2Fwww.delivery-postcanada.com%2F&t=1669497404673
104.17.209.240200 OK 0 B URL HTTP/2 zn0xleir6swszany9-canadapostdigital.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_0xleIR6sWSZaNY9&Q_LOC=https%3A%2F%2Fwww.delivery-postcanada.com%2F&t=1669497404673
IP 104.17.209.240:0
GET /WRSiteInterceptEngine/?Q_ZID=ZN_0xleIR6sWSZaNY9&Q_LOC=https%3A%2F%2Fwww.delivery-postcanada.com%2F&t=1669497404673 HTTP/1.1
Host: zn0xleir6swszany9-canadapostdigital.siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 21:16:44 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 7705a59c9a72fac8-OSL
access-control-allow-origin: *
age: 144769
cache-control: public, max-age=3600, s-maxage=604800
etag: W/"2127-yCXSqeWNF3QQ5gWuVWm89QaDdXQ"
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify
cf-polished: origSize=8487
edge-control: max-age=604800
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.delivery-postcanada.com/file/analytics.js
91.229.90.148200 OK 0 B URL HTTP/2 www.delivery-postcanada.com/file/analytics.js
IP 91.229.90.148:0
Analyzer Verdict Alert fortinet Phishing
GET /file/analytics.js HTTP/1.1
Host: www.delivery-postcanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Cookie: PHPSESSID=7a9bbcc3c5058a0398e9c902173bd124
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 03 Dec 2022 21:16:42 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 08:59:48 GMT
etag: "134d-6319af04-90daa301147a1efc;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1408
date: Sat, 26 Nov 2022 21:16:42 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
siteintercept.qualtrics.com/dxjsmodule/4.a5c0de52a5fc4b1cbc4b.chunk.js?Q_CLIENTVERSION=1.81.0&Q_CLIENTTYPE=web&Q_BRANDID=canadapostdigital
104.17.209.240200 OK 0 B URL HTTP/2 siteintercept.qualtrics.com/dxjsmodule/4.a5c0de52a5fc4b1cbc4b.chunk.js?Q_CLIENTVERSION=1.81.0&Q_CLIENTTYPE=web&Q_BRANDID=canadapostdigital
IP 104.17.209.240:0
GET /dxjsmodule/4.a5c0de52a5fc4b1cbc4b.chunk.js?Q_CLIENTVERSION=1.81.0&Q_CLIENTTYPE=web&Q_BRANDID=canadapostdigital HTTP/1.1
Host: siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 21:16:45 GMT
content-type: application/javascript
cf-ray: 7705a59e6bccfac8-OSL
access-control-allow-origin: *
age: 415811
cache-control: public, max-age=604800, s-maxage=604800
etag: W/"9eb-1845383cf10"
last-modified: Mon, 07 Nov 2022 19:14:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify
cf-polished: origSize=2539
edge-control: max-age=604800
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.delivery-postcanada.com/file/js
91.229.90.148200 OK 0 B URL HTTP/2 www.delivery-postcanada.com/file/js
IP 91.229.90.148:0
Analyzer Verdict Alert fortinet Phishing
GET /file/js HTTP/1.1
Host: www.delivery-postcanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Cookie: PHPSESSID=7a9bbcc3c5058a0398e9c902173bd124
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 08 Sep 2022 08:59:42 GMT
etag: "263c8-6319aefe-4130b4fd5689b6e9;;;"
accept-ranges: bytes
content-length: 156616
date: Sat, 26 Nov 2022 21:16:42 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
www.delivery-postcanada.com/file/js(1)
91.229.90.148200 OK 0 B URL HTTP/2 www.delivery-postcanada.com/file/js(1)
IP 91.229.90.148:0
Analyzer Verdict Alert fortinet Phishing
GET /file/js(1) HTTP/1.1
Host: www.delivery-postcanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Cookie: PHPSESSID=7a9bbcc3c5058a0398e9c902173bd124
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 08 Sep 2022 08:59:42 GMT
etag: "1a1ac-6319aefe-5b8d8ddfa14ba2a5;;;"
accept-ranges: bytes
content-length: 106924
date: Sat, 26 Nov 2022 21:16:42 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.76.1&Q_CLIENTTYPE=web&Q_BRANDID=canadapostdigital
104.17.209.240200 OK 0 B URL HTTP/2 siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.76.1&Q_CLIENTTYPE=web&Q_BRANDID=canadapostdigital
IP 104.17.209.240:0
GET /dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.76.1&Q_CLIENTTYPE=web&Q_BRANDID=canadapostdigital HTTP/1.1
Host: siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 21:16:43 GMT
content-type: application/javascript
cf-ray: 7705a595abb0fac8-OSL
access-control-allow-origin: *
age: 389205
cache-control: public, max-age=604800, s-maxage=604800
etag: W/"19abd-182d0e95990"
last-modified: Wed, 24 Aug 2022 17:32:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify
cf-polished: origSize=105149
edge-control: max-age=604800
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
siteintercept.qualtrics.com/dxjsmodule/11.6d6c5ef8794769da04fd.chunk.js?Q_CLIENTVERSION=1.81.0&Q_CLIENTTYPE=web&Q_BRANDID=canadapostdigital
104.17.209.240200 OK 0 B URL HTTP/2 siteintercept.qualtrics.com/dxjsmodule/11.6d6c5ef8794769da04fd.chunk.js?Q_CLIENTVERSION=1.81.0&Q_CLIENTTYPE=web&Q_BRANDID=canadapostdigital
IP 104.17.209.240:0
GET /dxjsmodule/11.6d6c5ef8794769da04fd.chunk.js?Q_CLIENTVERSION=1.81.0&Q_CLIENTTYPE=web&Q_BRANDID=canadapostdigital HTTP/1.1
Host: siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 21:16:44 GMT
content-type: application/javascript
cf-ray: 7705a59cdad2fac8-OSL
access-control-allow-origin: *
age: 415856
cache-control: public, max-age=604800, s-maxage=604800
etag: W/"f871-1845383cf10"
last-modified: Mon, 07 Nov 2022 19:14:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify
cf-polished: origSize=63601
edge-control: max-age=604800
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.delivery-postcanada.com/file/satelliteLib-f2fc6f00da802a0747b6ffed3c12e3931bfca496.js
91.229.90.148200 OK 0 B URL HTTP/2 www.delivery-postcanada.com/file/satelliteLib-f2fc6f00da802a0747b6ffed3c12e3931bfca496.js
IP 91.229.90.148:0
Analyzer Verdict Alert fortinet Phishing
GET /file/satelliteLib-f2fc6f00da802a0747b6ffed3c12e3931bfca496.js HTTP/1.1
Host: www.delivery-postcanada.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.delivery-postcanada.com/
Cookie: PHPSESSID=7a9bbcc3c5058a0398e9c902173bd124
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 03 Dec 2022 21:16:42 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 08:59:42 GMT
etag: "96be1-6319aefe-bff1b73a7482eb1d;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 219464
date: Sat, 26 Nov 2022 21:16:42 GMT
server: LiteSpeed
X-Firefox-Spdy: h2