adjustpostcanada.ca/
91.229.90.157301 Moved Permanently 707 B IP 91.229.90.157:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
GET / HTTP/1.1
Host: adjustpostcanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Wed, 07 Dec 2022 15:10:13 GMT
server: LiteSpeed
location: https://adjustpostcanada.ca/
vary: User-Agent
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 5ceaca9fd4ad000cb435820812fc69c8
8168397aaf7b572c89a9c83f46c0b65e4ac509f2
9c4e52e7e17158307d752db0bc3d1fbedae4f305cc301fd73b260f73ab796492
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C4E52E7E17158307D752DB0BC3D1FBEDAE4F305CC301FD73B260F73AB796492"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4835
Expires: Wed, 07 Dec 2022 16:30:48 GMT
Date: Wed, 07 Dec 2022 15:10:13 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash aaee4cb7873d6f1effbadf269482e100
bd55730ac8414fb6861b03c2a97319b4063e2cb9
d724fd9c5704fb8948d575357cad0032e89cf275d57ddb86f013fa97e033487c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3487
Cache-Control: max-age=159549
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 15:10:13 GMT
Etag: "63906b73-1d7"
Expires: Fri, 09 Dec 2022 11:29:22 GMT
Last-Modified: Wed, 07 Dec 2022 10:31:15 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 07 Dec 2022 15:08:03 GMT
content-type: application/json
age: 130
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a0abf10fb7e96c1c98dacf2f013a68b4
acdd839bce85eadc78a8e821e32e00a958d5c0c8
b85d98f8df05431777d96c767ce4c152302ec3f653cdf6e61c8c3fa9574f3255
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B85D98F8DF05431777D96C767CE4C152302EC3F653CDF6E61C8C3FA9574F3255"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6169
Expires: Wed, 07 Dec 2022 16:53:02 GMT
Date: Wed, 07 Dec 2022 15:10:13 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: hI+wyXTvLbWEZFHgfVTzitJbM1be4EddTEACF96qVH/F/U0jcR+x0LR9+Cfab4u9z1Enb9wYA/s=
x-amz-request-id: PMXKWK0TM5M9BDGG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 07 Dec 2022 14:49:24 GMT
age: 1249
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 15:10:13 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 521043e6d0ed57073eccf470a5ff4066
2edc06232729ef84f2eac6c50a43f90661f31e3d
69a93e5610ded799e863da013a69e8411a69ad009e47109c1a19bd64b4a8d548
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "69A93E5610DED799E863DA013A69E8411A69AD009E47109C1A19BD64B4A8D548"
Last-Modified: Wed, 07 Dec 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 07 Dec 2022 21:10:13 GMT
Date: Wed, 07 Dec 2022 15:10:13 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 07 Dec 2022 15:07:58 GMT
age: 135
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 053aff7451e55d4269dd9610ab070f3f
b3376256d11d159b0c7280ba1515b78d7d9e12ca
24114ca560fe70d03185bd66985603fd5a03dc310aa9a8ea7a7b3723ed46ce3e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3478
Cache-Control: max-age=154474
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 15:10:14 GMT
Etag: "639057aa-1d7"
Expires: Fri, 09 Dec 2022 10:04:48 GMT
Last-Modified: Wed, 07 Dec 2022 09:06:50 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
adjustpostcanada.ca/
91.229.90.157200 OK 82 kB IP 91.229.90.157:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (7181)
Hash 4429b8740e2c1ce48931a3bb28c6a328
f76ba59cf10b33d67ee48ab6ea67142fdece0701
f2f5c1b620826f057c2cf44b409d6adc8173681bd7c75bf59b8f30f1b577acb1
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
GET / HTTP/1.1
Host: adjustpostcanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
set-cookie: PHPSESSID=5a951d1c5b66135d5fbe43dc2ab16298; path=/; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding,User-Agent
date: Wed, 07 Dec 2022 15:10:14 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
adjustpostcanada.ca/file/foundation.css
91.229.90.157200 OK 21 kB URL HTTP/2 adjustpostcanada.ca/file/foundation.css
IP 91.229.90.157:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash ecfa358523b89d4177ab5ef79e1034b9
1588304a284720f99380c5918496d9c39d78c7fd
aaeb42674f952520497dfb75f25aa78f1b4e1caf53ce50afd5629edf89e0b0e2
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
GET /file/foundation.css HTTP/1.1
Host: adjustpostcanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Cookie: PHPSESSID=5a951d1c5b66135d5fbe43dc2ab16298
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 14 Dec 2022 15:10:14 GMT
content-type: text/css
last-modified: Thu, 08 Sep 2022 08:59:40 GMT
etag: "18d9e-6319aefc-729f52aa184c62d7;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 20922
date: Wed, 07 Dec 2022 15:10:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
adjustpostcanada.ca/file/normalize.css
91.229.90.157200 OK 995 B URL HTTP/2 adjustpostcanada.ca/file/normalize.css
IP 91.229.90.157:0
File type ASCII text, with very long lines (2011)
Hash fb47db9a73e62c29983c97245ff1a0b1
1d8e7bd48874522b8979c9ab2ae9ef09d3a6cf39
af66e48b3dde10dd39f871e0cd4326b1e3a5de75831584c7bab725c6bee03037
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
GET /file/normalize.css HTTP/1.1
Host: adjustpostcanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Cookie: PHPSESSID=5a951d1c5b66135d5fbe43dc2ab16298
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 14 Dec 2022 15:10:14 GMT
content-type: text/css
last-modified: Thu, 08 Sep 2022 08:59:40 GMT
etag: "7dc-6319aefc-dbb20ec8d18c6fec;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 995
date: Wed, 07 Dec 2022 15:10:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
adjustpostcanada.ca/file/cpc-main.css
91.229.90.157200 OK 106 kB URL HTTP/2 adjustpostcanada.ca/file/cpc-main.css
IP 91.229.90.157:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 106 kB (106391 bytes)
Hash 9d58a121cd7ad1bdd9538b2277109543
db0207b056b2b778b61fb6e990bf5ed3b3925026
d70ffbd592c403179b5912e0540969e4bacb22996f7eee7229914ae1406c2e91
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
GET /file/cpc-main.css HTTP/1.1
Host: adjustpostcanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Cookie: PHPSESSID=5a951d1c5b66135d5fbe43dc2ab16298
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 14 Dec 2022 15:10:14 GMT
content-type: text/css
last-modified: Thu, 08 Sep 2022 08:59:40 GMT
etag: "73970-6319aefc-9e63af978274ea15;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 106391
date: Wed, 07 Dec 2022 15:10:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
adjustpostcanada.ca/file/tools.css
91.229.90.157200 OK 1.1 kB URL HTTP/2 adjustpostcanada.ca/file/tools.css
IP 91.229.90.157:0
File type ASCII text, with CRLF line terminators
Hash f5c6a9a90cfaa8d0029a002047a15424
f086faefa9b3253507e739bdc27a7f3e8f8af687
16e3163fa66145a0c0faab909279df764a8b0dce5ed8f8e76cde383f89da6b3b
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
GET /file/tools.css HTTP/1.1
Host: adjustpostcanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Cookie: PHPSESSID=5a951d1c5b66135d5fbe43dc2ab16298
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 14 Dec 2022 15:10:14 GMT
content-type: text/css
last-modified: Thu, 08 Sep 2022 09:18:46 GMT
etag: "c74-6319b376-17dd2ceb1f6a6a23;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1132
date: Wed, 07 Dec 2022 15:10:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
adjustpostcanada.ca/file/beacon.js
91.229.90.157200 OK 2.0 kB URL HTTP/2 adjustpostcanada.ca/file/beacon.js
IP 91.229.90.157:0
File type ASCII text, with very long lines (3936)
Hash cc337805f6ac7780832182130c1a7df7
1bff753e2dd2c04f8491c222cba4a0def7a41b59
e9846109d7ee4d10d6f3fa458da8a7b992beca036eed5d461a466e3e08445d4f
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
GET /file/beacon.js HTTP/1.1
Host: adjustpostcanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Cookie: PHPSESSID=5a951d1c5b66135d5fbe43dc2ab16298
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 14 Dec 2022 15:10:14 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 08:59:40 GMT
etag: "f61-6319aefc-4ef34e0f1aa52677;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1969
date: Wed, 07 Dec 2022 15:10:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
adjustpostcanada.ca/file/f.txt
91.229.90.157200 OK 20 kB URL HTTP/2 adjustpostcanada.ca/file/f.txt
IP 91.229.90.157:0
File type ASCII text, with very long lines (1623)
Hash 0dfb86abfc05e7ec1e890311b24c4a39
aa8a4c0e356fa9c6699f66d952bd5640b9b6b365
4382b1d5203f422b6bffaa6f9b52f406a86b12615fa7692d378c95d41baa9596
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
GET /file/f.txt HTTP/1.1
Host: adjustpostcanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Cookie: PHPSESSID=5a951d1c5b66135d5fbe43dc2ab16298
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/plain
last-modified: Thu, 08 Sep 2022 08:59:40 GMT
etag: "a422-6319aefc-678e3bccf0801817;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 19595
date: Wed, 07 Dec 2022 15:10:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
adjustpostcanada.ca/file/insight.min.js
91.229.90.157200 OK 3.4 kB URL HTTP/2 adjustpostcanada.ca/file/insight.min.js
IP 91.229.90.157:0
File type ASCII text, with very long lines (7751)
Hash 8db1005349ab554c09a98451fca04c6a
4e1318838a0869ebe3c0d6092042638044820b37
68b9c58408ccfcb50e671216c0f7d8bc868aa9a17ac5fc309c5f15b238f61ed0
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
GET /file/insight.min.js HTTP/1.1
Host: adjustpostcanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Cookie: PHPSESSID=5a951d1c5b66135d5fbe43dc2ab16298
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 14 Dec 2022 15:10:14 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 08:59:42 GMT
etag: "1e48-6319aefe-d9a01c5e5e58d7e0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3363
date: Wed, 07 Dec 2022 15:10:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
adjustpostcanada.ca/file/614267586032718
91.229.90.157404 Not Found 708 B URL HTTP/2 adjustpostcanada.ca/file/614267586032718
IP 91.229.90.157:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 2382378378c002d88b9a507c712c3349
2e894db3808b554abadc8b144338ad9e2ea937ba
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
GET /file/614267586032718 HTTP/1.1
Host: adjustpostcanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Cookie: PHPSESSID=5a951d1c5b66135d5fbe43dc2ab16298
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 708
date: Wed, 07 Dec 2022 15:10:14 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
adjustpostcanada.ca/file/fbevents.js
91.229.90.157404 Not Found 708 B URL HTTP/2 adjustpostcanada.ca/file/fbevents.js
IP 91.229.90.157:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 2382378378c002d88b9a507c712c3349
2e894db3808b554abadc8b144338ad9e2ea937ba
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
GET /file/fbevents.js HTTP/1.1
Host: adjustpostcanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Cookie: PHPSESSID=5a951d1c5b66135d5fbe43dc2ab16298
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 708
date: Wed, 07 Dec 2022 15:10:14 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
adjustpostcanada.ca/file/modernizr.js
91.229.90.157200 OK 5.9 kB URL HTTP/2 adjustpostcanada.ca/file/modernizr.js
IP 91.229.90.157:0
File type Unicode text, UTF-8 text, with very long lines (12268)
Hash 45160d49cd70dfe6668255a450fdc0ee
dc6eaef70081628ded73ae5e04ad1993e7ff212e
31ad73b5011ba424c06fa79b72a8738c69db877c3203e1bedd6ff55e18d1d267
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
GET /file/modernizr.js HTTP/1.1
Host: adjustpostcanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Cookie: PHPSESSID=5a951d1c5b66135d5fbe43dc2ab16298
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 14 Dec 2022 15:10:14 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 08:59:42 GMT
etag: "30f0-6319aefe-74ec2494eca02e39;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 5906
date: Wed, 07 Dec 2022 15:10:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
adjustpostcanada.ca/file/foundation.reveal.js
91.229.90.157200 OK 5.1 kB URL HTTP/2 adjustpostcanada.ca/file/foundation.reveal.js
IP 91.229.90.157:0
Hash 423a71ff03b19e39f33eec3ae8c9c31f
fd757da4b47c842ee4f1bac9cc5d5452a032b00f
e65f608f6c442d9dad3dd67feae03d90942bb211bba47e6c8b085e5e15641d9d
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
GET /file/foundation.reveal.js HTTP/1.1
Host: adjustpostcanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Cookie: PHPSESSID=5a951d1c5b66135d5fbe43dc2ab16298
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 14 Dec 2022 15:10:14 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 08:59:42 GMT
etag: "4135-6319aefe-5b6c01a55f4cbf56;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 5086
date: Wed, 07 Dec 2022 15:10:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
adjustpostcanada.ca/file/tools.js
91.229.90.157200 OK 122 B URL HTTP/2 adjustpostcanada.ca/file/tools.js
IP 91.229.90.157:0
Hash 0a55a61bc65245a773a3253aaf81e4f6
a2fd9ce6d25635b2138e640956c41fd65652f792
1e35a7196a71189199f08214fa6a5226661be7437810c6851a75e80e26bbe112
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
GET /file/tools.js HTTP/1.1
Host: adjustpostcanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Cookie: PHPSESSID=5a951d1c5b66135d5fbe43dc2ab16298
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 14 Dec 2022 15:10:14 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 08:59:42 GMT
etag: "7a-6319aefe-28167746ff8d5717;;;"
accept-ranges: bytes
content-length: 122
date: Wed, 07 Dec 2022 15:10:14 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
adjustpostcanada.ca/file/postal-guide.css
91.229.90.157200 OK 219 B URL HTTP/2 adjustpostcanada.ca/file/postal-guide.css
IP 91.229.90.157:0
Hash 2ee5ed7bd5030d2f8dce54670cf71745
5bfe846bb5ae8bfcb6246274559bea3cab9c8d78
43c1972f25c54d62c69c95d129d60ad4ac4c5b56cbd125e83169fd43fabffc7b
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
GET /file/postal-guide.css HTTP/1.1
Host: adjustpostcanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Cookie: PHPSESSID=5a951d1c5b66135d5fbe43dc2ab16298
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 14 Dec 2022 15:10:14 GMT
content-type: text/css
last-modified: Thu, 08 Sep 2022 09:26:50 GMT
etag: "177-6319b55a-3e9abaf51a4e502a;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 219
date: Wed, 07 Dec 2022 15:10:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
adjustpostcanada.ca/file/styles.css
91.229.90.157200 OK 16 kB URL HTTP/2 adjustpostcanada.ca/file/styles.css
IP 91.229.90.157:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash b9a0b278b86c1dfa2284228bf00c6260
2fc88034544b6640a1095db0a2ab2d6d55bf2b85
72cff4200659ac6b8367aacd599eded7d951844cda65f80ee6276ca24102e9e7
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
GET /file/styles.css HTTP/1.1
Host: adjustpostcanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Cookie: PHPSESSID=5a951d1c5b66135d5fbe43dc2ab16298
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 14 Dec 2022 15:10:14 GMT
content-type: text/css
last-modified: Thu, 08 Sep 2022 08:59:42 GMT
etag: "126b5-6319aefe-ac1e271b5af1f18c;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 16124
date: Wed, 07 Dec 2022 15:10:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
adjustpostcanada.ca/file/f(1).txt
91.229.90.157200 OK 1.2 kB URL HTTP/2 adjustpostcanada.ca/file/f(1).txt
IP 91.229.90.157:0
File type ASCII text, with very long lines (2402), with no line terminators
Hash 393ec35ff90e2758dbf9b112b9e06c5b
178c5426f0a547309a5ce601646d1e79d1508245
b49610c94d468aace72779c9c223d56e2a2a03215fd2d28991b2ad7c2d3f3cfe
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
GET /file/f(1).txt HTTP/1.1
Host: adjustpostcanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Cookie: PHPSESSID=5a951d1c5b66135d5fbe43dc2ab16298
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/plain
last-modified: Thu, 08 Sep 2022 08:59:44 GMT
etag: "962-6319af00-ec0c667e88d8c3f7;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1162
date: Wed, 07 Dec 2022 15:10:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
adjustpostcanada.ca/file/f(2).txt
91.229.90.157200 OK 1.3 kB URL HTTP/2 adjustpostcanada.ca/file/f(2).txt
IP 91.229.90.157:0
File type ASCII text, with very long lines (2744), with no line terminators
Hash 25a715e415123b59970ee567f2ff8056
5c9c27a60f25c5b8b0d8fad5b479c142dbdb71cb
5f2dfb910f7a71259bff4050eac52dc3c7fd0a3cc00486e28ae008fbf719c67d
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
GET /file/f(2).txt HTTP/1.1
Host: adjustpostcanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Cookie: PHPSESSID=5a951d1c5b66135d5fbe43dc2ab16298
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/plain
last-modified: Thu, 08 Sep 2022 08:59:44 GMT
etag: "ab8-6319af00-f02c2947674850a7;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1255
date: Wed, 07 Dec 2022 15:10:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
adjustpostcanada.ca/file/f(3).txt
91.229.90.157200 OK 1.2 kB URL HTTP/2 adjustpostcanada.ca/file/f(3).txt
IP 91.229.90.157:0
File type ASCII text, with very long lines (2404), with no line terminators
Hash c75b6adc2c5861cd765bb75bc2365c0e
c22c68bdb2d2eb2a43c038e95af1fff3b901c11c
6f176d7bad9c26dfdc11a8381ebddb1f3de68f5dcdad4b8bc54aadd6512ed02d
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
GET /file/f(3).txt HTTP/1.1
Host: adjustpostcanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Cookie: PHPSESSID=5a951d1c5b66135d5fbe43dc2ab16298
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/plain
last-modified: Thu, 08 Sep 2022 08:59:44 GMT
etag: "964-6319af00-55a8a08afe393ab5;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1156
date: Wed, 07 Dec 2022 15:10:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
adjustpostcanada.ca/file/11.4dc17d50d8eb18566aef.chunk.js
91.229.90.157200 OK 25 kB URL HTTP/2 adjustpostcanada.ca/file/11.4dc17d50d8eb18566aef.chunk.js
IP 91.229.90.157:0
File type ASCII text, with very long lines (62147), with no line terminators
Hash af0ab8a976a04ea08c013ede72384e73
cc9137efa5cdc5e647f9c506e10ca3efa18032b3
f5ff7c8fd6f5b22a2f7e48fdd304ee0209e2a5cf95edb5a2e090fdb6ea69bbe2
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
GET /file/11.4dc17d50d8eb18566aef.chunk.js HTTP/1.1
Host: adjustpostcanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Cookie: PHPSESSID=5a951d1c5b66135d5fbe43dc2ab16298
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 14 Dec 2022 15:10:14 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 08:59:44 GMT
etag: "f2c3-6319af00-787b962ff3946e74;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 24839
date: Wed, 07 Dec 2022 15:10:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
adjustpostcanada.ca/file/4.44a799399bc4cc3dbe48.chunk.js
91.229.90.157200 OK 898 B URL HTTP/2 adjustpostcanada.ca/file/4.44a799399bc4cc3dbe48.chunk.js
IP 91.229.90.157:0
File type ASCII text, with very long lines (1754), with no line terminators
Hash 1268bd975575d5969b4043e17d2fba23
426c61e0634245b49d08ee91458b848b37b1191c
cccd50c685ee0ca9e9a98ffba83d0d92064356d634deabf2939fb874e641937c
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
GET /file/4.44a799399bc4cc3dbe48.chunk.js HTTP/1.1
Host: adjustpostcanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Cookie: PHPSESSID=5a951d1c5b66135d5fbe43dc2ab16298
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 14 Dec 2022 15:10:14 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 08:59:44 GMT
etag: "6da-6319af00-d2a320331e4f9861;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 898
date: Wed, 07 Dec 2022 15:10:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
adjustpostcanada.ca/file/1.0f15e3ad6ddcff4e902e.chunk.js
91.229.90.157200 OK 8.3 kB URL HTTP/2 adjustpostcanada.ca/file/1.0f15e3ad6ddcff4e902e.chunk.js
IP 91.229.90.157:0
File type ASCII text, with very long lines (28797), with no line terminators
Hash 27fd6de3338ea6c0e6f716a8fe649dad
d54ac7b394e2e053ed72db701aee595513cd6968
df28452c55e330461aa0e5c5778a7d33b58ea911e3fd1460ae9fe0af650dcf51
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
GET /file/1.0f15e3ad6ddcff4e902e.chunk.js HTTP/1.1
Host: adjustpostcanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Cookie: PHPSESSID=5a951d1c5b66135d5fbe43dc2ab16298
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 14 Dec 2022 15:10:14 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 08:59:44 GMT
etag: "707d-6319af00-62fb37a19714e68b;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 8314
date: Wed, 07 Dec 2022 15:10:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
adjustpostcanada.ca/file/uwt.js
91.229.90.157200 OK 22 kB URL HTTP/2 adjustpostcanada.ca/file/uwt.js
IP 91.229.90.157:0
File type ASCII text, with very long lines (57443), with no line terminators
Hash db2c157d6cc3fab7a1fda4ab2d05d979
e08005545c250c9211619a318e73b97cecc82af6
33340d1e06484b7a9e881f46816c9dd2533ba24d3905c28c3c63fbd3b6d728f2
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
GET /file/uwt.js HTTP/1.1
Host: adjustpostcanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Cookie: PHPSESSID=5a951d1c5b66135d5fbe43dc2ab16298
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 14 Dec 2022 15:10:14 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 08:59:42 GMT
etag: "e063-6319aefe-f09262f09a589add;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 21688
date: Wed, 07 Dec 2022 15:10:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.189.35.180101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.189.35.180:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: eQFdJ1iDJeVK5tCsFHnAoQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: QQ7szVfK44IyDbn57mK7Sym6IsE=
adjustpostcanada.ca/file/foundation.min.js
91.229.90.157200 OK 37 kB URL HTTP/2 adjustpostcanada.ca/file/foundation.min.js
IP 91.229.90.157:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (32024)
Hash f1b6d980c1b561066911d156489898c0
cd16908a596733dbda17291e685ce9c10c6c97da
8d5e71c86b4871e2eae33ebfdd220a275f9bc4a5012ae3b18b727729a0d01653
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
GET /file/foundation.min.js HTTP/1.1
Host: adjustpostcanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Cookie: PHPSESSID=5a951d1c5b66135d5fbe43dc2ab16298
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 14 Dec 2022 15:10:14 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 08:59:42 GMT
etag: "190a5-6319aefe-8e3440833ffcca38;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 36779
date: Wed, 07 Dec 2022 15:10:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
adjustpostcanada.ca/file/EXceb9b11658e548b18c0f3a95e66448d9-libraryCode_source.min.js
91.229.90.157200 OK 36 kB URL HTTP/2 adjustpostcanada.ca/file/EXceb9b11658e548b18c0f3a95e66448d9-libraryCode_source.min.js
IP 91.229.90.157:0
File type ASCII text, with very long lines (32768)
Hash 06f4f95ab30fcb0c8dfdd2efe22a5dec
b8c2ccbfdb8a94770ffa1f0e6e06b40ca2ab86fe
eba4ca63e1147de229e605ca8d2989f990cb1337bfa0fd55d92e18c1f9b0233f
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
GET /file/EXceb9b11658e548b18c0f3a95e66448d9-libraryCode_source.min.js HTTP/1.1
Host: adjustpostcanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Cookie: PHPSESSID=5a951d1c5b66135d5fbe43dc2ab16298
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 14 Dec 2022 15:10:14 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 08:59:42 GMT
etag: "14b27-6319aefe-177566c83c9a1d65;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 36399
date: Wed, 07 Dec 2022 15:10:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
adjustpostcanada.ca/file/js(3)
91.229.90.157200 OK 107 kB URL HTTP/2 adjustpostcanada.ca/file/js(3)
IP 91.229.90.157:0
File type ASCII text, with very long lines (1615)
Size 107 kB (106890 bytes)
Hash 2872c8c0b367893cac4105e87dded92e
cc7495ce29491f93ce061609a1d0dfaed72bf58c
be497bd6cee5b026521ce6eb3c7937c84a02a83403a0417de3972f31116a4275
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
GET /file/js(3) HTTP/1.1
Host: adjustpostcanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Cookie: PHPSESSID=5a951d1c5b66135d5fbe43dc2ab16298
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 08 Sep 2022 08:59:42 GMT
etag: "1a18a-6319aefe-662257bc6b73e089;;;"
accept-ranges: bytes
content-length: 106890
date: Wed, 07 Dec 2022 15:10:14 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
adjustpostcanada.ca/file/analytics.js
91.229.90.157200 OK 1.4 kB URL HTTP/2 adjustpostcanada.ca/file/analytics.js
IP 91.229.90.157:0
File type exported SGML document, ASCII text, with very long lines (832)
Hash 910fb242023a230516a0fb4a832ec55a
c1dee3dd93ed3b36289983ff28366be3a72b479b
34639c7c4dddbebb37789413b1cd2e2e747ca9666d64a3efb8b366bcd12ef721
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
GET /file/analytics.js HTTP/1.1
Host: adjustpostcanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Cookie: PHPSESSID=5a951d1c5b66135d5fbe43dc2ab16298
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 14 Dec 2022 15:10:14 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 08:59:48 GMT
etag: "134d-6319af04-790c9431e6690518;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1408
date: Wed, 07 Dec 2022 15:10:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
adjustpostcanada.ca/file/js(1)
91.229.90.157200 OK 107 kB URL HTTP/2 adjustpostcanada.ca/file/js(1)
IP 91.229.90.157:0
File type ASCII text, with very long lines (1615)
Size 107 kB (106924 bytes)
Hash 8db76da2ae8557f5ac7918807a8cfc0f
0538f9cd042428fb0552c10eb38eba3768f55bab
2a181651938ec7f59a29a52a9998392778602ae653f3ae7911de845986407e3f
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
GET /file/js(1) HTTP/1.1
Host: adjustpostcanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Cookie: PHPSESSID=5a951d1c5b66135d5fbe43dc2ab16298
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 08 Sep 2022 08:59:42 GMT
etag: "1a1ac-6319aefe-36923871ad754e99;;;"
accept-ranges: bytes
content-length: 106924
date: Wed, 07 Dec 2022 15:10:14 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
adjustpostcanada.ca/file/satelliteLib-f2fc6f00da802a0747b6ffed3c12e3931bfca496.js
91.229.90.157200 OK 220 kB URL HTTP/2 adjustpostcanada.ca/file/satelliteLib-f2fc6f00da802a0747b6ffed3c12e3931bfca496.js
IP 91.229.90.157:0
File type ASCII text, with very long lines (32759)
Size 220 kB (219464 bytes)
Hash 73023651793ae1a66130e7bd90abcf75
edba155a03f1ce3f47a6044753431c33b401d86c
9f20783db1012eda49398993e598759df6068e38fb68f42c0607fb532680196b
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
GET /file/satelliteLib-f2fc6f00da802a0747b6ffed3c12e3931bfca496.js HTTP/1.1
Host: adjustpostcanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Cookie: PHPSESSID=5a951d1c5b66135d5fbe43dc2ab16298
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 14 Dec 2022 15:10:14 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 08:59:42 GMT
etag: "96be1-6319aefe-5c21d7be0f3265c6;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 219464
date: Wed, 07 Dec 2022 15:10:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
adjustpostcanada.ca/file/cpc-main-logo.svg
91.229.90.157200 OK 4.4 kB URL HTTP/2 adjustpostcanada.ca/file/cpc-main-logo.svg
IP 91.229.90.157:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (730)
Hash 7fc2f945db9a6c10452a18e2fb92bd30
e475feef4386402d5cbf33f8a38b17c1c5e66fb0
acb22ee1d5ce6a1c38ca05e244e1ee0cbbb542129afb5bcc11b0624d3f38ad2a
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
GET /file/cpc-main-logo.svg HTTP/1.1
Host: adjustpostcanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Cookie: PHPSESSID=5a951d1c5b66135d5fbe43dc2ab16298
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 14 Dec 2022 15:10:14 GMT
content-type: image/svg+xml
last-modified: Thu, 08 Sep 2022 08:59:44 GMT
etag: "3037-6319af00-9369afd9bfb4cb8a;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 4448
date: Wed, 07 Dec 2022 15:10:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
adjustpostcanada.ca/file/cpc-logo.svg
91.229.90.157200 OK 643 B URL HTTP/2 adjustpostcanada.ca/file/cpc-logo.svg
IP 91.229.90.157:0
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash df833f86ada6b6b5c2ab913f76a8fdf6
a8597a83f5c06de28ea27ade309ecab2d1d49b91
def3a80251ace03c22a14d01843f43a094a66af9ceb3dca11c7e9af9c0d42049
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
GET /file/cpc-logo.svg HTTP/1.1
Host: adjustpostcanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Cookie: PHPSESSID=5a951d1c5b66135d5fbe43dc2ab16298
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 14 Dec 2022 15:10:14 GMT
content-type: image/svg+xml
last-modified: Thu, 08 Sep 2022 08:59:44 GMT
etag: "3aa-6319af00-dfc40a879b447220;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 643
date: Wed, 07 Dec 2022 15:10:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
adjustpostcanada.ca/file/search.svg
91.229.90.157200 OK 231 B URL HTTP/2 adjustpostcanada.ca/file/search.svg
IP 91.229.90.157:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (320), with no line terminators
Hash e71d66200332fb2074c6eb30b3e6d8fc
5cc824a4a6282ed31dda41a64f64ee9820133e0a
a2c9675a12b9534e0653ecc6596148aa77fa3f8ea6421608f3031501726933dc
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
GET /file/search.svg HTTP/1.1
Host: adjustpostcanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Cookie: PHPSESSID=5a951d1c5b66135d5fbe43dc2ab16298
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 14 Dec 2022 15:10:14 GMT
content-type: image/svg+xml
last-modified: Thu, 08 Sep 2022 08:59:44 GMT
etag: "140-6319af00-90a376f52a6f80cf;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 231
date: Wed, 07 Dec 2022 15:10:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
adjustpostcanada.ca/file/gov-canada-logo.svg
91.229.90.157200 OK 6.2 kB URL HTTP/2 adjustpostcanada.ca/file/gov-canada-logo.svg
IP 91.229.90.157:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2441)
Hash 1193ef2e5520c2168178eeaaa10dc6d3
330b20b7ef34e2be66827104970fa14eabc5e8f8
3f51e3a8aa85ec9fcf0f085f36a5d520b3d08d4a2598635a7eef659d1cff63f6
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
GET /file/gov-canada-logo.svg HTTP/1.1
Host: adjustpostcanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Cookie: PHPSESSID=5a951d1c5b66135d5fbe43dc2ab16298
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 14 Dec 2022 15:10:14 GMT
content-type: image/svg+xml
last-modified: Thu, 08 Sep 2022 08:59:48 GMT
etag: "37b3-6319af04-80d65005d936a89d;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 6245
date: Wed, 07 Dec 2022 15:10:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
adjustpostcanada.ca/file/adsct
91.229.90.157200 OK 43 B URL HTTP/2 adjustpostcanada.ca/file/adsct
IP 91.229.90.157:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
GET /file/adsct HTTP/1.1
Host: adjustpostcanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Cookie: PHPSESSID=5a951d1c5b66135d5fbe43dc2ab16298
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 08 Sep 2022 08:59:48 GMT
etag: "2b-6319af04-2bceddb3263e0095;;;"
accept-ranges: bytes
content-length: 43
date: Wed, 07 Dec 2022 15:10:14 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
adjustpostcanada.ca/file/adsct(1)
91.229.90.157200 OK 43 B URL HTTP/2 adjustpostcanada.ca/file/adsct(1)
IP 91.229.90.157:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
GET /file/adsct(1) HTTP/1.1
Host: adjustpostcanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Cookie: PHPSESSID=5a951d1c5b66135d5fbe43dc2ab16298
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 08 Sep 2022 08:59:48 GMT
etag: "2b-6319af04-c3b66fd3bfa79b9f;;;"
accept-ranges: bytes
content-length: 43
date: Wed, 07 Dec 2022 15:10:14 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
adjustpostcanada.ca/file/saved_resource
91.229.90.157200 OK 7.3 kB URL HTTP/2 adjustpostcanada.ca/file/saved_resource
IP 91.229.90.157:0
File type ASCII text, with very long lines (6801)
Hash fde0df82113bedc394515cb3fb9b9c06
1e20cf816b890a02e28e8302a93f253cfc2b04e1
0b4b7dfd734b2da1c4989692d27d514c18c0f7c452125db673dfe9e133b4f56b
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
GET /file/saved_resource HTTP/1.1
Host: adjustpostcanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Cookie: PHPSESSID=5a951d1c5b66135d5fbe43dc2ab16298
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 08 Sep 2022 08:59:48 GMT
etag: "1c86-6319af04-c397bc49ebf9b0b7;;;"
accept-ranges: bytes
content-length: 7302
date: Wed, 07 Dec 2022 15:10:14 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
adjustpostcanada.ca/file/CoreModule.js
91.229.90.157200 OK 42 kB URL HTTP/2 adjustpostcanada.ca/file/CoreModule.js
IP 91.229.90.157:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash fd4e2e947aaee37543ef893459e0b58a
44ca11f4c25d63c1ee35f5c5e09ddc6d7bef2f28
5f80d9eb1e498fea9ca1847ddf3f6742cbd45ec24877f706350d9b75ef503560
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
GET /file/CoreModule.js HTTP/1.1
Host: adjustpostcanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Cookie: PHPSESSID=5a951d1c5b66135d5fbe43dc2ab16298
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 14 Dec 2022 15:10:14 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 08:59:48 GMT
etag: "197ac-6319af04-15ec63a3eb723039;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 41452
date: Wed, 07 Dec 2022 15:10:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3074a66f6d9b2e2af9b41ec0e2f4e2db
942e2c49b3848f11da966937f5914c62aed24bce
7c3b21b91aab06aff58cc56ce4b7273a7d320df8b0b4ad685c660e03ba0b72aa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 15:10:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3074a66f6d9b2e2af9b41ec0e2f4e2db
942e2c49b3848f11da966937f5914c62aed24bce
7c3b21b91aab06aff58cc56ce4b7273a7d320df8b0b4ad685c660e03ba0b72aa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 15:10:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 15:10:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;0,900;1,300;1,400;1,500;1,700;1,900&display=swap
142.250.74.106200 OK 17 kB URL HTTP/2 fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;0,900;1,300;1,400;1,500;1,700;1,900&display=swap
IP 142.250.74.106:0
Hash f7aac8b51f18b4e1642d72b42601d559
988b533169428ed7b3bcb63473916911ea229df8
ae6a3ad48e6b72d07523db96d6262dfdb4e101957b856a5e146264e23c2e9f4d
GET /css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;0,900;1,300;1,400;1,500;1,700;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 07 Dec 2022 15:10:14 GMT
date: Wed, 07 Dec 2022 15:10:14 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 30aec170d58f580f2ed4da4b92d72cc7
3b11a98ba9563f7f266e7a935e3b78bd0c0712aa
7b25e66e4383cdb29228d0451a4810eeab7d194ca81045e066c00c9467f29312
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 15:10:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash abfe375096bfad484cdbeca1076184cd
41a864ca85b8798975b0bab4891129ff76f4fd55
6e89ad7525e4268ae0dc2f35741b2b3594f91e3242e576bedf6566d03fd09628
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3046
Cache-Control: max-age=143249
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 15:10:14 GMT
Etag: "63902d81-1d7"
Expires: Fri, 09 Dec 2022 06:57:43 GMT
Last-Modified: Wed, 07 Dec 2022 06:06:57 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 15:10:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
assets.adobedtm.com/0ccf8b9a711f/6e634e5f652e/375d62bfc4b5/EXceb9b11658e548b18c0f3a95e66448d9-libraryCode_source.min.js
2.18.172.233200 OK 29 kB URL HTTP/2 assets.adobedtm.com/0ccf8b9a711f/6e634e5f652e/375d62bfc4b5/EXceb9b11658e548b18c0f3a95e66448d9-libraryCode_source.min.js
IP 2.18.172.233:0
File type ASCII text, with very long lines (32768)
Hash 6dfcf60bb5658880c8e992bf1dbc87f1
d9ca4a3418547e13ea676f89ebb396698bbc8d4d
ef2a249ff0a3c5ada19a94f9c7b62014f5e5957a0e17695fd3b6d3d9ce406e32
GET /0ccf8b9a711f/6e634e5f652e/375d62bfc4b5/EXceb9b11658e548b18c0f3a95e66448d9-libraryCode_source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "ba6bf7eaba51cdf2a7931c5056449aa7:1662066393.427966"
last-modified: Thu, 01 Sep 2022 21:06:33 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Wed, 07 Dec 2022 16:10:14 GMT
date: Wed, 07 Dec 2022 15:10:14 GMT
content-length: 28612
access-control-allow-origin: https://adjustpostcanada.ca
timing-allow-origin: *
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=DC-9852050
142.250.74.40200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=DC-9852050
IP 142.250.74.40:0
File type ASCII text, with very long lines (1921)
Hash 25cafad9917129eb8e7d16c5b69f5fbf
ba1c269a7b452bb3f265bdc44204c1d20264d465
2364fa8db12aad9b5d6cb1209814ebdf310e04a7b95cd11bb2a40be0688f3a67
GET /gtag/js?id=DC-9852050 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 07 Dec 2022 15:10:14 GMT
expires: Wed, 07 Dec 2022 15:10:14 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44102
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://adjustpostcanada.ca
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:34:15 GMT
expires: Thu, 30 Nov 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 588959
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=DC-9852050&l=dataLayer&cx=c
142.250.74.40200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=DC-9852050&l=dataLayer&cx=c
IP 142.250.74.40:0
File type ASCII text, with very long lines (1921)
Hash 85c6637ab7f5e7c8ce2e2e94f030f323
6d0901f4bdd32673037508d55e1cf12e4643012c
b73d32165bf73690f6cf45364e5bd45816088b2102c8c02028ffd38c3620d39f
GET /gtag/js?id=DC-9852050&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 07 Dec 2022 15:10:14 GMT
expires: Wed, 07 Dec 2022 15:10:14 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44118
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://adjustpostcanada.ca
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:34:15 GMT
expires: Thu, 30 Nov 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 588959
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://adjustpostcanada.ca
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:33:56 GMT
expires: Thu, 30 Nov 2023 19:33:56 GMT
cache-control: public, max-age=31536000
age: 588978
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d3073fc87d7f01d39f4848abd944fea2
f9300512bc994c92fa113228a26e653dd3bb5a7e
581ffd00ac7500c78eac3b09b2345153720dda6a42e44b8ed30d58c45a08a8af
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4208
Cache-Control: max-age=163868
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 15:10:15 GMT
Etag: "63907983-1d7"
Expires: Fri, 09 Dec 2022 12:41:23 GMT
Last-Modified: Wed, 07 Dec 2022 11:31:15 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0C4E3704533345770A490D44%40AdobeOrg&d_nsid=0&ts=1670425814422
99.80.8.77302 Found 0 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0C4E3704533345770A490D44%40AdobeOrg&d_nsid=0&ts=1670425814422
IP 99.80.8.77:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0C4E3704533345770A490D44%40AdobeOrg&d_nsid=0&ts=1670425814422 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://adjustpostcanada.ca
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://adjustpostcanada.ca
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-1-v045-0e1730cee.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0C4E3704533345770A490D44%40AdobeOrg&d_nsid=0&ts=1670425814422
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=17034504724074500181469830049538514839; Max-Age=15552000; Expires=Mon, 05 Jun 2023 15:10:15 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: UC0PjgBnRog=
Content-Length: 0
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 30aec170d58f580f2ed4da4b92d72cc7
3b11a98ba9563f7f266e7a935e3b78bd0c0712aa
7b25e66e4383cdb29228d0451a4810eeab7d194ca81045e066c00c9467f29312
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 15:10:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0C4E3704533345770A490D44%40AdobeOrg&d_nsid=0&ts=1670425814422
99.80.8.77200 OK 124 B URL HTTP/1.1 dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0C4E3704533345770A490D44%40AdobeOrg&d_nsid=0&ts=1670425814422
IP 99.80.8.77:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1f6783349ac4177ec3b3845fd520dca6
d84e7a43a8c8ff6f1a568ad6cb4162767f5b32b7
64bc30aa6a9d9e5396bb67c6af32c31f5ca6610641f0bdea10d759281df6adca
GET /id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0C4E3704533345770A490D44%40AdobeOrg&d_nsid=0&ts=1670425814422 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://adjustpostcanada.ca
Content-Type: application/x-www-form-urlencoded
Referer: https://adjustpostcanada.ca/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://adjustpostcanada.ca
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-1-v045-04c35fc5e.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-Error: 172
X-TID: xf3wfBwKTmE=
Content-Length: 124
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 843574925856c607212d73166d773069
28a52586360914b2baf3dd3158e6f58963e2ae24
8e32ffcfd82bdf4619ad15f3422eeb04d0cadc4f381482ac17409cd41eca2091
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=143453
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 15:10:15 GMT
Etag: "63903a34-1d7"
Expires: Fri, 09 Dec 2022 07:01:08 GMT
Last-Modified: Wed, 07 Dec 2022 07:01:08 GMT
Server: nginx
Content-Length: 471
sslstats.canadapost.ca/id?d_visid_ver=5.2.0&d_fieldgroup=MC&mcorgid=0C4E3704533345770A490D44%40AdobeOrg&ts=1670425814881
13.36.218.177200 OK 48 B URL HTTP/2 sslstats.canadapost.ca/id?d_visid_ver=5.2.0&d_fieldgroup=MC&mcorgid=0C4E3704533345770A490D44%40AdobeOrg&ts=1670425814881
IP 13.36.218.177:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 53d5ae3896b1d12a3a35eaeea51888e0
5e0fa452b135fd0142e04c96a3af07bcdc641e9c
d28bdff7dae2f603a08785eaf6e6b43a0a6aeabd1de5fc093e4b82290dd49bbe
GET /id?d_visid_ver=5.2.0&d_fieldgroup=MC&mcorgid=0C4E3704533345770A490D44%40AdobeOrg&ts=1670425814881 HTTP/1.1
Host: sslstats.canadapost.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://adjustpostcanada.ca
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://adjustpostcanada.ca
access-control-allow-credentials: true
date: Wed, 07 Dec 2022 15:10:15 GMT
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: AMCV_0C4E3704533345770A490D44%40AdobeOrg=0%7CMCMID%7C35330354211885083414111288506905747423; Path=/; Domain=canadapost.ca; Max-Age=63072000; Expires=Fri, 06 Dec 2024 15:10:10 GMT;
s_ecid=MCMID%7C35330354211885083414111288506905747423; Path=/; Domain=canadapost.ca; Max-Age=63072000; Expires=Fri, 06 Dec 2024 15:10:10 GMT; SameSite=Lax;
vary: Origin
content-type: application/x-javascript;charset=utf-8
content-length: 48
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/toolbar-cg/feedback.svg
104.88.13.190200 OK 382 B URL HTTP/1.1 www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/toolbar-cg/feedback.svg
IP 104.88.13.190:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (724), with no line terminators
Hash b86b3f712d7d1224f22ce80ab788d8bc
1015427d965943c5acfda2a2b96174c96a30e715
827930f77d0aee840f92563e8da302b30e9f0b196f923edd0f6305faf4ae7df0
GET /cpc/assets/cpc/img/icons/toolbar-cg/feedback.svg HTTP/1.1
Host: www.canadapost-postescanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: image/svg+xml
ETag: "5a78a638-2d4"
Last-Modified: Mon, 05 Feb 2018 18:45:12 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
content-security-policy-report-only: object-src 'none'; connect-src 'self' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.cpggpc.ca https://www.google-analytics.com https://siteintercept.qualtrics.com https://www.facebook.com https://sslstats.canadapost.ca https://*.wistia.com https://dpm.demdex.net https://csi.gstatic.com https://adservice.google.com https://*.googlesyndication.com https://*.g.doubleclick.net https://maps.googleapis.com https://vmss.boldchat.com https://www.linkedin.com https://canadapost.tt.omtrdc.net https://services.postcodeanywhere.co.uk https://embedwistia-a.akamaihd.net https://cdn.cookielaw.org https://geolocation.onetrust.com; font-src 'self' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://fonts.gstatic.com https://*.arcgis.com; form-action 'self' https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.canadapost.ca https://*.epost.ca https://www.facebook.com https://google.com; frame-ancestors 'self' https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.canadapost.ca; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.epost.ca https://*.cpggpc.ca https://www.adobetag.com https://assets.adobedtm.com https://siteintercept.qualtrics.com https://zn0xleir6swszany9-canadapostdigital.siteintercept.qualtrics.com https://connect.facebook.net https://snap.licdn.com https://z.moatads.com https://static.ads-twitter.com https://www.googletagmanager.com https://www.google.com https://www.googletagservices.com https://*.google-analytics.com https://*.googleadservices.com https://www.gstatic.com https://*.googlesyndication.com https://adservice.google.com https://adservice.google.ca https://maps.googleapis.com https://cdn.ampproject.org https://*.doubleclick.net https://*.twitter.com https://cdn.syndication.twimg.com https://dpm.demdex.net https://*.wistia.com https://*.frontlinesvc.com https://*.arcgis.com https://www.linkedin.com https://vmss.boldchat.com https://sb.scorecardresearch.com https://www.rnengage.com https://sjs.bizographics.com https://www.instagram.com https://secure.adnxs.com https://app.five9.com https://cdn.cookielaw.org; style-src 'self' 'unsafe-inline' https://*.frontlinesvc.com https://fonts.googleapis.com https://translate.googleapis.com https://*.twitter.com https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.epost.ca https://*.arcgis.com https://*.arcgisonline.com https://app.five9.com; report-uri https://www.canadapost-postescanada.ca/cwc/components/rs/csp-reports;
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
Cache-Control: max-age=86400, private
Expires: Mon, 03 Oct 2022 07:01:32 GMT
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
Content-Security-Policy: frame-ancestors 'self'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubdomains; preload
Content-Encoding: gzip
Content-Length: 382
Date: Wed, 07 Dec 2022 15:10:15 GMT
Connection: keep-alive
Vary: Accept-Encoding
www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/search.svg
104.88.13.190200 OK 218 B URL HTTP/1.1 www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/search.svg
IP 104.88.13.190:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (320), with no line terminators
Hash d3a621feba2c9afadc8e74c4f71021e1
5364a043f80e5dcbc81b81e86d406eedfc1b69a4
9616a4bbe31bf59f3ec6fd4a9f237bfb89d3424a45238b625b7f1620377d5401
GET /cpc/assets/cpc/img/icons/search.svg HTTP/1.1
Host: www.canadapost-postescanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: image/svg+xml
ETag: "5a78a621-140"
Last-Modified: Mon, 05 Feb 2018 18:44:49 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
content-security-policy-report-only: object-src 'none'; connect-src 'self' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.cpggpc.ca https://www.google-analytics.com https://siteintercept.qualtrics.com https://www.facebook.com https://sslstats.canadapost.ca https://*.wistia.com https://dpm.demdex.net https://csi.gstatic.com https://adservice.google.com https://*.googlesyndication.com https://*.g.doubleclick.net https://maps.googleapis.com https://vmss.boldchat.com https://www.linkedin.com https://canadapost.tt.omtrdc.net https://services.postcodeanywhere.co.uk https://embedwistia-a.akamaihd.net https://cdn.cookielaw.org https://geolocation.onetrust.com; font-src 'self' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://fonts.gstatic.com https://*.arcgis.com; form-action 'self' https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.canadapost.ca https://*.epost.ca https://www.facebook.com https://google.com; frame-ancestors 'self' https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.canadapost.ca; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.epost.ca https://*.cpggpc.ca https://www.adobetag.com https://assets.adobedtm.com https://siteintercept.qualtrics.com https://zn0xleir6swszany9-canadapostdigital.siteintercept.qualtrics.com https://connect.facebook.net https://snap.licdn.com https://z.moatads.com https://static.ads-twitter.com https://www.googletagmanager.com https://www.google.com https://www.googletagservices.com https://*.google-analytics.com https://*.googleadservices.com https://www.gstatic.com https://*.googlesyndication.com https://adservice.google.com https://adservice.google.ca https://maps.googleapis.com https://cdn.ampproject.org https://*.doubleclick.net https://*.twitter.com https://cdn.syndication.twimg.com https://dpm.demdex.net https://*.wistia.com https://*.frontlinesvc.com https://*.arcgis.com https://www.linkedin.com https://vmss.boldchat.com https://sb.scorecardresearch.com https://www.rnengage.com https://sjs.bizographics.com https://www.instagram.com https://secure.adnxs.com https://app.five9.com https://cdn.cookielaw.org; style-src 'self' 'unsafe-inline' https://*.frontlinesvc.com https://fonts.googleapis.com https://translate.googleapis.com https://*.twitter.com https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.epost.ca https://*.arcgis.com https://*.arcgisonline.com https://app.five9.com; report-uri https://www.canadapost-postescanada.ca/cwc/components/rs/csp-reports;
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
Cache-Control: max-age=86400, private
Expires: Mon, 03 Oct 2022 08:27:21 GMT
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
Content-Security-Policy: frame-ancestors 'self'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubdomains; preload
Content-Encoding: gzip
Content-Length: 218
Date: Wed, 07 Dec 2022 15:10:15 GMT
Connection: keep-alive
Vary: Accept-Encoding
dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=0C4E3704533345770A490D44%40AdobeOrg&d_nsid=0&d_mid=35330354211885083414111288506905747423&ts=1670425815124
99.80.8.77200 OK 306 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=0C4E3704533345770A490D44%40AdobeOrg&d_nsid=0&d_mid=35330354211885083414111288506905747423&ts=1670425815124
IP 99.80.8.77:0
File type JSON data\012- , ASCII text, with very long lines (364), with no line terminators
Hash d8348ac5583f44af95f1c4dc9376cfa6
79ae8ae14da900cd983b0047b32e26d3322d2093
7d5a0185fee2c9d4b41a859dbbd5e4e9de594caeed01fb536e52e5ee95abd3d9
GET /id?d_visid_ver=5.2.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=0C4E3704533345770A490D44%40AdobeOrg&d_nsid=0&d_mid=35330354211885083414111288506905747423&ts=1670425815124 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://adjustpostcanada.ca
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://adjustpostcanada.ca
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-2-v045-0cc0feb7f.edge-irl1.demdex.com 2 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=35351357468025640104109170554951478976; Max-Age=15552000; Expires=Mon, 05 Jun 2023 15:10:15 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: JfyKNptCSuo=
Content-Length: 306
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3505
Expires: Wed, 07 Dec 2022 16:08:40 GMT
Date: Wed, 07 Dec 2022 15:10:15 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3505
Expires: Wed, 07 Dec 2022 16:08:40 GMT
Date: Wed, 07 Dec 2022 15:10:15 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3505
Expires: Wed, 07 Dec 2022 16:08:40 GMT
Date: Wed, 07 Dec 2022 15:10:15 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3505
Expires: Wed, 07 Dec 2022 16:08:40 GMT
Date: Wed, 07 Dec 2022 15:10:15 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b15136d60fd0a5e0f657a4f5c75d540f
36082b7329d473829178f280cb71a83b1531e486
79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11224
x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUINEwdoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT
x-amz-cf-pop: YVR50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tGtiCE9C3j0BUruNaFN2j1mKxCSouLmocmTXpmLMBJaLNyVwkXu1gQ==
via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 20:49:34 GMT
age: 66041
etag: "36082b7329d473829178f280cb71a83b1531e486"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 210b27f5f6310d8fad640acce3d9ae0e
08d241e56622cb900754d95bc5d58ed8826d9f32
64410e13759cdfa24976dcba0c64aca27edc3ee56358f344e55f60793422e3ea
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6557
x-amzn-requestid: 0232ddcd-8274-431e-a55e-8298fbfd6dfc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmcuMG6bIAMFUng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e5a-3cc17121425f87321ce7ae7e;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: va_vly0iX6rzm_aTWrryPRjoTWlI-_0m6rpS6VrTx-nsd71dk1cSZw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 08:32:51 GMT
age: 23844
etag: "08d241e56622cb900754d95bc5d58ed8826d9f32"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F079bc299-d390-4250-a91a-db3c535c9ca3.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F079bc299-d390-4250-a91a-db3c535c9ca3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 98d2cf29c710d25bd2f03ff216fdd369
b8eb2e11f9655f19334befc036f21489a6473827
614c9b4a7ace908c1ef807964709cb292b33b48ce1d81ccbd2959c2c0ee156ac
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F079bc299-d390-4250-a91a-db3c535c9ca3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8351
x-amzn-requestid: 607d07ab-6833-4001-82ed-699ea91f84c9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cvlitFk9oAMFakQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638fb611-3e5f14f833b332647ef7358d;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 21:37:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 0w5Usq-LJMNHxw9UrwUqSslSVROXVHTmY_UhSHNaGh4k4xqh-FSa0A==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:57:19 GMT
etag: "b8eb2e11f9655f19334befc036f21489a6473827"
content-type: image/jpeg
age: 61976
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22142ca2-85b4-47d4-8eaa-fcf2823b2c28.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22142ca2-85b4-47d4-8eaa-fcf2823b2c28.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e95ebce9d79ba46cb96af9a45af1762f
985c6761675e6bcc0186f64d55f94cf09352f05c
5837d6bf31e57f955ba2577f112281cc33a5502b358c83192f4e396b57042ac0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22142ca2-85b4-47d4-8eaa-fcf2823b2c28.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8438
x-amzn-requestid: 0f5d1b0e-1193-4006-8a54-555681d9f62e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cvlqVGMjoAMFS6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638fb641-6366ea6464122d857407cdff;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 21:38:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nm0qQpo75zvDYWxv8V3GvOSBFenh8ocfjV9d02Mc2l-ABieIb3h2uA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:53:40 GMT
age: 62195
etag: "985c6761675e6bcc0186f64d55f94cf09352f05c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F167b7461-ee08-4205-a299-12e7c883b958.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F167b7461-ee08-4205-a299-12e7c883b958.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4884ce2731d3033b12e4792c1bbf453e
63b6efc98cb04228d82ac28fceb97bb1cf8d82fb
8c37704d0e1fd16239e28cbdb88c5ac6a2e9cfb70f8457bfab127202f89d3788
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F167b7461-ee08-4205-a299-12e7c883b958.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14896
x-amzn-requestid: 58d94b15-dce0-44c0-96b1-917f1206a39e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cnA4RFkeoAMFfGQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c4834-7c1667b53795d5c11a3bfdda;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 07:11:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tM0WOO_Ypgj2QxJSz9GHZZTsKjzsvyD6tjpp4G0ZpuGAIGmnEe4oqQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 08:15:11 GMT
age: 24904
etag: "63b6efc98cb04228d82ac28fceb97bb1cf8d82fb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f48f157-f5b1-44b8-91c0-da7927555031.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f48f157-f5b1-44b8-91c0-da7927555031.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 17c7b7e3a4e6f3ad9ccf7f42c400749c
76432db96e8280e24da56670fba8f8f80a95ab31
f67d401ebc225c2a9dac5b4f98dc969e22f927455c2537df353ac86f046cc4c4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f48f157-f5b1-44b8-91c0-da7927555031.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4905
x-amzn-requestid: 251c6fba-4018-4674-9ed2-1fe580ff63bd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cuuFMHMjIAMFW1g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638f5d54-5a4bb6a773286249356763a3;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 15:18:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: HWrufMiBYEvPInofSrv3jAoTRazjXPKyoSNPuSq1gI09f_-7rAtpeg==
via: 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 22:29:48 GMT
age: 60027
etag: "76432db96e8280e24da56670fba8f8f80a95ab31"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 871032c965ee2e062d179e1972c558da
51a5848aae6594973408ae821454b2b2b3cd4145
cb3d9b55f8b6c93a1ecf1c7b0679d887257df8522970471763c13c23bc514d22
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5821
Cache-Control: max-age=101034
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 15:10:15 GMT
Etag: "638f7dc4-1d7"
Expires: Thu, 08 Dec 2022 19:14:09 GMT
Last-Modified: Tue, 06 Dec 2022 17:37:08 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
canadapost.tt.omtrdc.net/m2/canadapost/mbox/json?mbox=target-global-mbox&mboxSession=cb498d59293846938fe05e9f966417f1&mboxPC=&mboxPage=5f5107bcb8834090b6c6b5800ba658e4&mboxRid=9697fd27028e4e1abcbe687051644c0d&mboxVersion=1.8.3&mboxCount=1&mboxTime=1670425814471&mboxHost=adjustpostcanada.ca&mboxURL=https%3A%2F%2Fadjustpostcanada.ca%2F&mboxReferrer=&browserHeight=939&browserWidth=1280&browserTimeOffset=0&screenHeight=1024&screenWidth=1280&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&user.status=anonymous&visitNumber=1&user.profileType=anonymous&mboxMCSDID=24998234B85D8A52-339EE3F80043B009&vst.trk=sslstats.canadapost.ca&vst.trks=sslstats.canadapost.ca&mboxMCGVID=35330354211885083414111288506905747423
54.77.61.2200 OK 96 B URL HTTP/2 canadapost.tt.omtrdc.net/m2/canadapost/mbox/json?mbox=target-global-mbox&mboxSession=cb498d59293846938fe05e9f966417f1&mboxPC=&mboxPage=5f5107bcb8834090b6c6b5800ba658e4&mboxRid=9697fd27028e4e1abcbe687051644c0d&mboxVersion=1.8.3&mboxCount=1&mboxTime=1670425814471&mboxHost=adjustpostcanada.ca&mboxURL=https%3A%2F%2Fadjustpostcanada.ca%2F&mboxReferrer=&browserHeight=939&browserWidth=1280&browserTimeOffset=0&screenHeight=1024&screenWidth=1280&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&user.status=anonymous&visitNumber=1&user.profileType=anonymous&mboxMCSDID=24998234B85D8A52-339EE3F80043B009&vst.trk=sslstats.canadapost.ca&vst.trks=sslstats.canadapost.ca&mboxMCGVID=35330354211885083414111288506905747423
IP 54.77.61.2:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 9d47c0b9aeb6c4c1fe0680a11873e754
65410562f8563430eb4115997a556fbc885cc343
41135b76851d05db563edc47278322e05d685f5617b3f7097f4d4ae8026d85c7
GET /m2/canadapost/mbox/json?mbox=target-global-mbox&mboxSession=cb498d59293846938fe05e9f966417f1&mboxPC=&mboxPage=5f5107bcb8834090b6c6b5800ba658e4&mboxRid=9697fd27028e4e1abcbe687051644c0d&mboxVersion=1.8.3&mboxCount=1&mboxTime=1670425814471&mboxHost=adjustpostcanada.ca&mboxURL=https%3A%2F%2Fadjustpostcanada.ca%2F&mboxReferrer=&browserHeight=939&browserWidth=1280&browserTimeOffset=0&screenHeight=1024&screenWidth=1280&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&user.status=anonymous&visitNumber=1&user.profileType=anonymous&mboxMCSDID=24998234B85D8A52-339EE3F80043B009&vst.trk=sslstats.canadapost.ca&vst.trks=sslstats.canadapost.ca&mboxMCGVID=35330354211885083414111288506905747423 HTTP/1.1
Host: canadapost.tt.omtrdc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://adjustpostcanada.ca
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 15:10:15 GMT
content-type: application/json;charset=UTF-8
content-length: 96
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://adjustpostcanada.ca
access-control-allow-credentials: true
x-request-id: 9697fd27028e4e1abcbe687051644c0d
pragma: no-cache
cache-control: no-cache
timing-allow-origin: *
X-Firefox-Spdy: h2
sslstats.canadapost.ca/b/ss/canadapostcapool/1/JS-2.5.0-LCUM/s9882482844098?AQB=1&ndh=1&pf=1&t=7%2F11%2F2022%2015%3A10%3A15%203%200&sdid=24998234B85D8A52-339EE3F80043B009&mid=35330354211885083414111288506905747423&aamlh=6&ce=UTF-8&ns=canadapost&cdp=2&fpCookieDomainPeriods=2&pageName=cpc.ca%3A%20%3E%20en%20%3E%20common%20%3E%20psi%20%3E%20Postal%20indicia%20tool&g=https%3A%2F%2Fadjustpostcanada.ca%2F&c.&getVisitNum=4.2&endOfDatePeriod=1.2&.c&cc=CAD&ch=psi&server=adjustpostcanada.ca&events=event96%3D14&aamb=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&h1=psi&c3=D%3DpageName&v3=D%3DpageName&c8=adjustpostcanada.ca&c9=D%3DpageName&v9=D%3DpageName&c10=D%3DpageName&v10=D%3DpageName&c11=D%3DpageName&v11=D%3DpageName&c13=D%3DpageName&v13=D%3DpageName&c14=common&v14=common&c15=en&v15=en&c16=standard&v16=standard&c17=anonymous&v17=anonymous&c24=adjustpostcanada.ca&v24=adjustpostcanada.ca&v30=D%3Dv122&c34=10%3A00&v34=10%3A00&c35=Wednesday&v35=Wednesday&c36=weekday&v36=weekday&v37=First%20Visit&c39=New&v39=New&c56=None&v56=D%3Dc56&v69=D%3DUser-Agent&c70=D%3Dv70&v70=https%3A%2F%2Fadjustpostcanada.ca%2F&c72=14&v85=Wednesday%202022-12-7&v122=anonymous&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=0C4E3704533345770A490D44%40AdobeOrg&AQE=1
13.36.218.177200 OK 43 B URL HTTP/2 sslstats.canadapost.ca/b/ss/canadapostcapool/1/JS-2.5.0-LCUM/s9882482844098?AQB=1&ndh=1&pf=1&t=7%2F11%2F2022%2015%3A10%3A15%203%200&sdid=24998234B85D8A52-339EE3F80043B009&mid=35330354211885083414111288506905747423&aamlh=6&ce=UTF-8&ns=canadapost&cdp=2&fpCookieDomainPeriods=2&pageName=cpc.ca%3A%20%3E%20en%20%3E%20common%20%3E%20psi%20%3E%20Postal%20indicia%20tool&g=https%3A%2F%2Fadjustpostcanada.ca%2F&c.&getVisitNum=4.2&endOfDatePeriod=1.2&.c&cc=CAD&ch=psi&server=adjustpostcanada.ca&events=event96%3D14&aamb=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&h1=psi&c3=D%3DpageName&v3=D%3DpageName&c8=adjustpostcanada.ca&c9=D%3DpageName&v9=D%3DpageName&c10=D%3DpageName&v10=D%3DpageName&c11=D%3DpageName&v11=D%3DpageName&c13=D%3DpageName&v13=D%3DpageName&c14=common&v14=common&c15=en&v15=en&c16=standard&v16=standard&c17=anonymous&v17=anonymous&c24=adjustpostcanada.ca&v24=adjustpostcanada.ca&v30=D%3Dv122&c34=10%3A00&v34=10%3A00&c35=Wednesday&v35=Wednesday&c36=weekday&v36=weekday&v37=First%20Visit&c39=New&v39=New&c56=None&v56=D%3Dc56&v69=D%3DUser-Agent&c70=D%3Dv70&v70=https%3A%2F%2Fadjustpostcanada.ca%2F&c72=14&v85=Wednesday%202022-12-7&v122=anonymous&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=0C4E3704533345770A490D44%40AdobeOrg&AQE=1
IP 13.36.218.177:0
File type GIF image data, version 89a, 2 x 2\012- data
Hash ad480fd0732d0f6f1a8b06359e3a42bb
a544538683a2dfe574eeb2e358ac8fcc78289d50
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
GET /b/ss/canadapostcapool/1/JS-2.5.0-LCUM/s9882482844098?AQB=1&ndh=1&pf=1&t=7%2F11%2F2022%2015%3A10%3A15%203%200&sdid=24998234B85D8A52-339EE3F80043B009&mid=35330354211885083414111288506905747423&aamlh=6&ce=UTF-8&ns=canadapost&cdp=2&fpCookieDomainPeriods=2&pageName=cpc.ca%3A%20%3E%20en%20%3E%20common%20%3E%20psi%20%3E%20Postal%20indicia%20tool&g=https%3A%2F%2Fadjustpostcanada.ca%2F&c.&getVisitNum=4.2&endOfDatePeriod=1.2&.c&cc=CAD&ch=psi&server=adjustpostcanada.ca&events=event96%3D14&aamb=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&h1=psi&c3=D%3DpageName&v3=D%3DpageName&c8=adjustpostcanada.ca&c9=D%3DpageName&v9=D%3DpageName&c10=D%3DpageName&v10=D%3DpageName&c11=D%3DpageName&v11=D%3DpageName&c13=D%3DpageName&v13=D%3DpageName&c14=common&v14=common&c15=en&v15=en&c16=standard&v16=standard&c17=anonymous&v17=anonymous&c24=adjustpostcanada.ca&v24=adjustpostcanada.ca&v30=D%3Dv122&c34=10%3A00&v34=10%3A00&c35=Wednesday&v35=Wednesday&c36=weekday&v36=weekday&v37=First%20Visit&c39=New&v39=New&c56=None&v56=D%3Dc56&v69=D%3DUser-Agent&c70=D%3Dv70&v70=https%3A%2F%2Fadjustpostcanada.ca%2F&c72=14&v85=Wednesday%202022-12-7&v122=anonymous&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=0C4E3704533345770A490D44%40AdobeOrg&AQE=1 HTTP/1.1
Host: sslstats.canadapost.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
date: Wed, 07 Dec 2022 15:10:15 GMT
expires: Tue, 06 Dec 2022 15:10:15 GMT
last-modified: Thu, 08 Dec 2022 15:10:15 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
etag: 3587212124602368000-4619822805210662341
vary: *
content-type: image/gif;charset=utf-8
content-length: 43
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
canadapost.demdex.net/dest5.html?d_nsid=0
54.195.228.119200 OK 2.8 kB URL HTTP/1.1 canadapost.demdex.net/dest5.html?d_nsid=0
IP 54.195.228.119:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Hash ccbdcb1e84c241950763ec4cd516cdfc
55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12
GET /dest5.html?d_nsid=0 HTTP/1.1
Host: canadapost.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Wed, 7 Dec 2022 15:10:15 GMT
DCS: dcs-prod-irl1-1-v045-07e4ed132.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Fri, 28 Oct 2022 11:02:57 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: gzVLq74PQgc=
Content-Length: 2791
Connection: keep-alive
www.canadapost-postescanada.ca/cpc/assets/cpc/img/logos/favicon.ico
104.88.13.190200 OK 15 kB URL HTTP/1.1 www.canadapost-postescanada.ca/cpc/assets/cpc/img/logos/favicon.ico
IP 104.88.13.190:0
File type MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash b97eafae41beb90b3c3279fb07fdbc45
705234c0d283026cd13a35df046840f0aad05003
79abb9bc30ff5a68612b4e0967806186ed604f2dea0113e41e6069d6673b8a2b
GET /cpc/assets/cpc/img/logos/favicon.ico HTTP/1.1
Host: www.canadapost-postescanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 15086
Content-Type: image/x-icon
ETag: "596e5822-3aee"
Last-Modified: Tue, 18 Jul 2017 18:49:06 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
content-security-policy-report-only: object-src 'none'; connect-src 'self' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.cpggpc.ca https://www.google-analytics.com https://siteintercept.qualtrics.com https://www.facebook.com https://sslstats.canadapost.ca https://*.wistia.com https://dpm.demdex.net https://csi.gstatic.com https://adservice.google.com https://*.googlesyndication.com https://*.g.doubleclick.net https://maps.googleapis.com https://vmss.boldchat.com https://www.linkedin.com https://canadapost.tt.omtrdc.net https://services.postcodeanywhere.co.uk https://embedwistia-a.akamaihd.net https://cdn.cookielaw.org https://geolocation.onetrust.com; font-src 'self' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://fonts.gstatic.com https://*.arcgis.com; form-action 'self' https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.canadapost.ca https://*.epost.ca https://www.facebook.com https://google.com; frame-ancestors 'self' https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.canadapost.ca; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.epost.ca https://*.cpggpc.ca https://www.adobetag.com https://assets.adobedtm.com https://siteintercept.qualtrics.com https://zn0xleir6swszany9-canadapostdigital.siteintercept.qualtrics.com https://connect.facebook.net https://snap.licdn.com https://z.moatads.com https://static.ads-twitter.com https://www.googletagmanager.com https://www.google.com https://www.googletagservices.com https://*.google-analytics.com https://*.googleadservices.com https://www.gstatic.com https://*.googlesyndication.com https://adservice.google.com https://adservice.google.ca https://maps.googleapis.com https://cdn.ampproject.org https://*.doubleclick.net https://*.twitter.com https://cdn.syndication.twimg.com https://dpm.demdex.net https://*.wistia.com https://*.frontlinesvc.com https://*.arcgis.com https://www.linkedin.com https://vmss.boldchat.com https://sb.scorecardresearch.com https://www.rnengage.com https://sjs.bizographics.com https://www.instagram.com https://secure.adnxs.com https://app.five9.com https://cdn.cookielaw.org; style-src 'self' 'unsafe-inline' https://*.frontlinesvc.com https://fonts.googleapis.com https://translate.googleapis.com https://*.twitter.com https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.epost.ca https://*.arcgis.com https://*.arcgisonline.com https://app.five9.com; report-uri https://www.canadapost-postescanada.ca/cwc/components/rs/csp-reports;
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
Cache-Control: max-age=86400, private
Expires: Tue, 11 Oct 2022 15:27:28 GMT
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
Content-Security-Policy: frame-ancestors 'self'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubdomains; preload
Date: Wed, 07 Dec 2022 15:10:16 GMT
Connection: keep-alive
snap.licdn.com/li.lms-analytics/insight.min.js
95.101.11.57200 OK 4.6 kB URL HTTP/2 snap.licdn.com/li.lms-analytics/insight.min.js
IP 95.101.11.57:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (12961)
Hash c1a25b303b61b25e995516f5559bcdea
3c16a6fa3a2a6dc59d57a9ea1588c4f259884688
2063d2d1415ce9437e9331cb9a798714a5b2e106a65d6dc0ef0d426a5a4c30f2
GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 17 Nov 2022 18:52:45 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=68588
date: Wed, 07 Dec 2022 15:10:16 GMT
content-length: 4581
x-cdn: AKAM
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9084a518c70ad57bb3226fb519b648fd
79348ebe6f5900a035d4d65e08a7409fd9708f15
f0c6b0f66c31aa7cb2d2808eb4c04c3681d48e731efc8cbba0f3fef1d218ce7b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 15:10:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9084a518c70ad57bb3226fb519b648fd
79348ebe6f5900a035d4d65e08a7409fd9708f15
f0c6b0f66c31aa7cb2d2808eb4c04c3681d48e731efc8cbba0f3fef1d218ce7b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 15:10:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9084a518c70ad57bb3226fb519b648fd
79348ebe6f5900a035d4d65e08a7409fd9708f15
f0c6b0f66c31aa7cb2d2808eb4c04c3681d48e731efc8cbba0f3fef1d218ce7b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 15:10:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3997eecb2beabb0dcc80c85bf66ccfbb
10a53e3c4b7834a6e4ab244530b5eb19121c8c18
3c95bd4c9fb9f1db10f8354c2ea1a341fe3d5ba9c21619b9c4013fe2df482815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 15:10:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/conversion_async.js
216.58.211.4200 OK 15 kB URL HTTP/2 www.google.com/pagead/conversion_async.js
IP 216.58.211.4:0
File type ASCII text, with very long lines (1654)
Hash a230d90d4cbc810710479aa22bf8e7d7
6cf80adbb744cea7f99dceeb4895de23c9f7ad26
291b67426b9fa61219253b7c6ccfe3c85a67ca150de809edb029f1ea3fdbfb97
GET /pagead/conversion_async.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 07 Dec 2022 15:10:16 GMT
expires: Wed, 07 Dec 2022 15:10:16 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 7620521014390440643
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 15183
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/1011747518/?random=1662540977731&cv=9&fst=1662537600000&num=1&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=2483747102&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
216.58.211.4200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/1011747518/?random=1662540977731&cv=9&fst=1662537600000&num=1&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=2483747102&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 216.58.211.4:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1011747518/?random=1662540977731&cv=9&fst=1662537600000&num=1&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=2483747102&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 15:10:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3997eecb2beabb0dcc80c85bf66ccfbb
10a53e3c4b7834a6e4ab244530b5eb19121c8c18
3c95bd4c9fb9f1db10f8354c2ea1a341fe3d5ba9c21619b9c4013fe2df482815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 15:10:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/1p-user-list/1011747518/?random=1662540977732&cv=9&fst=1662537600000&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=2097440824&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
216.58.211.4200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/1011747518/?random=1662540977732&cv=9&fst=1662537600000&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=2097440824&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 216.58.211.4:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1011747518/?random=1662540977732&cv=9&fst=1662537600000&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=2097440824&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 15:10:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/10937558046/?random=1662540977733&cv=9&fst=1662537600000&num=1&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=1313587183&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
216.58.211.4200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/10937558046/?random=1662540977733&cv=9&fst=1662537600000&num=1&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=1313587183&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 216.58.211.4:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/10937558046/?random=1662540977733&cv=9&fst=1662537600000&num=1&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=1313587183&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 15:10:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3997eecb2beabb0dcc80c85bf66ccfbb
10a53e3c4b7834a6e4ab244530b5eb19121c8c18
3c95bd4c9fb9f1db10f8354c2ea1a341fe3d5ba9c21619b9c4013fe2df482815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 15:10:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com.hk/pagead/1p-user-list/1011747518/?random=1662540977731&cv=9&fst=1662537600000&num=1&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=2483747102&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.com.hk/pagead/1p-user-list/1011747518/?random=1662540977731&cv=9&fst=1662537600000&num=1&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=2483747102&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1011747518/?random=1662540977731&cv=9&fst=1662537600000&num=1&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=2483747102&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 15:10:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com.hk/pagead/1p-user-list/10937558046/?random=1662540977733&cv=9&fst=1662537600000&num=1&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=1313587183&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.com.hk/pagead/1p-user-list/10937558046/?random=1662540977733&cv=9&fst=1662537600000&num=1&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=1313587183&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/10937558046/?random=1662540977733&cv=9&fst=1662537600000&num=1&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=1313587183&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 15:10:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com.hk/pagead/1p-user-list/1011747518/?random=1662540977732&cv=9&fst=1662537600000&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=2097440824&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.com.hk/pagead/1p-user-list/1011747518/?random=1662540977732&cv=9&fst=1662537600000&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=2097440824&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1011747518/?random=1662540977732&cv=9&fst=1662537600000&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&u_h=1440&u_w=2560&u_ah=1400&u_aw=2560&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=5&u_nmime=2>m=2oa8v0&sendb=1&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fcpc%2Fen%2Ftools%2Fpostal-indicia.page&tiba=Postal%20indicia%20tool%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=2097440824&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.com.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 15:10:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash cd6dabd083ee1c237c8ea3ba38cc48d5
bbe4420bf1c0fe0d5621336865563418d2f16f39
c9314cdac13bc2ea94505f473538ab4d5c0a940dfbc2f5447e6f22a5af580572
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 15:10:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
px.ads.linkedin.com/collect?v=2&fmt=js&pid=&time=1670425814038&url=https%3A%2F%2Fadjustpostcanada.ca%2F
13.107.42.14200 OK 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=&time=1670425814038&url=https%3A%2F%2Fadjustpostcanada.ca%2F
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=&time=1670425814038&url=https%3A%2F%2Fadjustpostcanada.ca%2F HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&0ae5dfb0-e3f4-4e5d-8a6c-e01b96591f1c"; domain=.linkedin.com; Path=/; Secure; Expires=Thu, 07-Dec-2023 15:10:16 GMT; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2449:u=1:x=1:i=1670425816:t=1670512216:v=2:sig=AQFaToFa7dg39wj3LRAMogjNAL4-GCTN"; Expires=Thu, 08 Dec 2022 15:10:16 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXvPlFlL3e1M8quZJBC/Q==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: B6299CBB3BFB41E9A8D0108228B0D1DD Ref B: OSL30EDGE0415 Ref C: 2022-12-07T15:10:16Z
date: Wed, 07 Dec 2022 15:10:16 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3997eecb2beabb0dcc80c85bf66ccfbb
10a53e3c4b7834a6e4ab244530b5eb19121c8c18
3c95bd4c9fb9f1db10f8354c2ea1a341fe3d5ba9c21619b9c4013fe2df482815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 15:10:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adjustpostcanada.ca/file/saved_resource.html
91.229.90.157200 OK 26 kB URL HTTP/2 adjustpostcanada.ca/file/saved_resource.html
IP 91.229.90.157:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32924)
Hash bd35c29135a1af2708922bce6bdc10eb
bf4d2621c0aa9f0366b4db67fc59699462ab3e18
79296535da9a03c5824e273b2c290ffbb8425c271a8855dab876f80a8bac4b42
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
GET /file/saved_resource.html HTTP/1.1
Host: adjustpostcanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Cookie: PHPSESSID=5a951d1c5b66135d5fbe43dc2ab16298; AMCV_0C4E3704533345770A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C19334%7CvVersion%7C5.2.0; _gcl_au=1.1.43699585.1670425814; at_check=true; s_vnc7=1671030614468%26vn%3D1; s_ivc=true; mbox=session#cb498d59293846938fe05e9f966417f1#1670427675
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Thu, 08 Sep 2022 09:31:06 GMT
etag: "dfa8-6319b65a-3094c7c5d1f9cb80;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 26501
date: Wed, 07 Dec 2022 15:10:16 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
adjustpostcanada.ca/file/tools_chevron.svg
91.229.90.157200 OK 1.2 kB URL HTTP/2 adjustpostcanada.ca/file/tools_chevron.svg
IP 91.229.90.157:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (443)
Hash 31042bee295d59e22e5b20bced44b471
cf537ec24af539f9efbf896c6a17a526f201f680
393bc7ef57877b4038d74f319b27953f00edac0a5b08a3089d8e822dba2efa61
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
GET /file/tools_chevron.svg HTTP/1.1
Host: adjustpostcanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/file/tools.css
Cookie: PHPSESSID=5a951d1c5b66135d5fbe43dc2ab16298; AMCV_0C4E3704533345770A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C19334%7CvVersion%7C5.2.0; _gcl_au=1.1.43699585.1670425814; at_check=true; s_vnc7=1671030614468%26vn%3D1; s_ivc=true; mbox=session#cb498d59293846938fe05e9f966417f1#1670427675
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 14 Dec 2022 15:10:16 GMT
content-type: image/svg+xml
last-modified: Thu, 08 Sep 2022 00:24:54 GMT
etag: "cf2-63193656-c08d40852029089d;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1244
date: Wed, 07 Dec 2022 15:10:16 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
adjustpostcanada.ca/file/stylesheet.css
91.229.90.157200 OK 46 kB URL HTTP/2 adjustpostcanada.ca/file/stylesheet.css
IP 91.229.90.157:0
File type Unicode text, UTF-8 text, with very long lines (559)
Hash ecf97ec8eb7cac32cfac8895eedc180c
23876e544c83043314cfd04300cadd25db5b6fcb
5cc44c0105308979daea3e15c524a33ad3a5949e23533a843590408df0f9365b
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
GET /file/stylesheet.css HTTP/1.1
Host: adjustpostcanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/file/saved_resource.html
Cookie: PHPSESSID=5a951d1c5b66135d5fbe43dc2ab16298; AMCV_0C4E3704533345770A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C19334%7CMCMID%7C35330354211885083414111288506905747423%7CMCAID%7CNONE%7CMCOPTOUT-1670433015s%7CNONE%7CMCAAMLH-1671030615%7C6%7CMCAAMB-1671030615%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CvVersion%7C5.2.0; _gcl_au=1.1.43699585.1670425814; at_check=true; s_vnc7=1671030614468%26vn%3D1; s_ivc=true; mbox=session#cb498d59293846938fe05e9f966417f1#1670427676|PC#cb498d59293846938fe05e9f966417f1.37_0#1733670616; s_gpv_url=https%3A%2F%2Fadjustpostcanada.ca%2F; QSI_HistorySession=https%3A%2F%2Fadjustpostcanada.ca%2F~1670425814813; AMCVS_0C4E3704533345770A490D44%40AdobeOrg=1; s_nr=1670425815427-New; gpv_v4=cpc.ca%3A%20%3E%20en%20%3E%20common%20%3E%20psi%20%3E%20Postal%20indicia%20tool; s_lv=1670425815427; s_lv_s=First%20Visit; s_ppvl=%5B%5BB%5D%5D; s_ppv=cpc.ca%253A%2520%253E%2520en%2520%253E%2520common%2520%253E%2520psi%2520%253E%2520Postal%2520indicia%2520tool%2C46%2C46%2C939%2C1280%2C939%2C1280%2C1024%2C1%2CL; s_cc=true
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 14 Dec 2022 15:10:16 GMT
content-type: text/css
last-modified: Thu, 08 Sep 2022 08:59:50 GMT
etag: "29454-6319af06-c05d36cc6e2eae85;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 45859
date: Wed, 07 Dec 2022 15:10:16 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 02e278057630aee0bd15f1c6bd14c571
bd6436929acb1187cb6ebd2205daebe7f48aa7b4
0a2e5fd760ba3403fa9e569d8e918f114c5287f8c9a8404637bcfa8a154accd1
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=171564
Date: Wed, 07 Dec 2022 15:10:16 GMT
Etag: "63909c9e-1d7"
Expires: Fri, 09 Dec 2022 14:49:40 GMT
Last-Modified: Wed, 07 Dec 2022 14:01:02 GMT
Server: ECS (bsa/EB15)
X-Cache: Miss from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Mco8xVeRNYvdVac4eEoE1liJervVJaVBV5ZcjIH6WtXiKoDo0-X6JA==
Age: 2918
sb.scorecardresearch.com/b?c1=2&c2=6035946&cs_it=b3&cv=3.8.0.210223&ns__t=1670425815736&ns_c=UTF-8&c7=https%3A%2F%2Fadjustpostcanada.ca%2F&c8=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&c9=
143.204.55.94204 No Content 0 B URL HTTP/2 sb.scorecardresearch.com/b?c1=2&c2=6035946&cs_it=b3&cv=3.8.0.210223&ns__t=1670425815736&ns_c=UTF-8&c7=https%3A%2F%2Fadjustpostcanada.ca%2F&c8=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&c9=
IP 143.204.55.94:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b?c1=2&c2=6035946&cs_it=b3&cv=3.8.0.210223&ns__t=1670425815736&ns_c=UTF-8&c7=https%3A%2F%2Fadjustpostcanada.ca%2F&c8=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&c9= HTTP/1.1
Host: sb.scorecardresearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 07 Dec 2022 15:10:16 GMT
set-cookie: UID=198a939efa3ddce1651fab81670425816; domain=.scorecardresearch.com; path=/; max-age=62208000
x-cache: Miss from cloudfront
via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: m_v9UfAZpDcUHy51FQbk90tYXy1FqpyC0IaHv4GNqhOvavc50so6Xg==
X-Firefox-Spdy: h2
cm.everesttech.net/cm/dd?d_uuid=35351357468025640104109170554951478976
99.80.65.0302 0 B URL HTTP/1.1 cm.everesttech.net/cm/dd?d_uuid=35351357468025640104109170554951478976
IP 99.80.65.0:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/dd?d_uuid=35351357468025640104109170554951478976 HTTP/1.1
Host: cm.everesttech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302
Date: Wed, 07 Dec 2022 15:10:16 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: everest_g_v2=g_surferid~Y5Cs2AAAAGcUXQMx; Domain=.everesttech.net; Expires=Thu, 07-Dec-2023 15:10:16 GMT; Path=/
everest_session_v2=Y5Cs2AAAAGcUXgMx; Domain=.everesttech.net; Path=/
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y5Cs2AAAAGcUXQMx
Server: AMO-cookiemap/1.1
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 81a7e0ed8b45460991a7d9b719423d48
fa4824b64d5484b955cecebbeea06710ced4fba5
2fb356139722003d5c83566b936968a5ce9ba3756f69ace50a53bea6c1b9f7eb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 15:10:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 81a7e0ed8b45460991a7d9b719423d48
fa4824b64d5484b955cecebbeea06710ced4fba5
2fb356139722003d5c83566b936968a5ce9ba3756f69ace50a53bea6c1b9f7eb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 15:10:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 81a7e0ed8b45460991a7d9b719423d48
fa4824b64d5484b955cecebbeea06710ced4fba5
2fb356139722003d5c83566b936968a5ce9ba3756f69ace50a53bea6c1b9f7eb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 15:10:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 81a7e0ed8b45460991a7d9b719423d48
fa4824b64d5484b955cecebbeea06710ced4fba5
2fb356139722003d5c83566b936968a5ce9ba3756f69ace50a53bea6c1b9f7eb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 15:10:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 81a7e0ed8b45460991a7d9b719423d48
fa4824b64d5484b955cecebbeea06710ced4fba5
2fb356139722003d5c83566b936968a5ce9ba3756f69ace50a53bea6c1b9f7eb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 15:10:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dpm.demdex.net/ibs:dpid=411&dpuuid=Y5Cs2AAAAGcUXQMx
99.80.8.77302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=411&dpuuid=Y5Cs2AAAAGcUXQMx
IP 99.80.8.77:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=411&dpuuid=Y5Cs2AAAAGcUXQMx HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://adjustpostcanada.ca/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v045-08dd6474c.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y5Cs2AAAAGcUXQMx
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=50404702635914229131445105016963579591; Max-Age=15552000; Expires=Mon, 05 Jun 2023 15:10:16 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: x3GgFPgMTio=
Content-Length: 0
Connection: keep-alive
googleads.g.doubleclick.net/pagead/viewthroughconversion/1011747518/?random=1670425815785&cv=9&fst=1670425815785&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fadjustpostcanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=43699585.1670425814&hn=www.google.com&async=1&rfmt=3&fmt=4
142.250.74.66200 OK 971 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1011747518/?random=1670425815785&cv=9&fst=1670425815785&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fadjustpostcanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=43699585.1670425814&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 142.250.74.66:0
File type ASCII text, with very long lines (2253), with no line terminators
Hash 8c541744ecaf4648cdbd44288401b3e5
595e27e2f81d103318c029eea0a345c3bafe4a3e
d3f5e53d36b078ca920be01bf481202dbbd437278053a3f137b1cba6d2c8c3ce
GET /pagead/viewthroughconversion/1011747518/?random=1670425815785&cv=9&fst=1670425815785&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fadjustpostcanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=43699585.1670425814&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 15:10:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 971
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 07-Dec-2022 15:25:16 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/10937558046/?random=1670425815810&cv=9&fst=1670425815810&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fadjustpostcanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=43699585.1670425814&hn=www.google.com&async=1&rfmt=3&fmt=4
142.250.74.66200 OK 968 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/10937558046/?random=1670425815810&cv=9&fst=1670425815810&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fadjustpostcanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=43699585.1670425814&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 142.250.74.66:0
File type ASCII text, with very long lines (2257), with no line terminators
Hash f65208e1012eeb46bb8bcada03702427
c2ccb82b1648d352b2fd3648522f5046b4aca7c1
6b0faeede3adaa3b51063ce8e81e5506278a2b881f1c5c95fb67f506546dc886
GET /pagead/viewthroughconversion/10937558046/?random=1670425815810&cv=9&fst=1670425815810&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fadjustpostcanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=43699585.1670425814&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 15:10:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 968
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 07-Dec-2022 15:25:16 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/1011747518/?random=1670425815788&cv=9&fst=1670425815788&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fadjustpostcanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=43699585.1670425814&hn=www.google.com&async=1&rfmt=3&fmt=4
142.250.74.66200 OK 1.0 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1011747518/?random=1670425815788&cv=9&fst=1670425815788&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fadjustpostcanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=43699585.1670425814&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 142.250.74.66:0
File type ASCII text, with very long lines (2597), with no line terminators
Hash 81200071450b8a52546490f677dedbfe
ba8f73b520e9359f7eb72a09abaf332dc937039f
7270ce2f4713742326b0ba036043675a3ab5e1c7d546f94941bdc732b2adc792
GET /pagead/viewthroughconversion/1011747518/?random=1670425815788&cv=9&fst=1670425815788&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fadjustpostcanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=43699585.1670425814&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 15:10:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1045
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 07-Dec-2022 15:25:16 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/1011747518/?random=1670425815797&cv=9&fst=1670425815797&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fadjustpostcanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=43699585.1670425814&hn=www.google.com&async=1&rfmt=3&fmt=4
142.250.74.66200 OK 1.0 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1011747518/?random=1670425815797&cv=9&fst=1670425815797&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fadjustpostcanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=43699585.1670425814&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 142.250.74.66:0
File type ASCII text, with very long lines (2597), with no line terminators
Hash a268f9bb4fea9c6302154066f05dc1a4
cbac5b3f1955388258d4863ce3415f6d3b1b7f9c
03e4a1247588028e83dcdd638b2cdf7b060e76e6f2632ce5601bf0326736f158
GET /pagead/viewthroughconversion/1011747518/?random=1670425815797&cv=9&fst=1670425815797&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fadjustpostcanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=43699585.1670425814&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 15:10:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1044
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 07-Dec-2022 15:25:16 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/1011747518/?random=1670425815795&cv=9&fst=1670425815795&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fadjustpostcanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=43699585.1670425814&hn=www.google.com&async=1&rfmt=3&fmt=4
142.250.74.66200 OK 971 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1011747518/?random=1670425815795&cv=9&fst=1670425815795&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fadjustpostcanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=43699585.1670425814&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 142.250.74.66:0
File type ASCII text, with very long lines (2255), with no line terminators
Hash ab72acd236c28d7a166755ec8e2b5523
542b30884e120422d7c2ea8908628e8404d37af3
e552cb3ba4f6a9ec10d8ce664ed323c8ceec90678728529e42534920bc660937
GET /pagead/viewthroughconversion/1011747518/?random=1670425815795&cv=9&fst=1670425815795&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fadjustpostcanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=43699585.1670425814&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 15:10:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 971
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 07-Dec-2022 15:25:16 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/10937558046/?random=1670425815806&cv=9&fst=1670425815806&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fadjustpostcanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=43699585.1670425814&hn=www.google.com&async=1&rfmt=3&fmt=4
142.250.74.66200 OK 973 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/10937558046/?random=1670425815806&cv=9&fst=1670425815806&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fadjustpostcanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=43699585.1670425814&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 142.250.74.66:0
File type ASCII text, with very long lines (2255), with no line terminators
Hash c52a9c18d03e1ad6eaafcfa6236591cc
81d4826bfa0cc2015b3bf94251cab27d12d269e8
cddd4f09a67ea48ba7fd72540df1fda2f2145252b07cca0dff2c198c4933f9a3
GET /pagead/viewthroughconversion/10937558046/?random=1670425815806&cv=9&fst=1670425815806&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fadjustpostcanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&auid=43699585.1670425814&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 15:10:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 973
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 07-Dec-2022 15:25:16 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 81a7e0ed8b45460991a7d9b719423d48
fa4824b64d5484b955cecebbeea06710ced4fba5
2fb356139722003d5c83566b936968a5ce9ba3756f69ace50a53bea6c1b9f7eb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 15:10:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 0fa282ae07239f0cf04503485877d681
631aa2fff49d29c46341db6540d25917b3626ef5
9020928ea0c9addf3e0a04d78db4158b54b4f29577785b5adb4cf7f2949ced17
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 15:10:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y5Cs2AAAAGcUXQMx
99.80.8.77200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y5Cs2AAAAGcUXQMx
IP 99.80.8.77:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y5Cs2AAAAGcUXQMx HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://adjustpostcanada.ca/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-2-v045-00fcfd78a.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: 9whH/LQ1SdI=
Content-Length: 59
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 0fa282ae07239f0cf04503485877d681
631aa2fff49d29c46341db6540d25917b3626ef5
9020928ea0c9addf3e0a04d78db4158b54b4f29577785b5adb4cf7f2949ced17
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 15:10:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 0fa282ae07239f0cf04503485877d681
631aa2fff49d29c46341db6540d25917b3626ef5
9020928ea0c9addf3e0a04d78db4158b54b4f29577785b5adb4cf7f2949ced17
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 15:10:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 0fa282ae07239f0cf04503485877d681
631aa2fff49d29c46341db6540d25917b3626ef5
9020928ea0c9addf3e0a04d78db4158b54b4f29577785b5adb4cf7f2949ced17
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 15:10:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 0fa282ae07239f0cf04503485877d681
631aa2fff49d29c46341db6540d25917b3626ef5
9020928ea0c9addf3e0a04d78db4158b54b4f29577785b5adb4cf7f2949ced17
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 15:10:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/10937558046/?random=1670425815810&cv=9&fst=1670425200000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fadjustpostcanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=4005558072&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/10937558046/?random=1670425815810&cv=9&fst=1670425200000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fadjustpostcanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=4005558072&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/10937558046/?random=1670425815810&cv=9&fst=1670425200000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fadjustpostcanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=4005558072&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 15:10:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/1011747518/?random=1670425815785&cv=9&fst=1670425200000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fadjustpostcanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=324649149&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1011747518/?random=1670425815785&cv=9&fst=1670425200000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fadjustpostcanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=324649149&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1011747518/?random=1670425815785&cv=9&fst=1670425200000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fadjustpostcanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=324649149&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 15:10:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/1011747518/?random=1670425815795&cv=9&fst=1670425200000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fadjustpostcanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=3118296424&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1011747518/?random=1670425815795&cv=9&fst=1670425200000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fadjustpostcanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=3118296424&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1011747518/?random=1670425815795&cv=9&fst=1670425200000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fadjustpostcanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=3118296424&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 15:10:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/1011747518/?random=1670425815788&cv=9&fst=1670425200000&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fadjustpostcanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=1037532949&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1011747518/?random=1670425815788&cv=9&fst=1670425200000&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fadjustpostcanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=1037532949&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1011747518/?random=1670425815788&cv=9&fst=1670425200000&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fadjustpostcanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=1037532949&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 15:10:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.linkedin.oribi.io/partner/9198/domain/adjustpostcanada.ca/token
143.204.55.61200 OK 0 B URL HTTP/2 cdn.linkedin.oribi.io/partner/9198/domain/adjustpostcanada.ca/token
IP 143.204.55.61:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
OPTIONS /partner/9198/domain/adjustpostcanada.ca/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://adjustpostcanada.ca/
Origin: https://adjustpostcanada.ca
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 0
date: Wed, 07 Dec 2022 15:10:16 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: content-type
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
x-cache: Miss from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: amrgOdJoxyS8GywXq9sj_-u0-lMhOCRuPC7tizCQixX8U2ylK3fF4g==
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/1011747518/?random=1670425815797&cv=9&fst=1670425200000&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fadjustpostcanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=2966102268&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1011747518/?random=1670425815797&cv=9&fst=1670425200000&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fadjustpostcanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=2966102268&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1011747518/?random=1670425815797&cv=9&fst=1670425200000&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dpage_view%3Bclass%3Doptanon-category-C0004%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fadjustpostcanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=2966102268&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 15:10:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/10937558046/?random=1670425815806&cv=9&fst=1670425200000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fadjustpostcanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=430679583&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/10937558046/?random=1670425815806&cv=9&fst=1670425200000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fadjustpostcanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=430679583&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/10937558046/?random=1670425815806&cv=9&fst=1670425200000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fadjustpostcanada.ca%2F&tiba=Schedule%20a%20Redlivery%20%7C%20Canada%20Post&async=1&fmt=3&is_vtc=1&random=430679583&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 15:10:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 0fa282ae07239f0cf04503485877d681
631aa2fff49d29c46341db6540d25917b3626ef5
9020928ea0c9addf3e0a04d78db4158b54b4f29577785b5adb4cf7f2949ced17
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 15:10:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adjustpostcanada.ca/file/building_preview.gif
91.229.90.157200 OK 12 kB URL HTTP/2 adjustpostcanada.ca/file/building_preview.gif
IP 91.229.90.157:0
File type GIF image data, version 89a, 113 x 108\012- data
Hash 3c3ba37130de5fe15faf97c18908283e
c15b49cb09745a9939315132e18f2e40fa2ccf22
9096646da2177d5db92f79352509450582a376913bb5387557c1efd28d0c377b
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
GET /file/building_preview.gif HTTP/1.1
Host: adjustpostcanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Cookie: PHPSESSID=5a951d1c5b66135d5fbe43dc2ab16298
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 14 Dec 2022 15:10:17 GMT
content-type: image/gif
last-modified: Thu, 08 Sep 2022 08:59:48 GMT
etag: "3030-6319af04-40c231c3264b7d83;;;"
accept-ranges: bytes
content-length: 12336
date: Wed, 07 Dec 2022 15:10:17 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
siteintercept.qualtrics.com/dxjsmodule/1.8ce69394dfc154e65174.chunk.js?Q_CLIENTVERSION=1.81.0&Q_CLIENTTYPE=web&Q_BRANDID=canadapostdigital
104.17.209.240200 OK 0 B URL HTTP/2 siteintercept.qualtrics.com/dxjsmodule/1.8ce69394dfc154e65174.chunk.js?Q_CLIENTVERSION=1.81.0&Q_CLIENTTYPE=web&Q_BRANDID=canadapostdigital
IP 104.17.209.240:0
GET /dxjsmodule/1.8ce69394dfc154e65174.chunk.js?Q_CLIENTVERSION=1.81.0&Q_CLIENTTYPE=web&Q_BRANDID=canadapostdigital HTTP/1.1
Host: siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 15:10:17 GMT
content-type: application/javascript
cf-ray: 775e2fef6bf2b4f1-OSL
access-control-allow-origin: *
age: 26665
cache-control: public, max-age=604800, s-maxage=604800
etag: W/"7380-1845383cf10"
last-modified: Mon, 07 Nov 2022 19:14:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify
cf-polished: origSize=29568
edge-control: max-age=604800
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
sb.scorecardresearch.com/beacon.js
143.204.55.94200 OK 0 B URL HTTP/2 sb.scorecardresearch.com/beacon.js
IP 143.204.55.94:0
GET /beacon.js HTTP/1.1
Host: sb.scorecardresearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Wed, 07 Dec 2022 01:08:33 GMT
cache-control: max-age=86400
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: rXONUhmYcz76VlAfSOM2wnzYkstHN75oXiOAtR8aqTVzqTsVWghniA==
age: 50506
X-Firefox-Spdy: h2
adjustpostcanada.ca/file/jquery.js
91.229.90.157200 OK 0 B URL HTTP/2 adjustpostcanada.ca/file/jquery.js
IP 91.229.90.157:0
GET /file/jquery.js HTTP/1.1
Host: adjustpostcanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Cookie: PHPSESSID=5a951d1c5b66135d5fbe43dc2ab16298
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 14 Dec 2022 15:10:14 GMT
content-type: application/javascript
last-modified: Thu, 08 Sep 2022 08:59:42 GMT
etag: "1b16c-6319aefe-7fd382a27cacff26;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 49513
date: Wed, 07 Dec 2022 15:10:14 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
cdn.linkedin.oribi.io/partner/9198/domain/adjustpostcanada.ca/token
143.204.55.61200 OK 0 B URL HTTP/2 cdn.linkedin.oribi.io/partner/9198/domain/adjustpostcanada.ca/token
IP 143.204.55.61:0
GET /partner/9198/domain/adjustpostcanada.ca/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://adjustpostcanada.ca
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
date: Wed, 07 Dec 2022 15:10:16 GMT
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: gzip
vary: accept-encoding
x-cache: Miss from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: B7JQbrjBIP42yZRulMYy5Wmkko0FO3be6i6fBPP7mbSLOzV_S7oD1Q==
X-Firefox-Spdy: h2
zn0xleir6swszany9-canadapostdigital.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_0xleIR6sWSZaNY9&Q_LOC=https%3A%2F%2Fadjustpostcanada.ca%2F&t=1670425816854
104.17.209.240200 OK 0 B URL HTTP/2 zn0xleir6swszany9-canadapostdigital.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_0xleIR6sWSZaNY9&Q_LOC=https%3A%2F%2Fadjustpostcanada.ca%2F&t=1670425816854
IP 104.17.209.240:0
GET /WRSiteInterceptEngine/?Q_ZID=ZN_0xleIR6sWSZaNY9&Q_LOC=https%3A%2F%2Fadjustpostcanada.ca%2F&t=1670425816854 HTTP/1.1
Host: zn0xleir6swszany9-canadapostdigital.siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 15:10:17 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 775e2fede96bb4f1-OSL
access-control-allow-origin: *
age: 29773
cache-control: public, max-age=3600, s-maxage=604800
etag: W/"2127-yCXSqeWNF3QQ5gWuVWm89QaDdXQ"
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify
cf-polished: origSize=8487
edge-control: max-age=604800
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
adjustpostcanada.ca/file/js(2)
91.229.90.157200 OK 0 B URL HTTP/2 adjustpostcanada.ca/file/js(2)
IP 91.229.90.157:0
GET /file/js(2) HTTP/1.1
Host: adjustpostcanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Cookie: PHPSESSID=5a951d1c5b66135d5fbe43dc2ab16298
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 08 Sep 2022 08:59:42 GMT
etag: "1c73d-6319aefe-b2ccf43572de11e3;;;"
accept-ranges: bytes
content-length: 116541
date: Wed, 07 Dec 2022 15:10:14 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
adjustpostcanada.ca/file/js
91.229.90.157200 OK 0 B URL HTTP/2 adjustpostcanada.ca/file/js
IP 91.229.90.157:0
GET /file/js HTTP/1.1
Host: adjustpostcanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Cookie: PHPSESSID=5a951d1c5b66135d5fbe43dc2ab16298
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 08 Sep 2022 08:59:42 GMT
etag: "263c8-6319aefe-8c828267efc8941d;;;"
accept-ranges: bytes
content-length: 156616
date: Wed, 07 Dec 2022 15:10:14 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_0xleIR6sWSZaNY9&Q_CLIENTVERSION=1.76.1&Q_CLIENTTYPE=web
104.17.209.240200 OK 0 B URL HTTP/2 siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_0xleIR6sWSZaNY9&Q_CLIENTVERSION=1.76.1&Q_CLIENTTYPE=web
IP 104.17.209.240:0
POST /WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_0xleIR6sWSZaNY9&Q_CLIENTVERSION=1.76.1&Q_CLIENTTYPE=web HTTP/1.1
Host: siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 81
Origin: https://adjustpostcanada.ca
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 15:10:15 GMT
content-type: application/json
cf-ray: 775e2fdfded0b4f1-OSL
access-control-allow-origin: https://adjustpostcanada.ca
cache-control: no-store, no-cache, must-revalidate, max-age=0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
trace-id: e2f0e52827424112
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.76.1&Q_CLIENTTYPE=web&Q_BRANDID=canadapostdigital
104.17.209.240200 OK 0 B URL HTTP/2 siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.76.1&Q_CLIENTTYPE=web&Q_BRANDID=canadapostdigital
IP 104.17.209.240:0
GET /dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.76.1&Q_CLIENTTYPE=web&Q_BRANDID=canadapostdigital HTTP/1.1
Host: siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 15:10:15 GMT
content-type: application/javascript
cf-ray: 775e2fe0f85fb4f1-OSL
access-control-allow-origin: *
age: 21068
cache-control: public, max-age=604800, s-maxage=604800
etag: W/"19abd-182d0e95990"
last-modified: Wed, 24 Aug 2022 17:32:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify
cf-polished: origSize=105149
edge-control: max-age=604800
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.81.0&Q_CLIENTTYPE=web&Q_BRANDID=canadapostdigital
104.17.209.240200 OK 0 B URL HTTP/2 siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.81.0&Q_CLIENTTYPE=web&Q_BRANDID=canadapostdigital
IP 104.17.209.240:0
GET /dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.81.0&Q_CLIENTTYPE=web&Q_BRANDID=canadapostdigital HTTP/1.1
Host: siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adjustpostcanada.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 15:10:17 GMT
content-type: application/javascript
cf-ray: 775e2feeeb4bb4f1-OSL
access-control-allow-origin: *
age: 26664
cache-control: public, max-age=604800, s-maxage=604800
etag: W/"19b73-1845383cf10"
last-modified: Mon, 07 Nov 2022 19:14:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify
cf-polished: origSize=105331
edge-control: max-age=604800
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2