aqualiayods6.com Open in urlscan Pro
62.97.80.27 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://postaloffice38.click/
Effective URL:
https://aqualiayods6.com/CA/TRACKING/
Submission: On September 19 via automatic, source certstream-suspicious (September 19th 2022, 8:55:10 pm UTC) — Scanned from DE

Summary HTTP 55 Redirects Links 40 Behaviour Indicators

Summary

This website contacted 11 IPs in 5 countries across 12 domains to perform 55 HTTP transactions. The main IP is 62.97.80.27, located in Madrid, Spain and belongs to COLT COLT Technology Services Group Limited, GB. The main domain is aqualiayods6.com.
TLS certificate: Issued by R3 on August 14th 2022. Valid for: 3 months.

This is the only time aqualiayods6.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Canada Post (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
1 1	186.202.161.20 186.202.161.20	27715 (Locaweb S...) (Locaweb Servicos de Internet SA)
2 16	62.97.80.27 62.97.80.27	8220 (COLT COLT...) (COLT COLT Technology Services Group Limited)
2 6	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
2 5	142.250.184.230 142.250.184.230	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
4	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
4 8	2a02:26f0:10e... 2a02:26f0:10e:3bc::1dc5	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
55	11

1 186.202.161.20 (Brazil) 1 redirects

ASN27715 (Locaweb Servicos de Internet SA, BR)

postaloffice38.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 62.97.80.27 (Madrid, Spain) 2 redirects

ASN8220 (COLT COLT Technology Services Group Limited, GB)
PTR: plesk17.cloudimagar.com

aqualiayods6.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.184.230 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net

9852050.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:26f0:10e:3bc::1dc5 (Vienna, Austria) 4 redirects

ASN20940 (AKAMAI-ASN1, NL)

www.canadapost.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.canadapost-postescanada.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	aqualiayods6.com 2 redirects aqualiayods6.com	1 MB
12	gstatic.com www.gstatic.com fonts.gstatic.com	57 KB
8	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 75	49 KB
7	doubleclick.net 4 redirects 9852050.fls.doubleclick.net — Cisco Umbrella Rank: 940283 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41	4 KB
4	canadapost-postescanada.ca www.canadapost-postescanada.ca — Cisco Umbrella Rank: 119838	13 KB
4	canadapost.ca 4 redirects www.canadapost.ca — Cisco Umbrella Rank: 111670	1 KB
4	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 128	37 KB
3	google.de 1 redirects adservice.google.de — Cisco Umbrella Rank: 9081 www.google.de — Cisco Umbrella Rank: 6352	2 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 40	2 KB
1	postaloffice38.click 1 redirects postaloffice38.click	307 B
0	23323232-postescanada.ca Failed evaluation.23323232-postescanada.ca Failed
0	23323232.ca Failed www.23323232.ca Failed
55	12

	Domain	Requested by
16	aqualiayods6.com	2 redirects aqualiayods6.com
8	www.gstatic.com	www.google.com
6	www.google.com	2 redirects aqualiayods6.com
5	9852050.fls.doubleclick.net	2 redirects aqualiayods6.com adservice.google.com
4	fonts.gstatic.com	fonts.googleapis.com
4	www.canadapost-postescanada.ca	aqualiayods6.com
4	www.canadapost.ca	4 redirects
4	www.googleadservices.com	9852050.fls.doubleclick.net www.googleadservices.com
2	www.google.de	9852050.fls.doubleclick.net
2	googleads.g.doubleclick.net	2 redirects
2	fonts.googleapis.com	aqualiayods6.com
2	adservice.google.com	9852050.fls.doubleclick.net
1	adservice.google.de	1 redirects
1	postaloffice38.click	1 redirects
0	evaluation.23323232-postescanada.ca Failed	aqualiayods6.com
0	www.23323232.ca Failed	aqualiayods6.com
55	16

This site contains links to these domains. Also see Links.

Domain
www.23323232.ca
sso-osu.23323232-postescanada.ca
www.c.ca
cpc.njoyn.com
jobs.23323232.ca
www.facebook.com
twitter.com
www.instagram.com
www.linkedin.com
www.youtube.com
infopost.ca
mysite.23323232.ca
www.canada.ca

Subject Issuer	Validity	Valid
aqualiayods6.com R3	`2022-08-14` - `2022-11-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://aqualiayods6.com/CA/TRACKING/
Frame ID: E395D7FE6DF580CC5DFBA5462FCEEBC5
Requests: 19 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5GaEUAAAAAPOr96CP5TcLgJ47q6GMkl4qIbBF&co=aHR0cHM6Ly9zc28tb3N1LmNhbmFkYXBvc3QtcG9zdGVzY2FuYWRhLmNhOjQ0Mw..&hl=en&v=sG0iO6gHcGdWJzjJjW9AY49S&size=invisible&badge=inline&cb=bduv6gvy4bnn
Frame ID: 85F60114E99034766A6CBF62BF3D28EC
Requests: 3 HTTP requests in this frame

Frame: https://evaluation.23323232-postescanada.ca/jfe/form/SV_71iOFlig0vNugpn?Q_CHL=si&Page=https%3A%2F%2Fsso-osu.23323232-postescanada.ca%2Fpfe-pap%2Fen%2Fregistration%2Fpersonal&Q_lang=EN&Q_CanScreenCapture=1
Frame ID: 0EAE993EBB359F73E6CC8CB5B9F570D3
Requests: 1 HTTP requests in this frame

Frame: https://9852050.fls.doubleclick.net/activityi;dc_pre=CMXL8OjeofoCFZShmgodVpcFmg;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BPage%20Name%5D;u3=%5BURL%5D;u4=%5BReferral%5D;u5=%5BLanguage%5D;u6=%5BJourney%20Step%5D;~oref=https%3A%2F%2Fsso-osu.23323232-postescanada.ca%2Fpfe-pap%2Fen%2Fregistration%2Fpersonal
Frame ID: 8ADCAECAC311D233F0295D6DE4450ADF
Requests: 1 HTTP requests in this frame

Frame: https://aqualiayods6.com/CA/TRACKING/
Frame ID: 315A0F6834815750DB4938C7EFCC7692
Requests: 11 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=sG0iO6gHcGdWJzjJjW9AY49S&k=6Lc5GaEUAAAAAPOr96CP5TcLgJ47q6GMkl4qIbBF&cb=atzvqwustmhr
Frame ID: 7D59DFBDEDE1BDEB8DE4B3F34B21C773
Requests: 3 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CMXL8OjeofoCFZShmgodVpcFmg;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BPage%20Name%5D;u3=%5BURL%5D;u4=%5BReferral%5D;u5=%5BLanguage%5D;u6=%5BJourney%20Step%5D;~oref=https%3A%2F%2Fsso-osu.23323232-postescanada.ca%2Fpfe-pap%2Fen%2Fregistration%2Fpersonal
Frame ID: D7369A826C74EDD4FEFA98DD67A57EA1
Requests: 1 HTTP requests in this frame

Frame: https://9852050.fls.doubleclick.net/ddm/fls/r/dc_pre=CMXL8OjeofoCFZShmgodVpcFmg;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BPage%20Name%5D;u3=%5BURL%5D;u4=%5BReferral%5D;u5=%5BLanguage%5D;u6=%5BJourney%20Step%5D;~oref=https%3A%2F%2Fsso-osu.23323232-postescanada.ca%2Fpfe-pap%2Fen%2Fregistration%2Fpersonal
Frame ID: F575AFCA56B656637EFADEB76C6450A7
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5GaEUAAAAAPOr96CP5TcLgJ47q6GMkl4qIbBF&co=aHR0cHM6Ly9zc28tb3N1LmNhbmFkYXBvc3QtcG9zdGVzY2FuYWRhLmNhOjQ0Mw..&hl=en&v=sG0iO6gHcGdWJzjJjW9AY49S&size=invisible&badge=inline&cb=bduv6gvy4bnn
Frame ID: 7110849A8ADE80A7480185CA9F23006A
Requests: 3 HTTP requests in this frame

Frame: https://evaluation.23323232-postescanada.ca/jfe/form/SV_71iOFlig0vNugpn?Q_CHL=si&Page=https%3A%2F%2Fsso-osu.23323232-postescanada.ca%2Fpfe-pap%2Fen%2Fregistration%2Fpersonal&Q_lang=EN&Q_CanScreenCapture=1
Frame ID: 50A0B343AB93B4506E0CE64F7E6DB440
Requests: 1 HTTP requests in this frame

Frame: https://9852050.fls.doubleclick.net/activityi;dc_pre=CIyaouneofoCFQHgGAodmm4EZA;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BPage%20Name%5D;u3=%5BURL%5D;u4=%5BReferral%5D;u5=%5BLanguage%5D;u6=%5BJourney%20Step%5D;~oref=https%3A%2F%2Fsso-osu.23323232-postescanada.ca%2Fpfe-pap%2Fen%2Fregistration%2Fpersonal
Frame ID: 47EF613E3BA418FE334FCD2E2387BE4D
Requests: 5 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=sG0iO6gHcGdWJzjJjW9AY49S&k=6Lc5GaEUAAAAAPOr96CP5TcLgJ47q6GMkl4qIbBF&cb=atzvqwustmhr
Frame ID: 01B4F12775EEEBC71A27C8D686AC7D91
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

InformationFacebookTwitterInstagramLinkedinYouTubeFacebookTwitterInstagramLinkedinYouTubeFacebookTwitterInstagramLinkedinYouTube

Page URL History Show full URLs

https://postaloffice38.click/ HTTP 302
https://aqualiayods6.com/CA/?CA=OKBB HTTP 302
https://aqualiayods6.com/CA/TRACKING HTTP 301
https://aqualiayods6.com/CA/TRACKING/ Page URL

Detected technologies

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+foundation[^>"]+css

Page Statistics

55
Requests

75 %
HTTPS

69 %
IPv6

12
Domains

16
Subdomains

11
IPs

5
Countries

1413 kB
Transfer

1521 kB
Size

2
Cookies

40 Outgoing links

These are links going to different origins than the main page.

URL: https://www.23323232.ca/dash-tableau/en
Title: My account

Search URL Search Domain Scan URL

URL: https://sso-osu.23323232-postescanada.ca/lfe-cap/en/forgot-username?&sourceUrl=https%3A%2F%2Fsso-osu.23323232-postescanada.ca%2Fpfe-pap%2Fen%2Fregistration%2Fpersonal&targetUrl=https%3A%2F%2Fsso-osu.23323232-postescanada.ca%2Fpfe-pap%2Fen%2Fregistration%2Fpersonal%3FforceVouchFor%3Dtrue&businessUrl=https%3A%2F%2Fwww.23323232.ca%2Fdash-tableau%2Fen%2F%3FforceVouchFor%3Dtrue
Title: Username?

Search URL Search Domain Scan URL

URL: https://sso-osu.23323232-postescanada.ca/lfe-cap/en/forgot-password?&sourceUrl=https%3A%2F%2Fsso-osu.23323232-postescanada.ca%2Fpfe-pap%2Fen%2Fregistration%2Fpersonal&targetUrl=https%3A%2F%2Fsso-osu.23323232-postescanada.ca%2Fpfe-pap%2Fen%2Fregistration%2Fpersonal%3FforceVouchFor%3Dtrue&businessUrl=https%3A%2F%2Fwww.23323232.ca%2Fdash-tableau%2Fen%2F%3FforceVouchFor%3Dtrue
Title: Password?

Search URL Search Domain Scan URL

URL: https://sso-osu.23323232-postescanada.ca/pfe-pap/en/registration?&sourceUrl=https%3A%2F%2Fsso-osu.23323232-postescanada.ca%2Fpfe-pap%2Fen%2Fregistration%2Fpersonal&targetUrl=https%3A%2F%2Fsso-osu.23323232-postescanada.ca%2Fpfe-pap%2Fen%2Fregistration%2Fpersonal%3FforceVouchFor%3Dtrue&businessUrl=https%3A%2F%2Fwww.23323232.ca%2Fdash-tableau%2Fen%2F%3FforceVouchFor%3Dtrue
Title: Register now

Search URL Search Domain Scan URL

URL: https://www.23323232.ca/information/app/wtz/business/landedCost
Title: Estimate duties and taxes

Search URL Search Domain Scan URL

URL: https://www.23323232.ca/information/app/wtz/business/findHsCode
Title: Find customs codes

Search URL Search Domain Scan URL

URL: https://www.23323232.ca/information/app/cdc
Title: Complete customs form

Search URL Search Domain Scan URL

URL: https://www.23323232.ca/track-reperage/en
Title: Track a package

Search URL Search Domain Scan URL

URL: https://www.23323232.ca/info/mc/personal/postalcode/fpc.jsf
Title: Find a postal code

Search URL Search Domain Scan URL

URL: https://www.23323232.ca/cpotools/apps/fpc/personal/findAnAddress
Title: Find an address

Search URL Search Domain Scan URL

URL: https://www.23323232.ca/information/app/fpo/personal/findpostoffice
Title: Find a post office

Search URL Search Domain Scan URL

URL: https://www.23323232.ca/cpotools/apps/fdl/business/findDepositLocation
Title: Find a drop-off location

Search URL Search Domain Scan URL

URL: https://www.23323232.ca/business/tools/ds/default.aspx
Title: Find a delivery standard

Search URL Search Domain Scan URL

URL: https://www.23323232.ca/sam/
Title: Snap Admail

Search URL Search Domain Scan URL

URL: https://www.23323232.ca/web/en/partner/find.page
Title: Find a partner

Search URL Search Domain Scan URL

URL: https://www.23323232.ca/web/en/pages/ncoa/default.page
Title: NCOA Mover Data

Search URL Search Domain Scan URL

URL: https://www.c.ca/web/en/kb/details.page?article=find_recognized_addr&cattype=kb&cat=addressing&subcat=software
Title: SERP – Software Evaluation and Recognition Program

Search URL Search Domain Scan URL

URL: https://www.23323232.ca/web/en/kb/details.page?article=find_recognized_addr&cattype=kb&cat=addressing&subcat=software
Title: SERP – Software Evaluation and Recognition Program

Search URL Search Domain Scan URL

URL: https://www.23323232.ca/web/en/products/details.page?article=forward_your_mail_wh
Title: Forward your mail

Search URL Search Domain Scan URL

URL: https://www.23323232.ca/web/en/products/details.page?article=hold_mail
Title: Hold your mail

Search URL Search Domain Scan URL

URL: https://www.23323232.ca/shop/shop.jsf
Title: Shop

Search URL Search Domain Scan URL

URL: https://www.23323232.ca/information/app/far/business/findARate
Title: Find a rate

Search URL Search Domain Scan URL

URL: https://www.23323232.ca/web/en/blogs/collecting/list.page?cattype=collecting&cat=stamps
Title: Canadian stamp stories

Search URL Search Domain Scan URL

URL: https://www.23323232.ca/web/en/cancels/list.page
Title: Pictorial cancels

Search URL Search Domain Scan URL

URL: https://cpc.njoyn.com/cgi/xweb/Xweb.asp?tbtoken=YF5dQBgXCG50YAcDNVFSCFA9A2FEcCVUe0hYIF4JExcpXkATWUttBhd1LiUuQC4kXgkbVhZST3AqWA%3D%3D&chk=dFlbQBJe&CLID=23060&page=joblisting&lang=1
Title: Apply for retail opportunities only

Search URL Search Domain Scan URL

URL: https://jobs.23323232.ca/go/Canada-Post-All-Current-Opportunities/2319117/
Title: Apply for current opportunities

Search URL Search Domain Scan URL

URL: https://www.facebook.com/23323232
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/23323232corp
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/23323232agram/?hl=en
Title: Instagram

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/company/canada-post?trk=company_name
Title: Linkedin

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/postes23323232
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.23323232.ca/web/en/pages/support/default.page
Title: Need help?

Search URL Search Domain Scan URL

URL: https://www.23323232.ca/web/en/pages/support/default.page#panel2-3
Title: Contact us

Search URL Search Domain Scan URL

URL: https://infopost.ca/
Title: I'm an employee

Search URL Search Domain Scan URL

URL: https://mysite.23323232.ca/saml2/idp/sso?saml2sp=https%3A%2F%2Fwww.successfactors.com%2FS000016952T1&RelayState=%2Fsf%2Fhome
Title: Talent Zone

Search URL Search Domain Scan URL

URL: https://www.23323232.ca/blogs/business
Title: Business Matters

Search URL Search Domain Scan URL

URL: https://www.23323232.ca/blogs/personal
Title: Canada Post Magazine

Search URL Search Domain Scan URL

URL: https://www.23323232.ca/web/en/kb/details.page?article=legal_terms_of_use&cattype=kb&cat=generalinquiries&subcat=generalinformation
Title: Legal

Search URL Search Domain Scan URL

URL: https://www.canada.ca/

Search URL Search Domain Scan URL

URL: https://www.23323232.ca/tools/pg/default-e.asp
Title: All postal guides

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://postaloffice38.click/ HTTP 302
https://aqualiayods6.com/CA/?CA=OKBB HTTP 302
https://aqualiayods6.com/CA/TRACKING HTTP 301
https://aqualiayods6.com/CA/TRACKING/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://9852050.fls.doubleclick.net/activityi;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BPage%20Name%5D;u3=%5BURL%5D;u4=%5BReferral%5D;u5=%5BLanguage%5D;u6=%5BJourney%20Step%5D;~oref=https%3A%2F%2Fsso-osu.23323232-postescanada.ca%2Fpfe-pap%2Fen%2Fregistration%2Fpersonal HTTP 302
https://9852050.fls.doubleclick.net/activityi;dc_pre=CMXL8OjeofoCFZShmgodVpcFmg;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BPage%20Name%5D;u3=%5BURL%5D;u4=%5BReferral%5D;u5=%5BLanguage%5D;u6=%5BJourney%20Step%5D;~oref=https%3A%2F%2Fsso-osu.23323232-postescanada.ca%2Fpfe-pap%2Fen%2Fregistration%2Fpersonal

Request Chain 26

https://adservice.google.de/ddm/fls/i/dc_pre=CMXL8OjeofoCFZShmgodVpcFmg;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BPage%20Name%5D;u3=%5BURL%5D;u4=%5BReferral%5D;u5=%5BLanguage%5D;u6=%5BJourney%20Step%5D;~oref=https%3A%2F%2Fsso-osu.23323232-postescanada.ca%2Fpfe-pap%2Fen%2Fregistration%2Fpersonal HTTP 302
https://9852050.fls.doubleclick.net/ddm/fls/r/dc_pre=CMXL8OjeofoCFZShmgodVpcFmg;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BPage%20Name%5D;u3=%5BURL%5D;u4=%5BReferral%5D;u5=%5BLanguage%5D;u6=%5BJourney%20Step%5D;~oref=https%3A%2F%2Fsso-osu.23323232-postescanada.ca%2Fpfe-pap%2Fen%2Fregistration%2Fpersonal

Request Chain 28

https://www.canadapost.ca/cpc/assets/cpc/img/icons/search.svg HTTP 301
https://www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/search.svg

Request Chain 29

https://www.canadapost.ca/cpc/assets/cpc/img/icons/global-alert/alert.svg HTTP 301
https://www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/global-alert/alert.svg

Request Chain 31

https://www.canadapost.ca/cpc/assets/cpc/img/icons/global-alert/cancel.svg HTTP 301
https://www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/global-alert/cancel.svg

Request Chain 32

https://www.canadapost.ca/cpc/assets/cpc/img/icons/toolbar-cg/feedback.svg HTTP 301
https://www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/toolbar-cg/feedback.svg

Request Chain 38

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/674834224/?random=458375157&cv=9&fst=1663620906088&num=1&npa=1&label=S1hGCOWN-eEBELDO5MEC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9852050.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCMXL8OjeofoCFZShmgodVpcFmg%3Bsrc%3D9852050%3Btype%3Doptim0%3Bcat%3Dperso0%3Bord%3D1374118205095%3Bgtm%3D2od5q1%3Bauiddc%3D1944792256.1620952204%3Bu1%3D%255BProduct%255D%3Bu2%3D%255BPage%2520Name%255D%3Bu3%3D%255BURL%255D%3Bu4%3D%255BReferral%255D%3Bu5%3D%255BLanguage%255D%3Bu6%3D%255BJourney%2520Step%255D%3B~oref%3Dhttps%253A%252F%252Fsso-osu.23323232-postescanada.ca%252Fpfe-pap%252Fen%252Fregistration%252Fpersonal&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=KtcoY-SiCZbImLAP65-piAQ&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/674834224/?random=458375157&cv=9&fst=1663620906088&num=1&npa=1&label=S1hGCOWN-eEBELDO5MEC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9852050.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCMXL8OjeofoCFZShmgodVpcFmg%3Bsrc%3D9852050%3Btype%3Doptim0%3Bcat%3Dperso0%3Bord%3D1374118205095%3Bgtm%3D2od5q1%3Bauiddc%3D1944792256.1620952204%3Bu1%3D%255BProduct%255D%3Bu2%3D%255BPage%2520Name%255D%3Bu3%3D%255BURL%255D%3Bu4%3D%255BReferral%255D%3Bu5%3D%255BLanguage%255D%3Bu6%3D%255BJourney%2520Step%255D%3B~oref%3Dhttps%253A%252F%252Fsso-osu.23323232-postescanada.ca%252Fpfe-pap%252Fen%252Fregistration%252Fpersonal&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=KtcoY-SiCZbImLAP65-piAQ&cid=CAQSKQCsnQUxhmHastpNptBYNayrJhKganAk5qLd_q9kZoyGzjfXJzsqe1cH&random=3502107907&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/674834224/?random=458375157&cv=9&fst=1663620906088&num=1&npa=1&label=S1hGCOWN-eEBELDO5MEC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9852050.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCMXL8OjeofoCFZShmgodVpcFmg%3Bsrc%3D9852050%3Btype%3Doptim0%3Bcat%3Dperso0%3Bord%3D1374118205095%3Bgtm%3D2od5q1%3Bauiddc%3D1944792256.1620952204%3Bu1%3D%255BProduct%255D%3Bu2%3D%255BPage%2520Name%255D%3Bu3%3D%255BURL%255D%3Bu4%3D%255BReferral%255D%3Bu5%3D%255BLanguage%255D%3Bu6%3D%255BJourney%2520Step%255D%3B~oref%3Dhttps%253A%252F%252Fsso-osu.23323232-postescanada.ca%252Fpfe-pap%252Fen%252Fregistration%252Fpersonal&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=KtcoY-SiCZbImLAP65-piAQ&cid=CAQSKQCsnQUxhmHastpNptBYNayrJhKganAk5qLd_q9kZoyGzjfXJzsqe1cH&random=3502107907&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Request Chain 44

https://9852050.fls.doubleclick.net/activityi;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BPage%20Name%5D;u3=%5BURL%5D;u4=%5BReferral%5D;u5=%5BLanguage%5D;u6=%5BJourney%20Step%5D;~oref=https%3A%2F%2Fsso-osu.23323232-postescanada.ca%2Fpfe-pap%2Fen%2Fregistration%2Fpersonal HTTP 302
https://9852050.fls.doubleclick.net/activityi;dc_pre=CIyaouneofoCFQHgGAodmm4EZA;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BPage%20Name%5D;u3=%5BURL%5D;u4=%5BReferral%5D;u5=%5BLanguage%5D;u6=%5BJourney%20Step%5D;~oref=https%3A%2F%2Fsso-osu.23323232-postescanada.ca%2Fpfe-pap%2Fen%2Fregistration%2Fpersonal

Request Chain 52

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/674834224/?random=1754597948&cv=9&fst=1663620906428&num=1&npa=1&label=S1hGCOWN-eEBELDO5MEC&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9852050.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCIyaouneofoCFQHgGAodmm4EZA%3Bsrc%3D9852050%3Btype%3Doptim0%3Bcat%3Dperso0%3Bord%3D1374118205095%3Bgtm%3D2od5q1%3Bauiddc%3D1944792256.1620952204%3Bu1%3D%255BProduct%255D%3Bu2%3D%255BPage%2520Name%255D%3Bu3%3D%255BURL%255D%3Bu4%3D%255BReferral%255D%3Bu5%3D%255BLanguage%255D%3Bu6%3D%255BJourney%2520Step%255D%3B~oref%3Dhttps%253A%252F%252Fsso-osu.23323232-postescanada.ca%252Fpfe-pap%252Fen%252Fregistration%252Fpersonal%3F&ref=https%3A%2F%2Faqualiayods6.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=KtcoY-mLG_TMmweK4bDQCw&sscte=1&crd=CJqqsQI HTTP 302
https://www.google.com/pagead/1p-conversion/674834224/?random=1754597948&cv=9&fst=1663620906428&num=1&npa=1&label=S1hGCOWN-eEBELDO5MEC&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9852050.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCIyaouneofoCFQHgGAodmm4EZA%3Bsrc%3D9852050%3Btype%3Doptim0%3Bcat%3Dperso0%3Bord%3D1374118205095%3Bgtm%3D2od5q1%3Bauiddc%3D1944792256.1620952204%3Bu1%3D%255BProduct%255D%3Bu2%3D%255BPage%2520Name%255D%3Bu3%3D%255BURL%255D%3Bu4%3D%255BReferral%255D%3Bu5%3D%255BLanguage%255D%3Bu6%3D%255BJourney%2520Step%255D%3B~oref%3Dhttps%253A%252F%252Fsso-osu.23323232-postescanada.ca%252Fpfe-pap%252Fen%252Fregistration%252Fpersonal%3F&ref=https%3A%2F%2Faqualiayods6.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=KtcoY-mLG_TMmweK4bDQCw&cid=CAQSKQCsnQUxE4bbTj5kHyeQhdEbaBvgBYuIjpzpd55L5TkNOF8Xvsyvqtaq&random=2540354309&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/674834224/?random=1754597948&cv=9&fst=1663620906428&num=1&npa=1&label=S1hGCOWN-eEBELDO5MEC&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9852050.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCIyaouneofoCFQHgGAodmm4EZA%3Bsrc%3D9852050%3Btype%3Doptim0%3Bcat%3Dperso0%3Bord%3D1374118205095%3Bgtm%3D2od5q1%3Bauiddc%3D1944792256.1620952204%3Bu1%3D%255BProduct%255D%3Bu2%3D%255BPage%2520Name%255D%3Bu3%3D%255BURL%255D%3Bu4%3D%255BReferral%255D%3Bu5%3D%255BLanguage%255D%3Bu6%3D%255BJourney%2520Step%255D%3B~oref%3Dhttps%253A%252F%252Fsso-osu.23323232-postescanada.ca%252Fpfe-pap%252Fen%252Fregistration%252Fpersonal%3F&ref=https%3A%2F%2Faqualiayods6.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=KtcoY-mLG_TMmweK4bDQCw&cid=CAQSKQCsnQUxE4bbTj5kHyeQhdEbaBvgBYuIjpzpd55L5TkNOF8Xvsyvqtaq&random=2540354309&resp=GooglemKTybQhCsO&ipr=y&prhg=0

55 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
aqualiayods6.com/CA/TRACKING/
Redirect Chain

https://postaloffice38.click/
https://aqualiayods6.com/CA/?CA=OKBB
https://aqualiayods6.com/CA/TRACKING
https://aqualiayods6.com/CA/TRACKING/

153 KB
153 KB

1188ms
1188ms

Document
text/html

62.97.80.27
COLT COLT Technol...

General

Check archive.org

Show headers Download Go to

Full URL: https://aqualiayods6.com/CA/TRACKING/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 62.97.80.27 Madrid, Spain, ASN8220 (COLT COLT Technology Services Group Limited, GB),
Reverse DNS: plesk17.cloudimagar.com
Software: nginx / PHP/7.3.19 PleskLin
Resource Hash: e8c86b3909b7b5d6286ce6805e64cb106bb6138646fe2498f056b5db76748c51

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Mon, 19 Sep 2022 20:53:52 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
X-Powered-By: PHP/7.3.19 PleskLin

Redirect headers

Connection: keep-alive
Content-Length: 312
Content-Type: text/html; charset=iso-8859-1
Date: Mon, 19 Sep 2022 20:53:50 GMT
Location: https://aqualiayods6.com/CA/TRACKING/
Server: nginx
X-Powered-By: PleskLin

GET
H/1.1 200
OK foundation.css
aqualiayods6.com/CA/TRACKING/css/ 205 KB
206 KB 651ms
486ms Stylesheet
text/css 62.97.80.27
COLT COLT Technol...

General

Check archive.org

Show headers Download Go to

Full URL: https://aqualiayods6.com/CA/TRACKING/css/foundation.css?version=2104.04.2427
Requested by: Host: aqualiayods6.com
URL: https://aqualiayods6.com/CA/TRACKING/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 62.97.80.27 Madrid, Spain, ASN8220 (COLT COLT Technology Services Group Limited, GB),
Reverse DNS: plesk17.cloudimagar.com
Software: nginx / PleskLin
Resource Hash: 216da4960223c3fcc55a0fa7942b8c3ef1d21b7fb2143e7ec5e6cd32c13aa13f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aqualiayods6.com/CA/TRACKING/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 19 Sep 2022 20:53:52 GMT
Last-Modified: Thu, 03 Jun 2021 19:04:36 GMT
Server: nginx
X-Powered-By: PleskLin
ETag: "60b927c4-33543"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 210243

GET
H/1.1 200
OK cwc.css
aqualiayods6.com/CA/TRACKING/css/ 191 KB
192 KB 601ms
437ms Stylesheet
text/css 62.97.80.27
COLT COLT Technol...

General

Check archive.org

Show headers Download Go to

Full URL: https://aqualiayods6.com/CA/TRACKING/css/cwc.css
Requested by: Host: aqualiayods6.com
URL: https://aqualiayods6.com/CA/TRACKING/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 62.97.80.27 Madrid, Spain, ASN8220 (COLT COLT Technology Services Group Limited, GB),
Reverse DNS: plesk17.cloudimagar.com
Software: nginx / PleskLin
Resource Hash: a61def1cd61dedd0cccbcefcf32bf6e718434265d41fe7a16ab367fed074e57b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aqualiayods6.com/CA/TRACKING/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 19 Sep 2022 20:53:52 GMT
Last-Modified: Thu, 03 Jun 2021 19:04:34 GMT
Server: nginx
X-Powered-By: PleskLin
ETag: "60b927c2-2fdaf"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 196015

GET
H/1.1 200
OK styles.css
aqualiayods6.com/CA/TRACKING/css/ 32 KB
32 KB 624ms
448ms Stylesheet
text/css 62.97.80.27
COLT COLT Technol...

General

Check archive.org

Show headers Download Go to

Full URL: https://aqualiayods6.com/CA/TRACKING/css/styles.css?version=2104.04.2427
Requested by: Host: aqualiayods6.com
URL: https://aqualiayods6.com/CA/TRACKING/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 62.97.80.27 Madrid, Spain, ASN8220 (COLT COLT Technology Services Group Limited, GB),
Reverse DNS: plesk17.cloudimagar.com
Software: nginx / PleskLin
Resource Hash: 3282572fde87063e4842f0d7399f0af21c1daee8ddae0a82f6cb7b53b484932e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aqualiayods6.com/CA/TRACKING/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 19 Sep 2022 20:53:52 GMT
Last-Modified: Wed, 19 Jan 2022 20:13:52 GMT
Server: nginx
X-Powered-By: PleskLin
ETag: "61e87100-7e58"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 32344

GET
H/1.1 200
OK logo.svg
aqualiayods6.com/CA/TRACKING/img/ 12 KB
12 KB 662ms
288ms Image
image/svg+xml 62.97.80.27
COLT COLT Technol...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aqualiayods6.com/CA/TRACKING/img/logo.svg
Requested by: Host: aqualiayods6.com
URL: https://aqualiayods6.com/CA/TRACKING/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 62.97.80.27 Madrid, Spain, ASN8220 (COLT COLT Technology Services Group Limited, GB),
Reverse DNS: plesk17.cloudimagar.com
Software: nginx / PleskLin
Resource Hash: e467e89a41e68909313eef448847f3446650158fb5d046295fea70fd7d776b87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aqualiayods6.com/CA/TRACKING/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 19 Sep 2022 20:53:52 GMT
Last-Modified: Thu, 03 Jun 2021 19:04:36 GMT
Server: nginx
X-Powered-By: PleskLin
ETag: "60b927c4-3037"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12343

GET
H/1.1 200
OK logo.png
aqualiayods6.com/CA/TRACKING/img/ 18 KB
18 KB 810ms
379ms Image
image/png 62.97.80.27
COLT COLT Technol...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aqualiayods6.com/CA/TRACKING/img/logo.png
Requested by: Host: aqualiayods6.com
URL: https://aqualiayods6.com/CA/TRACKING/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 62.97.80.27 Madrid, Spain, ASN8220 (COLT COLT Technology Services Group Limited, GB),
Reverse DNS: plesk17.cloudimagar.com
Software: nginx / PleskLin
Resource Hash: 87455028a326735882cbfe69b67ac225493263627e4118743f63730619dffcbb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aqualiayods6.com/CA/TRACKING/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 19 Sep 2022 20:53:52 GMT
Last-Modified: Wed, 19 Jan 2022 20:00:46 GMT
Server: nginx
X-Powered-By: PleskLin
ETag: "61e86dee-47d5"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18389

GET search.svg
www.23323232.ca/cpc/assets/cpc/img/icons/ 0
0

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 85F6 43 KB
23 KB 122ms
44ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5GaEUAAAAAPOr96CP5TcLgJ47q6GMkl4qIbBF&co=aHR0cHM6Ly9zc28tb3N1LmNhbmFkYXBvc3QtcG9zdGVzY2FuYWRhLmNhOjQ0Mw..&hl=en&v=sG0iO6gHcGdWJzjJjW9AY49S&size=invisible&badge=inline&cb=bduv6gvy4bnn

Requested by

Host: aqualiayods6.com
URL: https://aqualiayods6.com/CA/TRACKING/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

32e3380de9eaf3b1ceb955bcbb241cfbdbb9af685720cc6b03aa56b882892390

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-T0ZbQjWbCEd3HrpgnoR78Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://aqualiayods6.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 23120
content-security-policy: script-src 'report-sample' 'nonce-T0ZbQjWbCEd3HrpgnoR78Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 19 Sep 2022 20:55:05 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 404 styles__ltr.css
www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/ Frame 85F6 0
0 203ms
154ms Stylesheet
text/html 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/styles__ltr.css
Requested by: Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5GaEUAAAAAPOr96CP5TcLgJ47q6GMkl4qIbBF&co=aHR0cHM6Ly9zc28tb3N1LmNhbmFkYXBvc3QtcG9zdGVzY2FuYWRhLmNhOjQ0Mw..&hl=en&v=sG0iO6gHcGdWJzjJjW9AY49S&size=invisible&badge=inline&cb=bduv6gvy4bnn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H2 404 recaptcha__en.js
www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/ Frame 85F6 0
0 110ms
62ms Script
text/html 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/recaptcha__en.js
Requested by: Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5GaEUAAAAAPOr96CP5TcLgJ47q6GMkl4qIbBF&co=aHR0cHM6Ly9zc28tb3N1LmNhbmFkYXBvc3QtcG9zdGVzY2FuYWRhLmNhOjQ0Mw..&hl=en&v=sG0iO6gHcGdWJzjJjW9AY49S&size=invisible&badge=inline&cb=bduv6gvy4bnn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H/1.1 200
OK downlogo.svg
aqualiayods6.com/CA/TRACKING/img/ 14 KB
14 KB 198ms
198ms Image
image/svg+xml 62.97.80.27
COLT COLT Technol...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aqualiayods6.com/CA/TRACKING/img/downlogo.svg
Requested by: Host: aqualiayods6.com
URL: https://aqualiayods6.com/CA/TRACKING/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 62.97.80.27 Madrid, Spain, ASN8220 (COLT COLT Technology Services Group Limited, GB),
Reverse DNS: plesk17.cloudimagar.com
Software: nginx / PleskLin
Resource Hash: 6a50626ef34e5da6014662089f0775c6187d23e5c22379da71203848eac50ee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aqualiayods6.com/CA/TRACKING/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 19 Sep 2022 20:53:53 GMT
Last-Modified: Thu, 03 Jun 2021 19:04:36 GMT
Server: nginx
X-Powered-By: PleskLin
ETag: "60b927c4-37b3"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14259

GET gov-canada-logo.svg
www.23323232.ca/cpc/assets/cpc/img/logos/ 0
0

GET SV_71iOFlig0vNugpn
evaluation.23323232-postescanada.ca/jfe/form/ Frame 0EAE 0
0

GET
H3

200

activityi;dc_pre=CMXL8OjeofoCFZShmgodVpcFmg;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BPage%20Name%5D;u3=%5BURL%5D;u4=%5BRef... Show response
9852050.fls.doubleclick.net/ Frame 8ADC
Redirect Chain

https://9852050.fls.doubleclick.net/activityi;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BPage%20Name%5D;u3=%5BURL%5D;u4=%5BR...
https://9852050.fls.doubleclick.net/activityi;dc_pre=CMXL8OjeofoCFZShmgodVpcFmg;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BP...

646 B
504 B

107ms
58ms

Document
text/html

142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9852050.fls.doubleclick.net/activityi;dc_pre=CMXL8OjeofoCFZShmgodVpcFmg;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BPage%20Name%5D;u3=%5BURL%5D;u4=%5BReferral%5D;u5=%5BLanguage%5D;u6=%5BJourney%20Step%5D;~oref=https%3A%2F%2Fsso-osu.23323232-postescanada.ca%2Fpfe-pap%2Fen%2Fregistration%2Fpersonal?

Requested by

Host: aqualiayods6.com
URL: https://aqualiayods6.com/CA/TRACKING/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

cafe /

Resource Hash

a54419e8069a646dbe9626444e02a32b7daa18555bc12e49e6ba9fbfdbe36488

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aqualiayods6.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 479
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Sep 2022 20:55:05 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Sep 2022 20:55:05 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://9852050.fls.doubleclick.net/activityi;dc_pre=CMXL8OjeofoCFZShmgodVpcFmg;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BPage%20Name%5D;u3=%5BURL%5D;u4=%5BReferral%5D;u5=%5BLanguage%5D;u6=%5BJourney%20Step%5D;~oref=https%3A%2F%2Fsso-osu.23323232-postescanada.ca%2Fpfe-pap%2Fen%2Fregistration%2Fpersonal?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK / Show response
aqualiayods6.com/CA/TRACKING/ Frame 315A 153 KB
153 KB 176ms
176ms Document
text/html 62.97.80.27
COLT COLT Technol...

General

Check archive.org

Show headers Download Go to

Full URL: https://aqualiayods6.com/CA/TRACKING/
Requested by: Host: aqualiayods6.com
URL: https://aqualiayods6.com/CA/TRACKING/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 62.97.80.27 Madrid, Spain, ASN8220 (COLT COLT Technology Services Group Limited, GB),
Reverse DNS: plesk17.cloudimagar.com
Software: nginx / PHP/7.3.19 PleskLin
Resource Hash: e8c86b3909b7b5d6286ce6805e64cb106bb6138646fe2498f056b5db76748c51

Request headers

Referer: https://aqualiayods6.com/CA/TRACKING/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Mon, 19 Sep 2022 20:53:53 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
X-Powered-By: PHP/7.3.19 PleskLin

GET
H2 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 7D59 7 KB
1 KB 34ms
33ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=sG0iO6gHcGdWJzjJjW9AY49S&k=6Lc5GaEUAAAAAPOr96CP5TcLgJ47q6GMkl4qIbBF&cb=atzvqwustmhr

Requested by

Host: aqualiayods6.com
URL: https://aqualiayods6.com/CA/TRACKING/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1cfd1a943b6799dd6cb33cacc124b6e084eb7720c25ce73bf0c2e9f8c56fda11

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Nq_z-GTMuFuJBcJwjZNYvg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://aqualiayods6.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1119
content-security-policy: script-src 'report-sample' 'nonce-Nq_z-GTMuFuJBcJwjZNYvg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 19 Sep 2022 20:55:05 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET gov-canada-logo.svg
www.23323232.ca/cpc/assets/cpc/img/logos/ 0
0

GET
H2 404 styles__ltr.css
www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/ Frame 7D59 0
0 97ms
96ms Stylesheet
text/html 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/styles__ltr.css
Requested by: Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=sG0iO6gHcGdWJzjJjW9AY49S&k=6Lc5GaEUAAAAAPOr96CP5TcLgJ47q6GMkl4qIbBF&cb=atzvqwustmhr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H2 404 recaptcha__en.js
www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/ Frame 7D59 0
0 136ms
135ms Script
text/html 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/recaptcha__en.js
Requested by: Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=sG0iO6gHcGdWJzjJjW9AY49S&k=6Lc5GaEUAAAAAPOr96CP5TcLgJ47q6GMkl4qIbBF&cb=atzvqwustmhr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H/1.1 200
OK foundation.css
aqualiayods6.com/CA/TRACKING/css/ Frame 315A 205 KB
206 KB 225ms
224ms Stylesheet
text/css 62.97.80.27
COLT COLT Technol...

General

Check archive.org

Show headers Download Go to

Full URL: https://aqualiayods6.com/CA/TRACKING/css/foundation.css?version=2104.04.2427
Requested by: Host: aqualiayods6.com
URL: https://aqualiayods6.com/CA/TRACKING/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 62.97.80.27 Madrid, Spain, ASN8220 (COLT COLT Technology Services Group Limited, GB),
Reverse DNS: plesk17.cloudimagar.com
Software: nginx / PleskLin
Resource Hash: 216da4960223c3fcc55a0fa7942b8c3ef1d21b7fb2143e7ec5e6cd32c13aa13f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aqualiayods6.com/CA/TRACKING/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 19 Sep 2022 20:53:53 GMT
Last-Modified: Thu, 03 Jun 2021 19:04:36 GMT
Server: nginx
X-Powered-By: PleskLin
ETag: "60b927c4-33543"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 210243

GET
H/1.1 200
OK cwc.css
aqualiayods6.com/CA/TRACKING/css/ Frame 315A 191 KB
192 KB 276ms
274ms Stylesheet
text/css 62.97.80.27
COLT COLT Technol...

General

Check archive.org

Show headers Download Go to

Full URL: https://aqualiayods6.com/CA/TRACKING/css/cwc.css
Requested by: Host: aqualiayods6.com
URL: https://aqualiayods6.com/CA/TRACKING/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 62.97.80.27 Madrid, Spain, ASN8220 (COLT COLT Technology Services Group Limited, GB),
Reverse DNS: plesk17.cloudimagar.com
Software: nginx / PleskLin
Resource Hash: a61def1cd61dedd0cccbcefcf32bf6e718434265d41fe7a16ab367fed074e57b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aqualiayods6.com/CA/TRACKING/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 19 Sep 2022 20:53:53 GMT
Last-Modified: Thu, 03 Jun 2021 19:04:34 GMT
Server: nginx
X-Powered-By: PleskLin
ETag: "60b927c2-2fdaf"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 196015

GET
H/1.1 200
OK styles.css
aqualiayods6.com/CA/TRACKING/css/ Frame 315A 32 KB
32 KB 198ms
198ms Stylesheet
text/css 62.97.80.27
COLT COLT Technol...

General

Check archive.org

Show headers Download Go to

Full URL: https://aqualiayods6.com/CA/TRACKING/css/styles.css?version=2104.04.2427
Requested by: Host: aqualiayods6.com
URL: https://aqualiayods6.com/CA/TRACKING/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 62.97.80.27 Madrid, Spain, ASN8220 (COLT COLT Technology Services Group Limited, GB),
Reverse DNS: plesk17.cloudimagar.com
Software: nginx / PleskLin
Resource Hash: 3282572fde87063e4842f0d7399f0af21c1daee8ddae0a82f6cb7b53b484932e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aqualiayods6.com/CA/TRACKING/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 19 Sep 2022 20:53:53 GMT
Last-Modified: Wed, 19 Jan 2022 20:13:52 GMT
Server: nginx
X-Powered-By: PleskLin
ETag: "61e87100-7e58"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 32344

GET
H/1.1 200
OK logo.svg
aqualiayods6.com/CA/TRACKING/img/ Frame 315A 12 KB
12 KB 182ms
72ms Image
image/svg+xml 62.97.80.27
COLT COLT Technol...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aqualiayods6.com/CA/TRACKING/img/logo.svg
Requested by: Host: aqualiayods6.com
URL: https://aqualiayods6.com/CA/TRACKING/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 62.97.80.27 Madrid, Spain, ASN8220 (COLT COLT Technology Services Group Limited, GB),
Reverse DNS: plesk17.cloudimagar.com
Software: nginx / PleskLin
Resource Hash: e467e89a41e68909313eef448847f3446650158fb5d046295fea70fd7d776b87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aqualiayods6.com/CA/TRACKING/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 19 Sep 2022 20:53:53 GMT
Last-Modified: Thu, 03 Jun 2021 19:04:36 GMT
Server: nginx
X-Powered-By: PleskLin
ETag: "60b927c4-3037"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12343

GET
H2 200 dc_pre=CMXL8OjeofoCFZShmgodVpcFmg;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BPage%20Name%5D;u3=%5BURL%5D;u4=%5BReferral%5D;u... Show response
adservice.google.com/ddm/fls/i/ Frame D736 645 B
947 B 111ms
59ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CMXL8OjeofoCFZShmgodVpcFmg;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BPage%20Name%5D;u3=%5BURL%5D;u4=%5BReferral%5D;u5=%5BLanguage%5D;u6=%5BJourney%20Step%5D;~oref=https%3A%2F%2Fsso-osu.23323232-postescanada.ca%2Fpfe-pap%2Fen%2Fregistration%2Fpersonal

Requested by

Host: 9852050.fls.doubleclick.net
URL: https://9852050.fls.doubleclick.net/activityi;dc_pre=CMXL8OjeofoCFZShmgodVpcFmg;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BPage%20Name%5D;u3=%5BURL%5D;u4=%5BReferral%5D;u5=%5BLanguage%5D;u6=%5BJourney%20Step%5D;~oref=https%3A%2F%2Fsso-osu.23323232-postescanada.ca%2Fpfe-pap%2Fen%2Fregistration%2Fpersonal?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53ed517227732e71a7ef9a6b8263c5c8742b96efc214c7893b1ea2577f54a79d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9852050.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 478
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Sep 2022 20:55:05 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK logo.png
aqualiayods6.com/CA/TRACKING/img/ Frame 315A 18 KB
18 KB 169ms
77ms Image
image/png 62.97.80.27
COLT COLT Technol...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aqualiayods6.com/CA/TRACKING/img/logo.png
Requested by: Host: aqualiayods6.com
URL: https://aqualiayods6.com/CA/TRACKING/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 62.97.80.27 Madrid, Spain, ASN8220 (COLT COLT Technology Services Group Limited, GB),
Reverse DNS: plesk17.cloudimagar.com
Software: nginx / PleskLin
Resource Hash: 87455028a326735882cbfe69b67ac225493263627e4118743f63730619dffcbb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aqualiayods6.com/CA/TRACKING/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 19 Sep 2022 20:53:53 GMT
Last-Modified: Wed, 19 Jan 2022 20:00:46 GMT
Server: nginx
X-Powered-By: PleskLin
ETag: "61e86dee-47d5"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18389

GET search.svg
www.23323232.ca/cpc/assets/cpc/img/icons/ Frame 315A 0
0

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 83ms
30ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700

Requested by

Host: aqualiayods6.com
URL: https://aqualiayods6.com/CA/TRACKING/css/cwc.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aqualiayods6.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 19:11:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 19 Sep 2022 20:55:05 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 19 Sep 2022 20:55:05 GMT

GET
H3

200

dc_pre=CMXL8OjeofoCFZShmgodVpcFmg;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BPage%20Name%5D;u3=%5BURL%5D;u4=%5BReferral%5D;u... Show response
9852050.fls.doubleclick.net/ddm/fls/r/ Frame F575
Redirect Chain

https://adservice.google.de/ddm/fls/i/dc_pre=CMXL8OjeofoCFZShmgodVpcFmg;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BPage%20Na...
https://9852050.fls.doubleclick.net/ddm/fls/r/dc_pre=CMXL8OjeofoCFZShmgodVpcFmg;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BP...

851 B
527 B

58ms
57ms

Document
text/html

142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9852050.fls.doubleclick.net/ddm/fls/r/dc_pre=CMXL8OjeofoCFZShmgodVpcFmg;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BPage%20Name%5D;u3=%5BURL%5D;u4=%5BReferral%5D;u5=%5BLanguage%5D;u6=%5BJourney%20Step%5D;~oref=https%3A%2F%2Fsso-osu.23323232-postescanada.ca%2Fpfe-pap%2Fen%2Fregistration%2Fpersonal

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CMXL8OjeofoCFZShmgodVpcFmg;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BPage%20Name%5D;u3=%5BURL%5D;u4=%5BReferral%5D;u5=%5BLanguage%5D;u6=%5BJourney%20Step%5D;~oref=https%3A%2F%2Fsso-osu.23323232-postescanada.ca%2Fpfe-pap%2Fen%2Fregistration%2Fpersonal

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

cafe /

Resource Hash

6042ad8c3bdcc3ab368872b5df39419ea249d06ff935990cd5d84e0318d3f091

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 502
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Sep 2022 20:55:05 GMT
expires: Mon, 19 Sep 2022 20:55:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Sep 2022 20:55:05 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://9852050.fls.doubleclick.net/ddm/fls/r/dc_pre=CMXL8OjeofoCFZShmgodVpcFmg;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BPage%20Name%5D;u3=%5BURL%5D;u4=%5BReferral%5D;u5=%5BLanguage%5D;u6=%5BJourney%20Step%5D;~oref=https%3A%2F%2Fsso-osu.23323232-postescanada.ca%2Fpfe-pap%2Fen%2Fregistration%2Fpersonal
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ Frame F575 45 KB
18 KB 155ms
93ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: 9852050.fls.doubleclick.net
URL: https://9852050.fls.doubleclick.net/ddm/fls/r/dc_pre=CMXL8OjeofoCFZShmgodVpcFmg;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BPage%20Name%5D;u3=%5BURL%5D;u4=%5BReferral%5D;u5=%5BLanguage%5D;u6=%5BJourney%20Step%5D;~oref=https%3A%2F%2Fsso-osu.23323232-postescanada.ca%2Fpfe-pap%2Fen%2Fregistration%2Fpersonal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

d7abb302c9c1e55633395bf3b82b4bed7d63804223437d9879fff049895ec72d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9852050.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 20:55:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17403
x-xss-protection: 0
server: cafe
etag: 17680024240845530123
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 19 Sep 2022 20:55:06 GMT

GET
H/1.1

200
OK

search.svg
www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/
Redirect Chain

https://www.canadapost.ca/cpc/assets/cpc/img/icons/search.svg
https://www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/search.svg

320 B
4 KB

644ms
474ms

Image
image/svg+xml

2a02:26f0:10e:3bc::1dc5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/search.svg

Requested by

Host: aqualiayods6.com
URL: https://aqualiayods6.com/CA/TRACKING/css/cwc.css

Protocol

HTTP/1.1

Server

2a02:26f0:10e:3bc::1dc5 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3228f4cd6fd28ef733c3d98079f3478b1c4cb3338dcd7b95658ba731b817e113

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aqualiayods6.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
content-security-policy-report-only: object-src 'none'; connect-src 'self' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.cpggpc.ca https://www.google-analytics.com https://siteintercept.qualtrics.com https://www.facebook.com https://sslstats.canadapost.ca https://*.wistia.com https://dpm.demdex.net https://csi.gstatic.com https://adservice.google.com https://*.googlesyndication.com https://*.g.doubleclick.net https://maps.googleapis.com https://vmss.boldchat.com https://www.linkedin.com https://canadapost.tt.omtrdc.net https://services.postcodeanywhere.co.uk https://embedwistia-a.akamaihd.net https://cdn.cookielaw.org https://geolocation.onetrust.com; font-src 'self' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://fonts.gstatic.com https://*.arcgis.com; form-action 'self' https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.canadapost.ca https://*.epost.ca https://www.facebook.com https://google.com; frame-ancestors 'self' https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.canadapost.ca; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.epost.ca https://*.cpggpc.ca https://www.adobetag.com https://assets.adobedtm.com https://siteintercept.qualtrics.com https://zn0xleir6swszany9-canadapostdigital.siteintercept.qualtrics.com https://connect.facebook.net https://snap.licdn.com https://z.moatads.com https://static.ads-twitter.com https://www.googletagmanager.com https://www.google.com https://www.googletagservices.com https://*.google-analytics.com https://*.googleadservices.com https://www.gstatic.com https://*.googlesyndication.com https://adservice.google.com https://adservice.google.ca https://maps.googleapis.com https://cdn.ampproject.org https://*.doubleclick.net https://*.twitter.com https://cdn.syndication.twimg.com https://dpm.demdex.net https://*.wistia.com https://*.frontlinesvc.com https://*.arcgis.com https://www.linkedin.com https://vmss.boldchat.com https://sb.scorecardresearch.com https://www.rnengage.com https://sjs.bizographics.com https://www.instagram.com https://secure.adnxs.com https://app.five9.com https://cdn.cookielaw.org; style-src 'self' 'unsafe-inline' https://*.frontlinesvc.com https://fonts.googleapis.com https://translate.googleapis.com https://*.twitter.com https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.epost.ca https://*.arcgis.com https://*.arcgisonline.com https://app.five9.com; report-uri https://www.canadapost-postescanada.ca/cwc/components/rs/csp-reports;
p3p: CP="NON CUR OTPi OUR NOR UNI"
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 218
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
Last-Modified: Mon, 05 Feb 2018 18:44:49 GMT
x-frame-options: SAMEORIGIN
Date: Mon, 19 Sep 2022 20:55:06 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=31536000; includeSubdomains; preload
Content-Type: image/svg+xml
Cache-Control: max-age=86400, private
ETag: "5a78a621-140"
Accept-Ranges: bytes
Expires: Mon, 25 Jul 2022 11:26:30 GMT

Redirect headers

Location: https://www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/search.svg
Date: Mon, 19 Sep 2022 20:55:06 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=31536000; includeSubdomains; preload

GET
H/1.1

200
OK

alert.svg
www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/global-alert/
Redirect Chain

https://www.canadapost.ca/cpc/assets/cpc/img/icons/global-alert/alert.svg
https://www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/global-alert/alert.svg

1007 B
4 KB

679ms
521ms

Image
image/svg+xml

2a02:26f0:10e:3bc::1dc5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/global-alert/alert.svg

Requested by

Host: aqualiayods6.com
URL: https://aqualiayods6.com/CA/TRACKING/css/cwc.css

Protocol

HTTP/1.1

Server

2a02:26f0:10e:3bc::1dc5 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e62e54914dbabecaaaa6b6ba4b605ec384be240d485555452e7e094a3c5d9b7c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aqualiayods6.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
content-security-policy-report-only: object-src 'none'; connect-src 'self' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.cpggpc.ca https://www.google-analytics.com https://siteintercept.qualtrics.com https://www.facebook.com https://sslstats.canadapost.ca https://*.wistia.com https://dpm.demdex.net https://csi.gstatic.com https://adservice.google.com https://*.googlesyndication.com https://*.g.doubleclick.net https://maps.googleapis.com https://vmss.boldchat.com https://www.linkedin.com https://canadapost.tt.omtrdc.net https://services.postcodeanywhere.co.uk https://embedwistia-a.akamaihd.net https://cdn.cookielaw.org https://geolocation.onetrust.com; font-src 'self' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://fonts.gstatic.com https://*.arcgis.com; form-action 'self' https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.canadapost.ca https://*.epost.ca https://www.facebook.com https://google.com; frame-ancestors 'self' https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.canadapost.ca; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.epost.ca https://*.cpggpc.ca https://www.adobetag.com https://assets.adobedtm.com https://siteintercept.qualtrics.com https://zn0xleir6swszany9-canadapostdigital.siteintercept.qualtrics.com https://connect.facebook.net https://snap.licdn.com https://z.moatads.com https://static.ads-twitter.com https://www.googletagmanager.com https://www.google.com https://www.googletagservices.com https://*.google-analytics.com https://*.googleadservices.com https://www.gstatic.com https://*.googlesyndication.com https://adservice.google.com https://adservice.google.ca https://maps.googleapis.com https://cdn.ampproject.org https://*.doubleclick.net https://*.twitter.com https://cdn.syndication.twimg.com https://dpm.demdex.net https://*.wistia.com https://*.frontlinesvc.com https://*.arcgis.com https://www.linkedin.com https://vmss.boldchat.com https://sb.scorecardresearch.com https://www.rnengage.com https://sjs.bizographics.com https://www.instagram.com https://secure.adnxs.com https://app.five9.com https://cdn.cookielaw.org; style-src 'self' 'unsafe-inline' https://*.frontlinesvc.com https://fonts.googleapis.com https://translate.googleapis.com https://*.twitter.com https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.epost.ca https://*.arcgis.com https://*.arcgisonline.com https://app.five9.com; report-uri https://www.canadapost-postescanada.ca/cwc/components/rs/csp-reports;
p3p: CP="NON CUR OTPi OUR NOR UNI"
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 455
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
Last-Modified: Fri, 26 Jan 2018 16:25:10 GMT
x-frame-options: SAMEORIGIN
Date: Mon, 19 Sep 2022 20:55:06 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=31536000; includeSubdomains; preload
Content-Type: image/svg+xml
Cache-Control: max-age=86400, private
ETag: "5a6b5666-3ef"
Accept-Ranges: bytes
Expires: Sat, 17 Sep 2022 10:41:04 GMT

Redirect headers

Location: https://www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/global-alert/alert.svg
Date: Mon, 19 Sep 2022 20:55:06 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=31536000; includeSubdomains; preload

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 98ms
50ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://aqualiayods6.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 11:47:17 GMT
x-content-type-options: nosniff
age: 32869
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Sep 2023 11:47:17 GMT

GET
H/1.1

200
OK

cancel.svg
www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/global-alert/
Redirect Chain

https://www.canadapost.ca/cpc/assets/cpc/img/icons/global-alert/cancel.svg
https://www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/global-alert/cancel.svg

817 B
4 KB

665ms
496ms

Image
image/svg+xml

2a02:26f0:10e:3bc::1dc5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/global-alert/cancel.svg

Requested by

Host: aqualiayods6.com
URL: https://aqualiayods6.com/CA/TRACKING/css/cwc.css

Protocol

HTTP/1.1

Server

2a02:26f0:10e:3bc::1dc5 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8608c8e2dcc2a14b5b21503077bf54d62a215a013a4eb7b80b09099d201a445e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aqualiayods6.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
content-security-policy-report-only: object-src 'none'; connect-src 'self' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.cpggpc.ca https://www.google-analytics.com https://siteintercept.qualtrics.com https://www.facebook.com https://sslstats.canadapost.ca https://*.wistia.com https://dpm.demdex.net https://csi.gstatic.com https://adservice.google.com https://*.googlesyndication.com https://*.g.doubleclick.net https://maps.googleapis.com https://vmss.boldchat.com https://www.linkedin.com https://canadapost.tt.omtrdc.net https://services.postcodeanywhere.co.uk https://embedwistia-a.akamaihd.net https://cdn.cookielaw.org https://geolocation.onetrust.com; font-src 'self' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://fonts.gstatic.com https://*.arcgis.com; form-action 'self' https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.canadapost.ca https://*.epost.ca https://www.facebook.com https://google.com; frame-ancestors 'self' https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.canadapost.ca; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.epost.ca https://*.cpggpc.ca https://www.adobetag.com https://assets.adobedtm.com https://siteintercept.qualtrics.com https://zn0xleir6swszany9-canadapostdigital.siteintercept.qualtrics.com https://connect.facebook.net https://snap.licdn.com https://z.moatads.com https://static.ads-twitter.com https://www.googletagmanager.com https://www.google.com https://www.googletagservices.com https://*.google-analytics.com https://*.googleadservices.com https://www.gstatic.com https://*.googlesyndication.com https://adservice.google.com https://adservice.google.ca https://maps.googleapis.com https://cdn.ampproject.org https://*.doubleclick.net https://*.twitter.com https://cdn.syndication.twimg.com https://dpm.demdex.net https://*.wistia.com https://*.frontlinesvc.com https://*.arcgis.com https://www.linkedin.com https://vmss.boldchat.com https://sb.scorecardresearch.com https://www.rnengage.com https://sjs.bizographics.com https://www.instagram.com https://secure.adnxs.com https://app.five9.com https://cdn.cookielaw.org; style-src 'self' 'unsafe-inline' https://*.frontlinesvc.com https://fonts.googleapis.com https://translate.googleapis.com https://*.twitter.com https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.epost.ca https://*.arcgis.com https://*.arcgisonline.com https://app.five9.com; report-uri https://www.canadapost-postescanada.ca/cwc/components/rs/csp-reports;
p3p: CP="NON CUR OTPi OUR NOR UNI"
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 377
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
Last-Modified: Fri, 26 Jan 2018 16:25:10 GMT
x-frame-options: SAMEORIGIN
Date: Mon, 19 Sep 2022 20:55:06 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=31536000; includeSubdomains; preload
Content-Type: image/svg+xml
Cache-Control: max-age=86400, private
ETag: "5a6b5666-331"
Accept-Ranges: bytes
Expires: Sat, 17 Sep 2022 16:40:42 GMT

Redirect headers

Location: https://www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/global-alert/cancel.svg
Date: Mon, 19 Sep 2022 20:55:06 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=31536000; includeSubdomains; preload

GET
H/1.1

200
OK

feedback.svg
www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/toolbar-cg/
Redirect Chain

https://www.canadapost.ca/cpc/assets/cpc/img/icons/toolbar-cg/feedback.svg
https://www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/toolbar-cg/feedback.svg

724 B
1 KB

241ms
73ms

Image
image/svg+xml

2a02:26f0:10e:3bc::1dc5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/toolbar-cg/feedback.svg

Requested by

Host: aqualiayods6.com
URL: https://aqualiayods6.com/CA/TRACKING/css/cwc.css

Protocol

HTTP/1.1

Server

2a02:26f0:10e:3bc::1dc5 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

acf56f4833ccd8789f66864deae46f9a6efb8625f15b9e5996a00e5634f094e1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aqualiayods6.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
p3p: CP="NON CUR OTPi OUR NOR UNI"
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 382
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
Last-Modified: Mon, 05 Feb 2018 18:45:12 GMT
x-frame-options: SAMEORIGIN
Date: Mon, 19 Sep 2022 20:55:06 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=31536000; includeSubdomains; preload
Content-Type: image/svg+xml
Cache-Control: max-age=86400, private
ETag: "5a78a638-2d4"
Accept-Ranges: bytes
Expires: Mon, 06 Jun 2022 13:09:32 GMT

Redirect headers

Location: https://www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/toolbar-cg/feedback.svg
Date: Mon, 19 Sep 2022 20:55:06 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=31536000; includeSubdomains; preload

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 63ms
22ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://aqualiayods6.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 08:01:51 GMT
x-content-type-options: nosniff
age: 391995
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Sep 2023 08:01:51 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 79ms
43ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://aqualiayods6.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 20:10:25 GMT
x-content-type-options: nosniff
age: 434681
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Sep 2023 20:10:25 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 10 KB
10 KB 61ms
28ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://aqualiayods6.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:04:26 GMT
x-content-type-options: nosniff
age: 93040
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9840
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 18 Sep 2023 19:04:26 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/674834224/ Frame F575 2 KB
1 KB 80ms
34ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/674834224/?random=1663620906088&cv=9&fst=1663620906088&num=1&npa=1&label=S1hGCOWN-eEBELDO5MEC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9852050.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCMXL8OjeofoCFZShmgodVpcFmg%3Bsrc%3D9852050%3Btype%3Doptim0%3Bcat%3Dperso0%3Bord%3D1374118205095%3Bgtm%3D2od5q1%3Bauiddc%3D1944792256.1620952204%3Bu1%3D%255BProduct%255D%3Bu2%3D%255BPage%2520Name%255D%3Bu3%3D%255BURL%255D%3Bu4%3D%255BReferral%255D%3Bu5%3D%255BLanguage%255D%3Bu6%3D%255BJourney%2520Step%255D%3B~oref%3Dhttps%253A%252F%252Fsso-osu.23323232-postescanada.ca%252Fpfe-pap%252Fen%252Fregistration%252Fpersonal&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

d50df3692382a422178e0b35d53c5440c0879bcc867f6b386ce76b7686665004

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9852050.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 20:55:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1356
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 7110 43 KB
22 KB 49ms
48ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: aqualiayods6.com
URL: https://aqualiayods6.com/CA/TRACKING/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

dca0c7fd0c33bf7db9ab2858bd6406abc5494313217be29b605f45d5821dafce

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-THiFJ8quqpeTL61hgEzJ5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://aqualiayods6.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22739
content-security-policy: script-src 'report-sample' 'nonce-THiFJ8quqpeTL61hgEzJ5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 19 Sep 2022 20:55:06 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2

200

/
www.google.de/pagead/1p-conversion/674834224/ Frame F575
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/674834224/?random=458375157&cv=9&fst=1663620906088&num=1&npa=1&label=S1hGCOWN-eEBELDO5MEC&guid=ON&resp=GooglemKTybQhCsO&eid=37560326...
https://www.google.com/pagead/1p-conversion/674834224/?random=458375157&cv=9&fst=1663620906088&num=1&npa=1&label=S1hGCOWN-eEBELDO5MEC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u...
https://www.google.de/pagead/1p-conversion/674834224/?random=458375157&cv=9&fst=1663620906088&num=1&npa=1&label=S1hGCOWN-eEBELDO5MEC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_...

42 B
548 B

96ms
42ms

Image
image/gif

2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/674834224/?random=458375157&cv=9&fst=1663620906088&num=1&npa=1&label=S1hGCOWN-eEBELDO5MEC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9852050.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCMXL8OjeofoCFZShmgodVpcFmg%3Bsrc%3D9852050%3Btype%3Doptim0%3Bcat%3Dperso0%3Bord%3D1374118205095%3Bgtm%3D2od5q1%3Bauiddc%3D1944792256.1620952204%3Bu1%3D%255BProduct%255D%3Bu2%3D%255BPage%2520Name%255D%3Bu3%3D%255BURL%255D%3Bu4%3D%255BReferral%255D%3Bu5%3D%255BLanguage%255D%3Bu6%3D%255BJourney%2520Step%255D%3B~oref%3Dhttps%253A%252F%252Fsso-osu.23323232-postescanada.ca%252Fpfe-pap%252Fen%252Fregistration%252Fpersonal&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=KtcoY-SiCZbImLAP65-piAQ&cid=CAQSKQCsnQUxhmHastpNptBYNayrJhKganAk5qLd_q9kZoyGzjfXJzsqe1cH&random=3502107907&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Requested by

Protocol

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9852050.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 20:55:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 19 Sep 2022 20:55:06 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/674834224/?random=458375157&cv=9&fst=1663620906088&num=1&npa=1&label=S1hGCOWN-eEBELDO5MEC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9852050.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCMXL8OjeofoCFZShmgodVpcFmg%3Bsrc%3D9852050%3Btype%3Doptim0%3Bcat%3Dperso0%3Bord%3D1374118205095%3Bgtm%3D2od5q1%3Bauiddc%3D1944792256.1620952204%3Bu1%3D%255BProduct%255D%3Bu2%3D%255BPage%2520Name%255D%3Bu3%3D%255BURL%255D%3Bu4%3D%255BReferral%255D%3Bu5%3D%255BLanguage%255D%3Bu6%3D%255BJourney%2520Step%255D%3B~oref%3Dhttps%253A%252F%252Fsso-osu.23323232-postescanada.ca%252Fpfe-pap%252Fen%252Fregistration%252Fpersonal&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=KtcoY-SiCZbImLAP65-piAQ&cid=CAQSKQCsnQUxhmHastpNptBYNayrJhKganAk5qLd_q9kZoyGzjfXJzsqe1cH&random=3502107907&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 404 styles__ltr.css
www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/ Frame 7110 0
0 63ms
62ms Stylesheet
text/html 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/styles__ltr.css
Requested by: Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5GaEUAAAAAPOr96CP5TcLgJ47q6GMkl4qIbBF&co=aHR0cHM6Ly9zc28tb3N1LmNhbmFkYXBvc3QtcG9zdGVzY2FuYWRhLmNhOjQ0Mw..&hl=en&v=sG0iO6gHcGdWJzjJjW9AY49S&size=invisible&badge=inline&cb=bduv6gvy4bnn
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 404 recaptcha__en.js
www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/ Frame 7110 0
0 37ms
36ms Script
text/html 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/recaptcha__en.js
Requested by: Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5GaEUAAAAAPOr96CP5TcLgJ47q6GMkl4qIbBF&co=aHR0cHM6Ly9zc28tb3N1LmNhbmFkYXBvc3QtcG9zdGVzY2FuYWRhLmNhOjQ0Mw..&hl=en&v=sG0iO6gHcGdWJzjJjW9AY49S&size=invisible&badge=inline&cb=bduv6gvy4bnn
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H/1.1 200
OK downlogo.svg
aqualiayods6.com/CA/TRACKING/img/ Frame 315A 14 KB
14 KB 133ms
132ms Image
image/svg+xml 62.97.80.27
COLT COLT Technol...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aqualiayods6.com/CA/TRACKING/img/downlogo.svg
Requested by: Host: aqualiayods6.com
URL: https://aqualiayods6.com/CA/TRACKING/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 62.97.80.27 Madrid, Spain, ASN8220 (COLT COLT Technology Services Group Limited, GB),
Reverse DNS: plesk17.cloudimagar.com
Software: nginx / PleskLin
Resource Hash: 6a50626ef34e5da6014662089f0775c6187d23e5c22379da71203848eac50ee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aqualiayods6.com/CA/TRACKING/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 19 Sep 2022 20:53:54 GMT
Last-Modified: Thu, 03 Jun 2021 19:04:36 GMT
Server: nginx
X-Powered-By: PleskLin
ETag: "60b927c4-37b3"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14259

GET gov-canada-logo.svg
www.23323232.ca/cpc/assets/cpc/img/logos/ Frame 315A 0
0

GET SV_71iOFlig0vNugpn
evaluation.23323232-postescanada.ca/jfe/form/ Frame 50A0 0
0

GET
H3

200

activityi;dc_pre=CIyaouneofoCFQHgGAodmm4EZA;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BPage%20Name%5D;u3=%5BURL%5D;u4=%5BRef... Show response
9852050.fls.doubleclick.net/ Frame 47EF
Redirect Chain

https://9852050.fls.doubleclick.net/activityi;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BPage%20Name%5D;u3=%5BURL%5D;u4=%5BR...
https://9852050.fls.doubleclick.net/activityi;dc_pre=CIyaouneofoCFQHgGAodmm4EZA;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BP...

1 KB
756 B

64ms
63ms

Document
text/html

142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9852050.fls.doubleclick.net/activityi;dc_pre=CIyaouneofoCFQHgGAodmm4EZA;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BPage%20Name%5D;u3=%5BURL%5D;u4=%5BReferral%5D;u5=%5BLanguage%5D;u6=%5BJourney%20Step%5D;~oref=https%3A%2F%2Fsso-osu.23323232-postescanada.ca%2Fpfe-pap%2Fen%2Fregistration%2Fpersonal?

Requested by

Host: aqualiayods6.com
URL: https://aqualiayods6.com/CA/TRACKING/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

cafe /

Resource Hash

dcf9eaf8c9caae5d9e14456186b00b41b9a00308ddb7c7841452cb1ee208dd3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aqualiayods6.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 733
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Sep 2022 20:55:06 GMT
expires: Mon, 19 Sep 2022 20:55:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Sep 2022 20:55:06 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://9852050.fls.doubleclick.net/activityi;dc_pre=CIyaouneofoCFQHgGAodmm4EZA;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BPage%20Name%5D;u3=%5BURL%5D;u4=%5BReferral%5D;u5=%5BLanguage%5D;u6=%5BJourney%20Step%5D;~oref=https%3A%2F%2Fsso-osu.23323232-postescanada.ca%2Fpfe-pap%2Fen%2Fregistration%2Fpersonal?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 01B4 7 KB
1 KB 34ms
33ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=sG0iO6gHcGdWJzjJjW9AY49S&k=6Lc5GaEUAAAAAPOr96CP5TcLgJ47q6GMkl4qIbBF&cb=atzvqwustmhr

Requested by

Host: aqualiayods6.com
URL: https://aqualiayods6.com/CA/TRACKING/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f9ef62937d61e26b814140bdea2333e56b29ee1893618b42e80c4c607cf38afe

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-masVp2fKJMkPt0Kc4PyVeQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://aqualiayods6.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1116
content-security-policy: script-src 'report-sample' 'nonce-masVp2fKJMkPt0Kc4PyVeQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 19 Sep 2022 20:55:06 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET gov-canada-logo.svg
www.23323232.ca/cpc/assets/cpc/img/logos/ Frame 315A 0
0

GET
H3 404 styles__ltr.css
www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/ Frame 01B4 0
0 62ms
61ms Stylesheet
text/html 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/styles__ltr.css
Requested by: Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=sG0iO6gHcGdWJzjJjW9AY49S&k=6Lc5GaEUAAAAAPOr96CP5TcLgJ47q6GMkl4qIbBF&cb=atzvqwustmhr
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 404 recaptcha__en.js
www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/ Frame 01B4 0
0 59ms
59ms Script
text/html 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/recaptcha__en.js
Requested by: Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=sG0iO6gHcGdWJzjJjW9AY49S&k=6Lc5GaEUAAAAAPOr96CP5TcLgJ47q6GMkl4qIbBF&cb=atzvqwustmhr
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 200 conversion.js Show response
www.googleadservices.com/pagead/ Frame 47EF 45 KB
17 KB 61ms
60ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: 9852050.fls.doubleclick.net
URL: https://9852050.fls.doubleclick.net/activityi;dc_pre=CIyaouneofoCFQHgGAodmm4EZA;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BPage%20Name%5D;u3=%5BURL%5D;u4=%5BReferral%5D;u5=%5BLanguage%5D;u6=%5BJourney%20Step%5D;~oref=https%3A%2F%2Fsso-osu.23323232-postescanada.ca%2Fpfe-pap%2Fen%2Fregistration%2Fpersonal?

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

d7abb302c9c1e55633395bf3b82b4bed7d63804223437d9879fff049895ec72d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9852050.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 20:55:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17403
x-xss-protection: 0
server: cafe
etag: 17680024240845530123
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 19 Sep 2022 20:55:06 GMT

GET
H3 200 dc_pre=CIyaouneofoCFQHgGAodmm4EZA;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=*;u1=%5BProduct%5D;u2=%5BPage%20Name%5D;u3=%5BURL%5D;u4=%5BReferral%5D;u5=%5BLanguage%5D;u6=...
adservice.google.com/ddm/fls/z/ Frame 47EF 42 B
63 B 99ms
57ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CIyaouneofoCFQHgGAodmm4EZA;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=*;u1=%5BProduct%5D;u2=%5BPage%20Name%5D;u3=%5BURL%5D;u4=%5BReferral%5D;u5=%5BLanguage%5D;u6=%5BJourney%20Step%5D;~oref=https%3A%2F%2Fsso-osu.23323232-postescanada.ca%2Fpfe-pap%2Fen%2Fregistration%2Fpersonal

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9852050.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 20:55:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/674834224/ Frame 47EF 2 KB
1 KB 35ms
35ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/674834224/?random=1663620906428&cv=9&fst=1663620906428&num=1&npa=1&label=S1hGCOWN-eEBELDO5MEC&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9852050.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCIyaouneofoCFQHgGAodmm4EZA%3Bsrc%3D9852050%3Btype%3Doptim0%3Bcat%3Dperso0%3Bord%3D1374118205095%3Bgtm%3D2od5q1%3Bauiddc%3D1944792256.1620952204%3Bu1%3D%255BProduct%255D%3Bu2%3D%255BPage%2520Name%255D%3Bu3%3D%255BURL%255D%3Bu4%3D%255BReferral%255D%3Bu5%3D%255BLanguage%255D%3Bu6%3D%255BJourney%2520Step%255D%3B~oref%3Dhttps%253A%252F%252Fsso-osu.23323232-postescanada.ca%252Fpfe-pap%252Fen%252Fregistration%252Fpersonal%3F&ref=https%3A%2F%2Faqualiayods6.com%2F&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

896d319e491e484d7c938286c2b3e84b5bb353d113c3fc4bd2116a872af0e90f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9852050.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 20:55:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1365
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/674834224/ Frame 47EF
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/674834224/?random=1754597948&cv=9&fst=1663620906428&num=1&npa=1&label=S1hGCOWN-eEBELDO5MEC&guid=ON&resp=GooglemKTybQhCsO&eid=3756032...
https://www.google.com/pagead/1p-conversion/674834224/?random=1754597948&cv=9&fst=1663620906428&num=1&npa=1&label=S1hGCOWN-eEBELDO5MEC&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&...
https://www.google.de/pagead/1p-conversion/674834224/?random=1754597948&cv=9&fst=1663620906428&num=1&npa=1&label=S1hGCOWN-eEBELDO5MEC&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u...

42 B
64 B

84ms
37ms

Image
image/gif

2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/674834224/?random=1754597948&cv=9&fst=1663620906428&num=1&npa=1&label=S1hGCOWN-eEBELDO5MEC&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9852050.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCIyaouneofoCFQHgGAodmm4EZA%3Bsrc%3D9852050%3Btype%3Doptim0%3Bcat%3Dperso0%3Bord%3D1374118205095%3Bgtm%3D2od5q1%3Bauiddc%3D1944792256.1620952204%3Bu1%3D%255BProduct%255D%3Bu2%3D%255BPage%2520Name%255D%3Bu3%3D%255BURL%255D%3Bu4%3D%255BReferral%255D%3Bu5%3D%255BLanguage%255D%3Bu6%3D%255BJourney%2520Step%255D%3B~oref%3Dhttps%253A%252F%252Fsso-osu.23323232-postescanada.ca%252Fpfe-pap%252Fen%252Fregistration%252Fpersonal%3F&ref=https%3A%2F%2Faqualiayods6.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=KtcoY-mLG_TMmweK4bDQCw&cid=CAQSKQCsnQUxE4bbTj5kHyeQhdEbaBvgBYuIjpzpd55L5TkNOF8Xvsyvqtaq&random=2540354309&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Requested by

Protocol

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9852050.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 20:55:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 19 Sep 2022 20:55:06 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/674834224/?random=1754597948&cv=9&fst=1663620906428&num=1&npa=1&label=S1hGCOWN-eEBELDO5MEC&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9852050.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCIyaouneofoCFQHgGAodmm4EZA%3Bsrc%3D9852050%3Btype%3Doptim0%3Bcat%3Dperso0%3Bord%3D1374118205095%3Bgtm%3D2od5q1%3Bauiddc%3D1944792256.1620952204%3Bu1%3D%255BProduct%255D%3Bu2%3D%255BPage%2520Name%255D%3Bu3%3D%255BURL%255D%3Bu4%3D%255BReferral%255D%3Bu5%3D%255BLanguage%255D%3Bu6%3D%255BJourney%2520Step%255D%3B~oref%3Dhttps%253A%252F%252Fsso-osu.23323232-postescanada.ca%252Fpfe-pap%252Fen%252Fregistration%252Fpersonal%3F&ref=https%3A%2F%2Faqualiayods6.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=KtcoY-mLG_TMmweK4bDQCw&cid=CAQSKQCsnQUxE4bbTj5kHyeQhdEbaBvgBYuIjpzpd55L5TkNOF8Xvsyvqtaq&random=2540354309&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 315A 8 KB
716 B 74ms
30ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700

Requested by

Host: aqualiayods6.com
URL: https://aqualiayods6.com/CA/TRACKING/css/cwc.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aqualiayods6.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 19:24:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 19 Sep 2022 20:55:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 19 Sep 2022 20:55:07 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.23323232.ca
URL: https://www.23323232.ca/cpc/assets/cpc/img/icons/search.svg

Domain: www.23323232.ca
URL: https://www.23323232.ca/cpc/assets/cpc/img/logos/gov-canada-logo.svg

Domain: evaluation.23323232-postescanada.ca
URL: https://evaluation.23323232-postescanada.ca/jfe/form/SV_71iOFlig0vNugpn?Q_CHL=si&Page=https%3A%2F%2Fsso-osu.23323232-postescanada.ca%2Fpfe-pap%2Fen%2Fregistration%2Fpersonal&Q_lang=EN&Q_CanScreenCapture=1

Domain: www.23323232.ca
URL: https://www.23323232.ca/cpc/assets/cpc/img/logos/gov-canada-logo.svg

Domain: www.23323232.ca
URL: https://www.23323232.ca/cpc/assets/cpc/img/icons/search.svg

Domain: www.23323232.ca
URL: https://www.23323232.ca/cpc/assets/cpc/img/logos/gov-canada-logo.svg

Domain: evaluation.23323232-postescanada.ca
URL: https://evaluation.23323232-postescanada.ca/jfe/form/SV_71iOFlig0vNugpn?Q_CHL=si&Page=https%3A%2F%2Fsso-osu.23323232-postescanada.ca%2Fpfe-pap%2Fen%2Fregistration%2Fpersonal&Q_lang=EN&Q_CanScreenCapture=1

Domain: www.23323232.ca
URL: https://www.23323232.ca/cpc/assets/cpc/img/logos/gov-canada-logo.svg

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Canada Post (Transportation)

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			aqualiayods6.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: uudb4pr50k7933tcqj25u0fk3h
			.doubleclick.net/	1970-01-20 15:28:36	Name: IDE Value: AHWqTUnVrATrWlaaGF8CddNkf44QgZj2rsrSoe53hgIhPSymZyHBK8Fy5fAsatdxqD0

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.23323232.ca/cpc/assets/cpc/img/icons/search.svg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://www.23323232.ca/cpc/assets/cpc/img/logos/gov-canada-logo.svg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://www.23323232.ca/cpc/assets/cpc/img/logos/gov-canada-logo.svg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/recaptcha__en.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/styles__ltr.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/styles__ltr.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/recaptcha__en.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.23323232.ca/cpc/assets/cpc/img/icons/search.svg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://www.23323232.ca/cpc/assets/cpc/img/logos/gov-canada-logo.svg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://www.23323232.ca/cpc/assets/cpc/img/logos/gov-canada-logo.svg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/recaptcha__en.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/styles__ltr.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/recaptcha__en.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/styles__ltr.css Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9852050.fls.doubleclick.net
adservice.google.com
adservice.google.de
aqualiayods6.com
evaluation.23323232-postescanada.ca
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
postaloffice38.click
www.23323232.ca
www.canadapost-postescanada.ca
www.canadapost.ca
www.google.com
www.google.de
www.googleadservices.com
www.gstatic.com
evaluation.23323232-postescanada.ca
www.23323232.ca
142.250.184.226
142.250.184.230
186.202.161.20
2a00:1450:4001:800::2002
2a00:1450:4001:800::2003
2a00:1450:4001:806::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:813::200a
2a00:1450:4001:828::2003
2a00:1450:4001:831::2004
2a02:26f0:10e:3bc::1dc5
62.97.80.27
1cfd1a943b6799dd6cb33cacc124b6e084eb7720c25ce73bf0c2e9f8c56fda11
216da4960223c3fcc55a0fa7942b8c3ef1d21b7fb2143e7ec5e6cd32c13aa13f
3228f4cd6fd28ef733c3d98079f3478b1c4cb3338dcd7b95658ba731b817e113
3282572fde87063e4842f0d7399f0af21c1daee8ddae0a82f6cb7b53b484932e
32e3380de9eaf3b1ceb955bcbb241cfbdbb9af685720cc6b03aa56b882892390
3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9
53ed517227732e71a7ef9a6b8263c5c8742b96efc214c7893b1ea2577f54a79d
6042ad8c3bdcc3ab368872b5df39419ea249d06ff935990cd5d84e0318d3f091
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
6a50626ef34e5da6014662089f0775c6187d23e5c22379da71203848eac50ee3
8608c8e2dcc2a14b5b21503077bf54d62a215a013a4eb7b80b09099d201a445e
87455028a326735882cbfe69b67ac225493263627e4118743f63730619dffcbb
896d319e491e484d7c938286c2b3e84b5bb353d113c3fc4bd2116a872af0e90f
a54419e8069a646dbe9626444e02a32b7daa18555bc12e49e6ba9fbfdbe36488
a61def1cd61dedd0cccbcefcf32bf6e718434265d41fe7a16ab367fed074e57b
acf56f4833ccd8789f66864deae46f9a6efb8625f15b9e5996a00e5634f094e1
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
d50df3692382a422178e0b35d53c5440c0879bcc867f6b386ce76b7686665004
d7abb302c9c1e55633395bf3b82b4bed7d63804223437d9879fff049895ec72d
dca0c7fd0c33bf7db9ab2858bd6406abc5494313217be29b605f45d5821dafce
dcf9eaf8c9caae5d9e14456186b00b41b9a00308ddb7c7841452cb1ee208dd3f
e467e89a41e68909313eef448847f3446650158fb5d046295fea70fd7d776b87
e62e54914dbabecaaaa6b6ba4b605ec384be240d485555452e7e094a3c5d9b7c
e8c86b3909b7b5d6286ce6805e64cb106bb6138646fe2498f056b5db76748c51
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f9ef62937d61e26b814140bdea2333e56b29ee1893618b42e80c4c607cf38afe

aqualiayods6.com Open in urlscan Pro 62.97.80.27 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

55 Requests

75 %HTTPS

69 %IPv6

12 Domains

16 Subdomains

11 IPs

5 Countries

1413 kBTransfer

1521 kBSize

2 Cookies

40 Outgoing links

Page URL History

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

aqualiayods6.com Open in urlscan Pro
62.97.80.27 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

75 %
HTTPS

69 %
IPv6

12
Domains

16
Subdomains

11
IPs

5
Countries

1413 kB
Transfer

1521 kB
Size

2
Cookies

55 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!