ca49635.click Open in urlscan Pro
82.223.110.57 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ca49635.click/e/TRACKING/
Submission: On April 28 via api (April 28th 2023, 6:06:53 am UTC) from DE — Scanned from ES

Summary HTTP 53 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 11 domains to perform 53 HTTP transactions. The main IP is 82.223.110.57, located in Spain and belongs to IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE. The main domain is ca49635.click.
TLS certificate: Issued by R3 on April 26th 2023. Valid for: 3 months.

This is the only time ca49635.click was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Canada Post (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
14	82.223.110.57 82.223.110.57	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
2 6	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
2 6	142.250.186.134 142.250.186.134	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
4 4	2a02:26f0:480... 2a02:26f0:480:38d::1dc5	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a02:26f0:480... 2a02:26f0:480:39d::1dc5	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 4	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
4	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
53	11

14 82.223.110.57 (Spain)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)

ca49635.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.134 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net

9852050.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:480:38d::1dc5 (Frankfurt am Main, Germany) 4 redirects

ASN20940 (AKAMAI-ASN1, NL)

www.canadapost.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:480:39d::1dc5 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.canadapost-postescanada.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.es	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.es	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	ca49635.click ca49635.click	200 KB
12	gstatic.com www.gstatic.com fonts.gstatic.com	57 KB
8	doubleclick.net 4 redirects 9852050.fls.doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 67	5 KB
8	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 16 adservice.google.com — Cisco Umbrella Rank: 130	61 KB
4	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 187	39 KB
4	google.es 2 redirects adservice.google.es — Cisco Umbrella Rank: 77404 www.google.es — Cisco Umbrella Rank: 15884	1 KB
4	canadapost-postescanada.ca www.canadapost-postescanada.ca — Cisco Umbrella Rank: 57682	13 KB
4	canadapost.ca 4 redirects www.canadapost.ca — Cisco Umbrella Rank: 61802	1 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 119	2 KB
0	23323232-postescanada.ca Failed evaluation.23323232-postescanada.ca Failed
0	23323232.ca Failed www.23323232.ca Failed
53	11

	Domain	Requested by
14	ca49635.click	ca49635.click
8	www.gstatic.com	www.google.com
6	9852050.fls.doubleclick.net	2 redirects ca49635.click adservice.google.com
6	www.google.com	2 redirects ca49635.click
4	www.googleadservices.com	9852050.fls.doubleclick.net www.googleadservices.com
4	www.canadapost-postescanada.ca	ca49635.click
4	www.canadapost.ca	4 redirects
4	fonts.gstatic.com	fonts.googleapis.com
2	www.google.es	9852050.fls.doubleclick.net
2	googleads.g.doubleclick.net	2 redirects
2	adservice.google.es	2 redirects
2	adservice.google.com	9852050.fls.doubleclick.net
2	fonts.googleapis.com	ca49635.click
0	evaluation.23323232-postescanada.ca Failed	ca49635.click
0	www.23323232.ca Failed	ca49635.click
53	15

This site contains links to these domains. Also see Links.

Domain
www.23323232.ca
www.facebook.com
twitter.com
www.instagram.com
www.linkedin.com
www.youtube.com
infopost.ca
mysite.23323232.ca
www.canada.ca

Subject Issuer	Validity	Valid
ca49635.click R3	`2023-04-26` - `2023-07-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://ca49635.click/e/TRACKING/
Frame ID: 9BF53B05E7B804BE407E2E092DC23927
Requests: 17 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5GaEUAAAAAPOr96CP5TcLgJ47q6GMkl4qIbBF&co=aHR0cHM6Ly9zc28tb3N1LmNhbmFkYXBvc3QtcG9zdGVzY2FuYWRhLmNhOjQ0Mw..&hl=en&v=sG0iO6gHcGdWJzjJjW9AY49S&size=invisible&badge=inline&cb=bduv6gvy4bnn
Frame ID: 0245F7A9D7605BC2239775D4CD375A81
Requests: 3 HTTP requests in this frame

Frame: https://evaluation.23323232-postescanada.ca/jfe/form/SV_71iOFlig0vNugpn?Q_CHL=si&Page=https%3A%2F%2Fsso-osu.23323232-postescanada.ca%2Fpfe-pap%2Fen%2Fregistration%2Fpersonal&Q_lang=EN&Q_CanScreenCapture=1
Frame ID: 465F92AAEBC34878A14C37629F730472
Requests: 1 HTTP requests in this frame

Frame: https://9852050.fls.doubleclick.net/activityi;dc_pre=CPf4rrr0y_4CFZuGsgodCFEOxg;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BPage%20Name%5D;u3=%5BURL%5D;u4=%5BReferral%5D;u5=%5BLanguage%5D;u6=%5BJourney%20Step%5D;~oref=https%3A%2F%2Fsso-osu.23323232-postescanada.ca%2Fpfe-pap%2Fen%2Fregistration%2Fpersonal
Frame ID: 43683EFDBE1A859755ABFF6A0C8434E1
Requests: 1 HTTP requests in this frame

Frame: https://ca49635.click/e/TRACKING/
Frame ID: ACC854192E7F6A7521E698C67BEED0AA
Requests: 10 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=sG0iO6gHcGdWJzjJjW9AY49S&k=6Lc5GaEUAAAAAPOr96CP5TcLgJ47q6GMkl4qIbBF&cb=atzvqwustmhr
Frame ID: 1D31F5BE15B3FC4CEDCFEC83CE7E8DDC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5GaEUAAAAAPOr96CP5TcLgJ47q6GMkl4qIbBF&co=aHR0cHM6Ly9zc28tb3N1LmNhbmFkYXBvc3QtcG9zdGVzY2FuYWRhLmNhOjQ0Mw..&hl=en&v=sG0iO6gHcGdWJzjJjW9AY49S&size=invisible&badge=inline&cb=bduv6gvy4bnn
Frame ID: E86C4428A8F5E80895AD5476A0AA9B28
Requests: 3 HTTP requests in this frame

Frame: https://evaluation.23323232-postescanada.ca/jfe/form/SV_71iOFlig0vNugpn?Q_CHL=si&Page=https%3A%2F%2Fsso-osu.23323232-postescanada.ca%2Fpfe-pap%2Fen%2Fregistration%2Fpersonal&Q_lang=EN&Q_CanScreenCapture=1
Frame ID: 6D838CAAEBF340812BA8F839991DA88A
Requests: 1 HTTP requests in this frame

Frame: https://9852050.fls.doubleclick.net/activityi;dc_pre=CIX5rrr0y_4CFQyesgodFCMOtw;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BPage%20Name%5D;u3=%5BURL%5D;u4=%5BReferral%5D;u5=%5BLanguage%5D;u6=%5BJourney%20Step%5D;~oref=https%3A%2F%2Fsso-osu.23323232-postescanada.ca%2Fpfe-pap%2Fen%2Fregistration%2Fpersonal
Frame ID: 5D6A476B12614EBBE5700283538AC4A8
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=sG0iO6gHcGdWJzjJjW9AY49S&k=6Lc5GaEUAAAAAPOr96CP5TcLgJ47q6GMkl4qIbBF&cb=atzvqwustmhr
Frame ID: D949EE775B5621678E54F8397B9C41F7
Requests: 3 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CPf4rrr0y_4CFZuGsgodCFEOxg;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BPage%20Name%5D;u3=%5BURL%5D;u4=%5BReferral%5D;u5=%5BLanguage%5D;u6=%5BJourney%20Step%5D;~oref=https%3A%2F%2Fsso-osu.23323232-postescanada.ca%2Fpfe-pap%2Fen%2Fregistration%2Fpersonal
Frame ID: 89FFC18DBE163279BC6640CDA8B7617E
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CIX5rrr0y_4CFQyesgodFCMOtw;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BPage%20Name%5D;u3=%5BURL%5D;u4=%5BReferral%5D;u5=%5BLanguage%5D;u6=%5BJourney%20Step%5D;~oref=https%3A%2F%2Fsso-osu.23323232-postescanada.ca%2Fpfe-pap%2Fen%2Fregistration%2Fpersonal
Frame ID: 27EBDA73535A68F254655346C72DF309
Requests: 1 HTTP requests in this frame

Frame: https://9852050.fls.doubleclick.net/ddm/fls/r/dc_pre=CPf4rrr0y_4CFZuGsgodCFEOxg;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BPage%20Name%5D;u3=%5BURL%5D;u4=%5BReferral%5D;u5=%5BLanguage%5D;u6=%5BJourney%20Step%5D;~oref=https%3A%2F%2Fsso-osu.23323232-postescanada.ca%2Fpfe-pap%2Fen%2Fregistration%2Fpersonal
Frame ID: 9DBA65B2BB3D342E2048042C604EA84E
Requests: 4 HTTP requests in this frame

Frame: https://9852050.fls.doubleclick.net/ddm/fls/r/dc_pre=CIX5rrr0y_4CFQyesgodFCMOtw;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BPage%20Name%5D;u3=%5BURL%5D;u4=%5BReferral%5D;u5=%5BLanguage%5D;u6=%5BJourney%20Step%5D;~oref=https%3A%2F%2Fsso-osu.23323232-postescanada.ca%2Fpfe-pap%2Fen%2Fregistration%2Fpersonal
Frame ID: FB98A9673B5825A661FE9FBFEEE6648B
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

InformationFacebookTwitterInstagramLinkedinYouTubeFacebookTwitterInstagramLinkedinYouTubeFacebookTwitterInstagramLinkedinYouTube

Detected technologies

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+foundation[^>"]+css

Page Statistics

53
Requests

79 %
HTTPS

75 %
IPv6

11
Domains

15
Subdomains

11
IPs

3
Countries

371 kB
Transfer

1346 kB
Size

2
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://www.23323232.ca/dash-tableau/en
Title: My account

Search URL Search Domain Scan URL

URL: https://www.facebook.com/23323232
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/23323232corp
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/23323232agram/?hl=en
Title: Instagram

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/company/canada-post?trk=company_name
Title: Linkedin

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/postes23323232
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.23323232.ca/web/en/pages/support/default.page
Title: Need help?

Search URL Search Domain Scan URL

URL: https://www.23323232.ca/web/en/pages/support/default.page#panel2-3
Title: Contact us

Search URL Search Domain Scan URL

URL: https://infopost.ca/
Title: I'm an employee

Search URL Search Domain Scan URL

URL: https://mysite.23323232.ca/saml2/idp/sso?saml2sp=https%3A%2F%2Fwww.successfactors.com%2FS000016952T1&RelayState=%2Fsf%2Fhome
Title: Talent Zone

Search URL Search Domain Scan URL

URL: https://www.23323232.ca/blogs/business
Title: Business Matters

Search URL Search Domain Scan URL

URL: https://www.23323232.ca/blogs/personal
Title: Canada Post Magazine

Search URL Search Domain Scan URL

URL: https://www.23323232.ca/web/en/kb/details.page?article=legal_terms_of_use&cattype=kb&cat=generalinquiries&subcat=generalinformation
Title: Legal

Search URL Search Domain Scan URL

URL: https://www.canada.ca/

Search URL Search Domain Scan URL

URL: https://www.23323232.ca/info/mc/personal/postalcode/fpc.jsf
Title: Look up a postal code

Search URL Search Domain Scan URL

URL: https://www.23323232.ca/track-reperage/en
Title: Track

Search URL Search Domain Scan URL

URL: https://www.23323232.ca/tools/pg/default-e.asp
Title: All postal guides

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://9852050.fls.doubleclick.net/activityi;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BPage%20Name%5D;u3=%5BURL%5D;u4=%5BReferral%5D;u5=%5BLanguage%5D;u6=%5BJourney%20Step%5D;~oref=https%3A%2F%2Fsso-osu.23323232-postescanada.ca%2Fpfe-pap%2Fen%2Fregistration%2Fpersonal HTTP 302
https://9852050.fls.doubleclick.net/activityi;dc_pre=CPf4rrr0y_4CFZuGsgodCFEOxg;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BPage%20Name%5D;u3=%5BURL%5D;u4=%5BReferral%5D;u5=%5BLanguage%5D;u6=%5BJourney%20Step%5D;~oref=https%3A%2F%2Fsso-osu.23323232-postescanada.ca%2Fpfe-pap%2Fen%2Fregistration%2Fpersonal

Request Chain 22

https://9852050.fls.doubleclick.net/activityi;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BPage%20Name%5D;u3=%5BURL%5D;u4=%5BReferral%5D;u5=%5BLanguage%5D;u6=%5BJourney%20Step%5D;~oref=https%3A%2F%2Fsso-osu.23323232-postescanada.ca%2Fpfe-pap%2Fen%2Fregistration%2Fpersonal HTTP 302
https://9852050.fls.doubleclick.net/activityi;dc_pre=CIX5rrr0y_4CFQyesgodFCMOtw;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BPage%20Name%5D;u3=%5BURL%5D;u4=%5BReferral%5D;u5=%5BLanguage%5D;u6=%5BJourney%20Step%5D;~oref=https%3A%2F%2Fsso-osu.23323232-postescanada.ca%2Fpfe-pap%2Fen%2Fregistration%2Fpersonal

Request Chain 33

https://www.canadapost.ca/cpc/assets/cpc/img/icons/search.svg HTTP 301
https://www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/search.svg

Request Chain 34

https://www.canadapost.ca/cpc/assets/cpc/img/icons/global-alert/alert.svg HTTP 301
https://www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/global-alert/alert.svg

Request Chain 36

https://www.canadapost.ca/cpc/assets/cpc/img/icons/global-alert/cancel.svg HTTP 301
https://www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/global-alert/cancel.svg

Request Chain 37

https://www.canadapost.ca/cpc/assets/cpc/img/icons/toolbar-cg/feedback.svg HTTP 301
https://www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/toolbar-cg/feedback.svg

Request Chain 44

https://adservice.google.es/ddm/fls/i/dc_pre=CPf4rrr0y_4CFZuGsgodCFEOxg;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BPage%20Name%5D;u3=%5BURL%5D;u4=%5BReferral%5D;u5=%5BLanguage%5D;u6=%5BJourney%20Step%5D;~oref=https%3A%2F%2Fsso-osu.23323232-postescanada.ca%2Fpfe-pap%2Fen%2Fregistration%2Fpersonal HTTP 302
https://9852050.fls.doubleclick.net/ddm/fls/r/dc_pre=CPf4rrr0y_4CFZuGsgodCFEOxg;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BPage%20Name%5D;u3=%5BURL%5D;u4=%5BReferral%5D;u5=%5BLanguage%5D;u6=%5BJourney%20Step%5D;~oref=https%3A%2F%2Fsso-osu.23323232-postescanada.ca%2Fpfe-pap%2Fen%2Fregistration%2Fpersonal

Request Chain 45

https://adservice.google.es/ddm/fls/i/dc_pre=CIX5rrr0y_4CFQyesgodFCMOtw;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BPage%20Name%5D;u3=%5BURL%5D;u4=%5BReferral%5D;u5=%5BLanguage%5D;u6=%5BJourney%20Step%5D;~oref=https%3A%2F%2Fsso-osu.23323232-postescanada.ca%2Fpfe-pap%2Fen%2Fregistration%2Fpersonal HTTP 302
https://9852050.fls.doubleclick.net/ddm/fls/r/dc_pre=CIX5rrr0y_4CFQyesgodFCMOtw;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BPage%20Name%5D;u3=%5BURL%5D;u4=%5BReferral%5D;u5=%5BLanguage%5D;u6=%5BJourney%20Step%5D;~oref=https%3A%2F%2Fsso-osu.23323232-postescanada.ca%2Fpfe-pap%2Fen%2Fregistration%2Fpersonal

Request Chain 50

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/674834224/?random=1939782570&cv=9&fst=1682662009458&num=1&npa=1&label=S1hGCOWN-eEBELDO5MEC&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9852050.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCIX5rrr0y_4CFQyesgodFCMOtw%3Bsrc%3D9852050%3Btype%3Doptim0%3Bcat%3Dperso0%3Bord%3D1374118205095%3Bgtm%3D2od5q1%3Bauiddc%3D1944792256.1620952204%3Bu1%3D%255BProduct%255D%3Bu2%3D%255BPage%2520Name%255D%3Bu3%3D%255BURL%255D%3Bu4%3D%255BReferral%255D%3Bu5%3D%255BLanguage%255D%3Bu6%3D%255BJourney%2520Step%255D%3B~oref%3Dhttps%253A%252F%252Fsso-osu.23323232-postescanada.ca%252Fpfe-pap%252Fen%252Fregistration%252Fpersonal&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=eWJLZMGmHtHQ7_UP29ySiAQ&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/674834224/?random=1939782570&cv=9&fst=1682662009458&num=1&npa=1&label=S1hGCOWN-eEBELDO5MEC&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9852050.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCIX5rrr0y_4CFQyesgodFCMOtw%3Bsrc%3D9852050%3Btype%3Doptim0%3Bcat%3Dperso0%3Bord%3D1374118205095%3Bgtm%3D2od5q1%3Bauiddc%3D1944792256.1620952204%3Bu1%3D%255BProduct%255D%3Bu2%3D%255BPage%2520Name%255D%3Bu3%3D%255BURL%255D%3Bu4%3D%255BReferral%255D%3Bu5%3D%255BLanguage%255D%3Bu6%3D%255BJourney%2520Step%255D%3B~oref%3Dhttps%253A%252F%252Fsso-osu.23323232-postescanada.ca%252Fpfe-pap%252Fen%252Fregistration%252Fpersonal&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=eWJLZMGmHtHQ7_UP29ySiAQ&cid=CAQSKQBygQiDovZ7GO22Jr6pIZKjbVUvqLCcSBLOlYP8n5_BqGjZKRroyEBe&random=344728749&resp=GooglemKTybQhCsO HTTP 302
https://www.google.es/pagead/1p-conversion/674834224/?random=1939782570&cv=9&fst=1682662009458&num=1&npa=1&label=S1hGCOWN-eEBELDO5MEC&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9852050.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCIX5rrr0y_4CFQyesgodFCMOtw%3Bsrc%3D9852050%3Btype%3Doptim0%3Bcat%3Dperso0%3Bord%3D1374118205095%3Bgtm%3D2od5q1%3Bauiddc%3D1944792256.1620952204%3Bu1%3D%255BProduct%255D%3Bu2%3D%255BPage%2520Name%255D%3Bu3%3D%255BURL%255D%3Bu4%3D%255BReferral%255D%3Bu5%3D%255BLanguage%255D%3Bu6%3D%255BJourney%2520Step%255D%3B~oref%3Dhttps%253A%252F%252Fsso-osu.23323232-postescanada.ca%252Fpfe-pap%252Fen%252Fregistration%252Fpersonal&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=eWJLZMGmHtHQ7_UP29ySiAQ&cid=CAQSKQBygQiDovZ7GO22Jr6pIZKjbVUvqLCcSBLOlYP8n5_BqGjZKRroyEBe&random=344728749&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Request Chain 51

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/674834224/?random=1402107817&cv=9&fst=1682662009502&num=1&npa=1&label=S1hGCOWN-eEBELDO5MEC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9852050.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCPf4rrr0y_4CFZuGsgodCFEOxg%3Bsrc%3D9852050%3Btype%3Doptim0%3Bcat%3Dperso0%3Bord%3D1374118205095%3Bgtm%3D2od5q1%3Bauiddc%3D1944792256.1620952204%3Bu1%3D%255BProduct%255D%3Bu2%3D%255BPage%2520Name%255D%3Bu3%3D%255BURL%255D%3Bu4%3D%255BReferral%255D%3Bu5%3D%255BLanguage%255D%3Bu6%3D%255BJourney%2520Step%255D%3B~oref%3Dhttps%253A%252F%252Fsso-osu.23323232-postescanada.ca%252Fpfe-pap%252Fen%252Fregistration%252Fpersonal&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=eWJLZJzWIOG-9u8P3J26-Ao&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/674834224/?random=1402107817&cv=9&fst=1682662009502&num=1&npa=1&label=S1hGCOWN-eEBELDO5MEC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9852050.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCPf4rrr0y_4CFZuGsgodCFEOxg%3Bsrc%3D9852050%3Btype%3Doptim0%3Bcat%3Dperso0%3Bord%3D1374118205095%3Bgtm%3D2od5q1%3Bauiddc%3D1944792256.1620952204%3Bu1%3D%255BProduct%255D%3Bu2%3D%255BPage%2520Name%255D%3Bu3%3D%255BURL%255D%3Bu4%3D%255BReferral%255D%3Bu5%3D%255BLanguage%255D%3Bu6%3D%255BJourney%2520Step%255D%3B~oref%3Dhttps%253A%252F%252Fsso-osu.23323232-postescanada.ca%252Fpfe-pap%252Fen%252Fregistration%252Fpersonal&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=eWJLZJzWIOG-9u8P3J26-Ao&cid=CAQSKQBygQiD2o5_WF2BiortmLUS-gkHVmf2-6bLbtCpMyqgTFD12n1b1oEg&random=2998505217&resp=GooglemKTybQhCsO HTTP 302
https://www.google.es/pagead/1p-conversion/674834224/?random=1402107817&cv=9&fst=1682662009502&num=1&npa=1&label=S1hGCOWN-eEBELDO5MEC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9852050.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCPf4rrr0y_4CFZuGsgodCFEOxg%3Bsrc%3D9852050%3Btype%3Doptim0%3Bcat%3Dperso0%3Bord%3D1374118205095%3Bgtm%3D2od5q1%3Bauiddc%3D1944792256.1620952204%3Bu1%3D%255BProduct%255D%3Bu2%3D%255BPage%2520Name%255D%3Bu3%3D%255BURL%255D%3Bu4%3D%255BReferral%255D%3Bu5%3D%255BLanguage%255D%3Bu6%3D%255BJourney%2520Step%255D%3B~oref%3Dhttps%253A%252F%252Fsso-osu.23323232-postescanada.ca%252Fpfe-pap%252Fen%252Fregistration%252Fpersonal&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=eWJLZJzWIOG-9u8P3J26-Ao&cid=CAQSKQBygQiD2o5_WF2BiortmLUS-gkHVmf2-6bLbtCpMyqgTFD12n1b1oEg&random=2998505217&resp=GooglemKTybQhCsO&ipr=y&prhg=0

53 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
ca49635.click/e/TRACKING/ 52 KB
12 KB 175ms
75ms Document
text/html 82.223.110.57
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ca49635.click/e/TRACKING/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 82.223.110.57 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx / PHP/7.4.33 PleskLin
Resource Hash: 184c2793c50d17ac0c802520d61225648885b5bf175ddc0fa0af7b0a1b5a86a8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 11635
content-type: text/html; charset=UTF-8
date: Fri, 28 Apr 2023 06:06:48 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/7.4.33 PleskLin

GET
H2 200 foundation.css
ca49635.click/e/TRACKING/css/ 205 KB
20 KB 60ms
59ms Stylesheet
text/css 82.223.110.57
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ca49635.click/e/TRACKING/css/foundation.css?version=2104.04.2427
Requested by: Host: ca49635.click
URL: https://ca49635.click/e/TRACKING/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 82.223.110.57 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 216da4960223c3fcc55a0fa7942b8c3ef1d21b7fb2143e7ec5e6cd32c13aa13f

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://ca49635.click/e/TRACKING/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:06:48 GMT
content-encoding: br
last-modified: Thu, 03 Jun 2021 20:04:36 GMT
server: nginx
etag: W/"60b935d4-33543"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 cwc.css
ca49635.click/e/TRACKING/css/ 191 KB
18 KB 97ms
96ms Stylesheet
text/css 82.223.110.57
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ca49635.click/e/TRACKING/css/cwc.css
Requested by: Host: ca49635.click
URL: https://ca49635.click/e/TRACKING/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 82.223.110.57 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: a61def1cd61dedd0cccbcefcf32bf6e718434265d41fe7a16ab367fed074e57b

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://ca49635.click/e/TRACKING/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:06:48 GMT
content-encoding: br
last-modified: Thu, 03 Jun 2021 20:04:34 GMT
server: nginx
etag: W/"60b935d2-2fdaf"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 styles.css
ca49635.click/e/TRACKING/css/ 32 KB
6 KB 52ms
52ms Stylesheet
text/css 82.223.110.57
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ca49635.click/e/TRACKING/css/styles.css?version=2104.04.2427
Requested by: Host: ca49635.click
URL: https://ca49635.click/e/TRACKING/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 82.223.110.57 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 3282572fde87063e4842f0d7399f0af21c1daee8ddae0a82f6cb7b53b484932e

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://ca49635.click/e/TRACKING/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:06:48 GMT
content-encoding: br
last-modified: Wed, 19 Jan 2022 21:13:52 GMT
server: nginx
etag: W/"61e87f10-7e58"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 logo.svg
ca49635.click/e/TRACKING/img/ 12 KB
12 KB 75ms
75ms Image
image/svg+xml 82.223.110.57
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ca49635.click/e/TRACKING/img/logo.svg
Requested by: Host: ca49635.click
URL: https://ca49635.click/e/TRACKING/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 82.223.110.57 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: e467e89a41e68909313eef448847f3446650158fb5d046295fea70fd7d776b87

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://ca49635.click/e/TRACKING/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:06:48 GMT
last-modified: Thu, 03 Jun 2021 20:04:36 GMT
server: nginx
etag: "60b935d4-3037"
x-powered-by: PleskLin
content-type: image/svg+xml
accept-ranges: bytes
content-length: 12343

GET
H2 200 logo.png
ca49635.click/e/TRACKING/img/ 18 KB
18 KB 76ms
75ms Image
image/png 82.223.110.57
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ca49635.click/e/TRACKING/img/logo.png
Requested by: Host: ca49635.click
URL: https://ca49635.click/e/TRACKING/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 82.223.110.57 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 87455028a326735882cbfe69b67ac225493263627e4118743f63730619dffcbb

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://ca49635.click/e/TRACKING/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:06:48 GMT
last-modified: Wed, 19 Jan 2022 21:00:46 GMT
server: nginx
etag: "61e87bfe-47d5"
x-powered-by: PleskLin
content-type: image/png
accept-ranges: bytes
content-length: 18389

GET
H2 200 downlogo.svg
ca49635.click/e/TRACKING/img/ 14 KB
14 KB 105ms
105ms Image
image/svg+xml 82.223.110.57
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ca49635.click/e/TRACKING/img/downlogo.svg
Requested by: Host: ca49635.click
URL: https://ca49635.click/e/TRACKING/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 82.223.110.57 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 6a50626ef34e5da6014662089f0775c6187d23e5c22379da71203848eac50ee3

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://ca49635.click/e/TRACKING/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:06:48 GMT
last-modified: Thu, 03 Jun 2021 20:04:36 GMT
server: nginx
etag: "60b935d4-37b3"
x-powered-by: PleskLin
content-type: image/svg+xml
accept-ranges: bytes
content-length: 14259

GET gov-canada-logo.svg
www.23323232.ca/cpc/assets/cpc/img/logos/ 0
0

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 0245 50 KB
28 KB 226ms
104ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5GaEUAAAAAPOr96CP5TcLgJ47q6GMkl4qIbBF&co=aHR0cHM6Ly9zc28tb3N1LmNhbmFkYXBvc3QtcG9zdGVzY2FuYWRhLmNhOjQ0Mw..&hl=en&v=sG0iO6gHcGdWJzjJjW9AY49S&size=invisible&badge=inline&cb=bduv6gvy4bnn

Requested by

Host: ca49635.click
URL: https://ca49635.click/e/TRACKING/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

39342ff6661a6c9b0ee66d968bc21ddecc75f752b5112d0835c6d447c48da5b3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DQy_AfuxtBv88E2DVlgHsg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ca49635.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 27939
content-security-policy: script-src 'report-sample' 'nonce-DQy_AfuxtBv88E2DVlgHsg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 28 Apr 2023 06:06:48 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET SV_71iOFlig0vNugpn
evaluation.23323232-postescanada.ca/jfe/form/ Frame 465F 0
0

GET
H2

200

activityi;dc_pre=CPf4rrr0y_4CFZuGsgodCFEOxg;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BPage%20Name%5D;u3=%5BURL%5D;u4=%5BRef... Show response
9852050.fls.doubleclick.net/ Frame 4368
Redirect Chain

https://9852050.fls.doubleclick.net/activityi;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BPage%20Name%5D;u3=%5BURL%5D;u4=%5BR...
https://9852050.fls.doubleclick.net/activityi;dc_pre=CPf4rrr0y_4CFZuGsgodCFEOxg;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BP...

646 B
531 B

99ms
97ms

Document
text/html

142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9852050.fls.doubleclick.net/activityi;dc_pre=CPf4rrr0y_4CFZuGsgodCFEOxg;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BPage%20Name%5D;u3=%5BURL%5D;u4=%5BReferral%5D;u5=%5BLanguage%5D;u6=%5BJourney%20Step%5D;~oref=https%3A%2F%2Fsso-osu.23323232-postescanada.ca%2Fpfe-pap%2Fen%2Fregistration%2Fpersonal?

Requested by

Host: ca49635.click
URL: https://ca49635.click/e/TRACKING/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

cafe /

Resource Hash

c22ce9b3a3e5eaf3d949c2a197872368dca2081323de527311b57c15369b5e7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ca49635.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 355
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Apr 2023 06:06:48 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Apr 2023 06:06:48 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://9852050.fls.doubleclick.net/activityi;dc_pre=CPf4rrr0y_4CFZuGsgodCFEOxg;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BPage%20Name%5D;u3=%5BURL%5D;u4=%5BReferral%5D;u5=%5BLanguage%5D;u6=%5BJourney%20Step%5D;~oref=https%3A%2F%2Fsso-osu.23323232-postescanada.ca%2Fpfe-pap%2Fen%2Fregistration%2Fpersonal?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
ca49635.click/e/TRACKING/ Frame ACC8 52 KB
12 KB 75ms
74ms Document
text/html 82.223.110.57
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ca49635.click/e/TRACKING/
Requested by: Host: ca49635.click
URL: https://ca49635.click/e/TRACKING/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 82.223.110.57 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx / PHP/7.4.33 PleskLin
Resource Hash: 184c2793c50d17ac0c802520d61225648885b5bf175ddc0fa0af7b0a1b5a86a8

Request headers

Referer: https://ca49635.click/e/TRACKING/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 11635
content-type: text/html; charset=UTF-8
date: Fri, 28 Apr 2023 06:06:48 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/7.4.33 PleskLin

GET
H2 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 1D31 7 KB
2 KB 176ms
86ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=sG0iO6gHcGdWJzjJjW9AY49S&k=6Lc5GaEUAAAAAPOr96CP5TcLgJ47q6GMkl4qIbBF&cb=atzvqwustmhr

Requested by

Host: ca49635.click
URL: https://ca49635.click/e/TRACKING/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

414c504f2859b21de9702ccfa94241874e990ab2164dab3f15da79a2fe3c7033

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uphGgI_sa_socDdMCwcEJA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ca49635.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1145
content-security-policy: script-src 'report-sample' 'nonce-uphGgI_sa_socDdMCwcEJA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 28 Apr 2023 06:06:48 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 192ms
69ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700

Requested by

Host: ca49635.click
URL: https://ca49635.click/e/TRACKING/css/cwc.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

66c84fd2e855f7f8795d82db9f5aacc7b3752200f492850aac5cda6eddad7fd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://ca49635.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Apr 2023 06:06:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 28 Apr 2023 05:30:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Apr 2023 06:06:48 GMT

GET
H2 200 foundation.css
ca49635.click/e/TRACKING/css/ Frame ACC8 205 KB
20 KB 61ms
61ms Stylesheet
text/css 82.223.110.57
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ca49635.click/e/TRACKING/css/foundation.css?version=2104.04.2427
Requested by: Host: ca49635.click
URL: https://ca49635.click/e/TRACKING/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 82.223.110.57 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 216da4960223c3fcc55a0fa7942b8c3ef1d21b7fb2143e7ec5e6cd32c13aa13f

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://ca49635.click/e/TRACKING/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:06:48 GMT
content-encoding: br
last-modified: Thu, 03 Jun 2021 20:04:36 GMT
server: nginx
etag: W/"60b935d4-33543"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 cwc.css
ca49635.click/e/TRACKING/css/ Frame ACC8 191 KB
18 KB 67ms
66ms Stylesheet
text/css 82.223.110.57
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ca49635.click/e/TRACKING/css/cwc.css
Requested by: Host: ca49635.click
URL: https://ca49635.click/e/TRACKING/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 82.223.110.57 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: a61def1cd61dedd0cccbcefcf32bf6e718434265d41fe7a16ab367fed074e57b

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://ca49635.click/e/TRACKING/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:06:48 GMT
content-encoding: br
last-modified: Thu, 03 Jun 2021 20:04:34 GMT
server: nginx
etag: W/"60b935d2-2fdaf"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 styles.css
ca49635.click/e/TRACKING/css/ Frame ACC8 32 KB
6 KB 54ms
54ms Stylesheet
text/css 82.223.110.57
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ca49635.click/e/TRACKING/css/styles.css?version=2104.04.2427
Requested by: Host: ca49635.click
URL: https://ca49635.click/e/TRACKING/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 82.223.110.57 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 3282572fde87063e4842f0d7399f0af21c1daee8ddae0a82f6cb7b53b484932e

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://ca49635.click/e/TRACKING/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:06:48 GMT
content-encoding: br
last-modified: Wed, 19 Jan 2022 21:13:52 GMT
server: nginx
etag: W/"61e87f10-7e58"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 logo.svg
ca49635.click/e/TRACKING/img/ Frame ACC8 12 KB
12 KB 60ms
59ms Image
image/svg+xml 82.223.110.57
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ca49635.click/e/TRACKING/img/logo.svg
Requested by: Host: ca49635.click
URL: https://ca49635.click/e/TRACKING/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 82.223.110.57 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: e467e89a41e68909313eef448847f3446650158fb5d046295fea70fd7d776b87

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://ca49635.click/e/TRACKING/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:06:48 GMT
last-modified: Thu, 03 Jun 2021 20:04:36 GMT
server: nginx
etag: "60b935d4-3037"
x-powered-by: PleskLin
content-type: image/svg+xml
accept-ranges: bytes
content-length: 12343

GET
H2 200 logo.png
ca49635.click/e/TRACKING/img/ Frame ACC8 18 KB
18 KB 60ms
59ms Image
image/png 82.223.110.57
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ca49635.click/e/TRACKING/img/logo.png
Requested by: Host: ca49635.click
URL: https://ca49635.click/e/TRACKING/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 82.223.110.57 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 87455028a326735882cbfe69b67ac225493263627e4118743f63730619dffcbb

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://ca49635.click/e/TRACKING/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:06:48 GMT
last-modified: Wed, 19 Jan 2022 21:00:46 GMT
server: nginx
etag: "61e87bfe-47d5"
x-powered-by: PleskLin
content-type: image/png
accept-ranges: bytes
content-length: 18389

GET
H2 200 downlogo.svg
ca49635.click/e/TRACKING/img/ Frame ACC8 14 KB
14 KB 50ms
49ms Image
image/svg+xml 82.223.110.57
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ca49635.click/e/TRACKING/img/downlogo.svg
Requested by: Host: ca49635.click
URL: https://ca49635.click/e/TRACKING/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 82.223.110.57 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 6a50626ef34e5da6014662089f0775c6187d23e5c22379da71203848eac50ee3

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://ca49635.click/e/TRACKING/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:06:48 GMT
last-modified: Thu, 03 Jun 2021 20:04:36 GMT
server: nginx
etag: "60b935d4-37b3"
x-powered-by: PleskLin
content-type: image/svg+xml
accept-ranges: bytes
content-length: 14259

GET gov-canada-logo.svg
www.23323232.ca/cpc/assets/cpc/img/logos/ Frame ACC8 0
0

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame E86C 50 KB
27 KB 172ms
168ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: ca49635.click
URL: https://ca49635.click/e/TRACKING/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

34fa6609f94441ff41a0063fd36620f077b2231b25ed2af63b50cab67f62aadc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5kxyixDDMjr2p7tNNuNVLw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ca49635.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 27649
content-security-policy: script-src 'report-sample' 'nonce-5kxyixDDMjr2p7tNNuNVLw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 28 Apr 2023 06:06:48 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET SV_71iOFlig0vNugpn
evaluation.23323232-postescanada.ca/jfe/form/ Frame 6D83 0
0

GET
H2

200

activityi;dc_pre=CIX5rrr0y_4CFQyesgodFCMOtw;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BPage%20Name%5D;u3=%5BURL%5D;u4=%5BRef... Show response
9852050.fls.doubleclick.net/ Frame 5D6A
Redirect Chain

https://9852050.fls.doubleclick.net/activityi;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BPage%20Name%5D;u3=%5BURL%5D;u4=%5BR...
https://9852050.fls.doubleclick.net/activityi;dc_pre=CIX5rrr0y_4CFQyesgodFCMOtw;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BP...

646 B
529 B

100ms
98ms

Document
text/html

142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9852050.fls.doubleclick.net/activityi;dc_pre=CIX5rrr0y_4CFQyesgodFCMOtw;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BPage%20Name%5D;u3=%5BURL%5D;u4=%5BReferral%5D;u5=%5BLanguage%5D;u6=%5BJourney%20Step%5D;~oref=https%3A%2F%2Fsso-osu.23323232-postescanada.ca%2Fpfe-pap%2Fen%2Fregistration%2Fpersonal?

Requested by

Host: ca49635.click
URL: https://ca49635.click/e/TRACKING/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

cafe /

Resource Hash

ccb5779747a3e1f77431c37182cfa9d968051279d2748e011644c0d31e85f14c

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ca49635.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 356
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Apr 2023 06:06:48 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Apr 2023 06:06:48 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://9852050.fls.doubleclick.net/activityi;dc_pre=CIX5rrr0y_4CFQyesgodFCMOtw;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BPage%20Name%5D;u3=%5BURL%5D;u4=%5BReferral%5D;u5=%5BLanguage%5D;u6=%5BJourney%20Step%5D;~oref=https%3A%2F%2Fsso-osu.23323232-postescanada.ca%2Fpfe-pap%2Fen%2Fregistration%2Fpersonal?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 bframe Show response
www.google.com/recaptcha/api2/ Frame D949 7 KB
1 KB 86ms
86ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=sG0iO6gHcGdWJzjJjW9AY49S&k=6Lc5GaEUAAAAAPOr96CP5TcLgJ47q6GMkl4qIbBF&cb=atzvqwustmhr

Requested by

Host: ca49635.click
URL: https://ca49635.click/e/TRACKING/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8dc0e32f565fa87ae14baff1fe4adc70bcccc89ce41c93b7d6b78835bc95635d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-q8Xkvyis1OmC4tKiYzO2Gw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ca49635.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1145
content-security-policy: script-src 'report-sample' 'nonce-q8Xkvyis1OmC4tKiYzO2Gw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 28 Apr 2023 06:06:48 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET gov-canada-logo.svg
www.23323232.ca/cpc/assets/cpc/img/logos/ Frame ACC8 0
0

GET
H2 200 css
fonts.googleapis.com/ Frame ACC8 8 KB
812 B 93ms
78ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700

Requested by

Host: ca49635.click
URL: https://ca49635.click/e/TRACKING/css/cwc.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

66c84fd2e855f7f8795d82db9f5aacc7b3752200f492850aac5cda6eddad7fd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://ca49635.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Apr 2023 06:06:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 28 Apr 2023 05:39:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Apr 2023 06:06:48 GMT

GET
H2 404 styles__ltr.css
www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/ Frame 1D31 0
0 366ms
237ms Stylesheet
text/html 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/styles__ltr.css
Requested by: Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=sG0iO6gHcGdWJzjJjW9AY49S&k=6Lc5GaEUAAAAAPOr96CP5TcLgJ47q6GMkl4qIbBF&cb=atzvqwustmhr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H2 404 recaptcha__en.js
www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/ Frame 1D31 0
0 747ms
619ms Script
text/html 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/recaptcha__en.js
Requested by: Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=sG0iO6gHcGdWJzjJjW9AY49S&k=6Lc5GaEUAAAAAPOr96CP5TcLgJ47q6GMkl4qIbBF&cb=atzvqwustmhr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H2 404 styles__ltr.css
www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/ Frame D949 0
0 1204ms
1086ms Stylesheet
text/html 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/styles__ltr.css
Requested by: Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=sG0iO6gHcGdWJzjJjW9AY49S&k=6Lc5GaEUAAAAAPOr96CP5TcLgJ47q6GMkl4qIbBF&cb=atzvqwustmhr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H2 404 recaptcha__en.js
www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/ Frame D949 0
0 313ms
196ms Script
text/html 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/recaptcha__en.js
Requested by: Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=sG0iO6gHcGdWJzjJjW9AY49S&k=6Lc5GaEUAAAAAPOr96CP5TcLgJ47q6GMkl4qIbBF&cb=atzvqwustmhr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H2 404 styles__ltr.css
www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/ Frame 0245 0
0 778ms
669ms Stylesheet
text/html 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/styles__ltr.css
Requested by: Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5GaEUAAAAAPOr96CP5TcLgJ47q6GMkl4qIbBF&co=aHR0cHM6Ly9zc28tb3N1LmNhbmFkYXBvc3QtcG9zdGVzY2FuYWRhLmNhOjQ0Mw..&hl=en&v=sG0iO6gHcGdWJzjJjW9AY49S&size=invisible&badge=inline&cb=bduv6gvy4bnn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H2 404 recaptcha__en.js
www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/ Frame 0245 0
0 855ms
747ms Script
text/html 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/recaptcha__en.js
Requested by: Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5GaEUAAAAAPOr96CP5TcLgJ47q6GMkl4qIbBF&co=aHR0cHM6Ly9zc28tb3N1LmNhbmFkYXBvc3QtcG9zdGVzY2FuYWRhLmNhOjQ0Mw..&hl=en&v=sG0iO6gHcGdWJzjJjW9AY49S&size=invisible&badge=inline&cb=bduv6gvy4bnn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 189ms
60ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ca49635.click
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 06:10:15 GMT
x-content-type-options: nosniff
age: 518193
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 06:10:15 GMT

GET
H/1.1

200
OK

search.svg
www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/
Redirect Chain

https://www.canadapost.ca/cpc/assets/cpc/img/icons/search.svg
https://www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/search.svg

320 B
983 B

436ms
167ms

Image
image/svg+xml

2a02:26f0:480:39d::1dc5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/search.svg

Requested by

Host: ca49635.click
URL: https://ca49635.click/e/TRACKING/css/cwc.css

Protocol

HTTP/1.1

Server

2a02:26f0:480:39d::1dc5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3228f4cd6fd28ef733c3d98079f3478b1c4cb3338dcd7b95658ba731b817e113

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://ca49635.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
Date: Fri, 28 Apr 2023 06:06:49 GMT
Content-Encoding: gzip
x-permitted-cross-domain-policies: master-only
p3p: CP="NON CUR OTPi OUR NOR UNI"
Connection: keep-alive
Content-Length: 218
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
Last-Modified: Mon, 05 Feb 2018 18:44:49 GMT
ETag: "5a78a621-140"
x-frame-options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=86400, private
Accept-Ranges: bytes
Expires: Mon, 06 Jun 2022 19:05:20 GMT

Redirect headers

Location: https://www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/search.svg
Date: Fri, 28 Apr 2023 06:06:48 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

alert.svg
www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/global-alert/
Redirect Chain

https://www.canadapost.ca/cpc/assets/cpc/img/icons/global-alert/alert.svg
https://www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/global-alert/alert.svg

1007 B
4 KB

426ms
158ms

Image
image/svg+xml

2a02:26f0:480:39d::1dc5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/global-alert/alert.svg

Requested by

Host: ca49635.click
URL: https://ca49635.click/e/TRACKING/css/cwc.css

Protocol

HTTP/1.1

Server

2a02:26f0:480:39d::1dc5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e62e54914dbabecaaaa6b6ba4b605ec384be240d485555452e7e094a3c5d9b7c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://ca49635.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
Date: Fri, 28 Apr 2023 06:06:49 GMT
Content-Encoding: gzip
x-permitted-cross-domain-policies: master-only
content-security-policy-report-only: object-src 'none'; connect-src 'self' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.cpggpc.ca https://www.google-analytics.com https://siteintercept.qualtrics.com https://www.facebook.com https://sslstats.canadapost.ca https://*.wistia.com https://dpm.demdex.net https://csi.gstatic.com https://adservice.google.com https://*.googlesyndication.com https://*.g.doubleclick.net https://maps.googleapis.com https://vmss.boldchat.com https://www.linkedin.com https://canadapost.tt.omtrdc.net https://services.postcodeanywhere.co.uk https://embedwistia-a.akamaihd.net https://cdn.cookielaw.org https://geolocation.onetrust.com; font-src 'self' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://fonts.gstatic.com https://*.arcgis.com; form-action 'self' https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.canadapost.ca https://*.epost.ca https://www.facebook.com https://google.com; frame-ancestors 'self' https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.canadapost.ca; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.epost.ca https://*.cpggpc.ca https://www.adobetag.com https://assets.adobedtm.com https://siteintercept.qualtrics.com https://zn0xleir6swszany9-canadapostdigital.siteintercept.qualtrics.com https://connect.facebook.net https://snap.licdn.com https://z.moatads.com https://static.ads-twitter.com https://www.googletagmanager.com https://www.google.com https://www.googletagservices.com https://*.google-analytics.com https://*.googleadservices.com https://www.gstatic.com https://*.googlesyndication.com https://adservice.google.com https://adservice.google.ca https://maps.googleapis.com https://cdn.ampproject.org https://*.doubleclick.net https://*.twitter.com https://cdn.syndication.twimg.com https://dpm.demdex.net https://*.wistia.com https://*.frontlinesvc.com https://*.arcgis.com https://www.linkedin.com https://vmss.boldchat.com https://sb.scorecardresearch.com https://www.rnengage.com https://sjs.bizographics.com https://www.instagram.com https://secure.adnxs.com https://app.five9.com https://cdn.cookielaw.org; style-src 'self' 'unsafe-inline' https://*.frontlinesvc.com https://fonts.googleapis.com https://translate.googleapis.com https://*.twitter.com https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.epost.ca https://*.arcgis.com https://*.arcgisonline.com https://app.five9.com; report-uri https://www.canadapost-postescanada.ca/cwc/components/rs/csp-reports;
p3p: CP="NON CUR OTPi OUR NOR UNI"
Connection: keep-alive
Content-Length: 455
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
Last-Modified: Fri, 26 Jan 2018 16:25:10 GMT
ETag: "5a6b5666-3ef"
x-frame-options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=86400, private
Accept-Ranges: bytes
Expires: Tue, 20 Sep 2022 19:43:41 GMT

Redirect headers

Location: https://www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/global-alert/alert.svg
Date: Fri, 28 Apr 2023 06:06:48 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 201ms
74ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ca49635.click
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 06:07:20 GMT
x-content-type-options: nosniff
age: 518368
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 06:07:20 GMT

GET
H/1.1

200
OK

cancel.svg
www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/global-alert/
Redirect Chain

https://www.canadapost.ca/cpc/assets/cpc/img/icons/global-alert/cancel.svg
https://www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/global-alert/cancel.svg

817 B
4 KB

712ms
447ms

Image
image/svg+xml

2a02:26f0:480:39d::1dc5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/global-alert/cancel.svg

Requested by

Host: ca49635.click
URL: https://ca49635.click/e/TRACKING/css/cwc.css

Protocol

HTTP/1.1

Server

2a02:26f0:480:39d::1dc5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8608c8e2dcc2a14b5b21503077bf54d62a215a013a4eb7b80b09099d201a445e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://ca49635.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
Date: Fri, 28 Apr 2023 06:06:49 GMT
Content-Encoding: gzip
x-permitted-cross-domain-policies: master-only
content-security-policy-report-only: object-src 'none'; connect-src 'self' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.cpggpc.ca https://www.google-analytics.com https://siteintercept.qualtrics.com https://www.facebook.com https://sslstats.canadapost.ca https://*.wistia.com https://dpm.demdex.net https://csi.gstatic.com https://adservice.google.com https://*.googlesyndication.com https://*.g.doubleclick.net https://maps.googleapis.com https://vmss.boldchat.com https://www.linkedin.com https://canadapost.tt.omtrdc.net https://services.postcodeanywhere.co.uk https://embedwistia-a.akamaihd.net https://cdn.cookielaw.org https://geolocation.onetrust.com; font-src 'self' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://fonts.gstatic.com https://*.arcgis.com; form-action 'self' https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.canadapost.ca https://*.epost.ca https://www.facebook.com https://google.com; frame-ancestors 'self' https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.canadapost.ca; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.epost.ca https://*.cpggpc.ca https://www.adobetag.com https://assets.adobedtm.com https://siteintercept.qualtrics.com https://zn0xleir6swszany9-canadapostdigital.siteintercept.qualtrics.com https://connect.facebook.net https://snap.licdn.com https://z.moatads.com https://static.ads-twitter.com https://www.googletagmanager.com https://www.google.com https://www.googletagservices.com https://*.google-analytics.com https://*.googleadservices.com https://www.gstatic.com https://*.googlesyndication.com https://adservice.google.com https://adservice.google.ca https://maps.googleapis.com https://cdn.ampproject.org https://*.doubleclick.net https://*.twitter.com https://cdn.syndication.twimg.com https://dpm.demdex.net https://*.wistia.com https://*.frontlinesvc.com https://*.arcgis.com https://www.linkedin.com https://vmss.boldchat.com https://sb.scorecardresearch.com https://www.rnengage.com https://sjs.bizographics.com https://www.instagram.com https://secure.adnxs.com https://app.five9.com https://cdn.cookielaw.org; style-src 'self' 'unsafe-inline' https://*.frontlinesvc.com https://fonts.googleapis.com https://translate.googleapis.com https://*.twitter.com https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.epost.ca https://*.arcgis.com https://*.arcgisonline.com https://app.five9.com; report-uri https://www.canadapost-postescanada.ca/cwc/components/rs/csp-reports;
p3p: CP="NON CUR OTPi OUR NOR UNI"
Connection: keep-alive
Content-Length: 377
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
Last-Modified: Fri, 26 Jan 2018 16:25:10 GMT
ETag: "5a6b5666-331"
x-frame-options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=86400, private
Accept-Ranges: bytes
Expires: Thu, 06 Oct 2022 18:03:27 GMT

Redirect headers

Location: https://www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/global-alert/cancel.svg
Date: Fri, 28 Apr 2023 06:06:48 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

feedback.svg
www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/toolbar-cg/
Redirect Chain

https://www.canadapost.ca/cpc/assets/cpc/img/icons/toolbar-cg/feedback.svg
https://www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/toolbar-cg/feedback.svg

724 B
4 KB

426ms
159ms

Image
image/svg+xml

2a02:26f0:480:39d::1dc5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/toolbar-cg/feedback.svg

Requested by

Host: ca49635.click
URL: https://ca49635.click/e/TRACKING/css/cwc.css

Protocol

HTTP/1.1

Server

2a02:26f0:480:39d::1dc5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

acf56f4833ccd8789f66864deae46f9a6efb8625f15b9e5996a00e5634f094e1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://ca49635.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
Date: Fri, 28 Apr 2023 06:06:49 GMT
Content-Encoding: gzip
x-permitted-cross-domain-policies: master-only
content-security-policy-report-only: object-src 'none'; connect-src 'self' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.cpggpc.ca https://www.google-analytics.com https://siteintercept.qualtrics.com https://www.facebook.com https://sslstats.canadapost.ca https://*.wistia.com https://dpm.demdex.net https://csi.gstatic.com https://adservice.google.com https://*.googlesyndication.com https://*.g.doubleclick.net https://maps.googleapis.com https://vmss.boldchat.com https://www.linkedin.com https://canadapost.tt.omtrdc.net https://services.postcodeanywhere.co.uk https://embedwistia-a.akamaihd.net https://cdn.cookielaw.org https://geolocation.onetrust.com; font-src 'self' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://fonts.gstatic.com https://*.arcgis.com; form-action 'self' https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.canadapost.ca https://*.epost.ca https://www.facebook.com https://google.com; frame-ancestors 'self' https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.canadapost.ca; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.epost.ca https://*.cpggpc.ca https://www.adobetag.com https://assets.adobedtm.com https://siteintercept.qualtrics.com https://zn0xleir6swszany9-canadapostdigital.siteintercept.qualtrics.com https://connect.facebook.net https://snap.licdn.com https://z.moatads.com https://static.ads-twitter.com https://www.googletagmanager.com https://www.google.com https://www.googletagservices.com https://*.google-analytics.com https://*.googleadservices.com https://www.gstatic.com https://*.googlesyndication.com https://adservice.google.com https://adservice.google.ca https://maps.googleapis.com https://cdn.ampproject.org https://*.doubleclick.net https://*.twitter.com https://cdn.syndication.twimg.com https://dpm.demdex.net https://*.wistia.com https://*.frontlinesvc.com https://*.arcgis.com https://www.linkedin.com https://vmss.boldchat.com https://sb.scorecardresearch.com https://www.rnengage.com https://sjs.bizographics.com https://www.instagram.com https://secure.adnxs.com https://app.five9.com https://cdn.cookielaw.org; style-src 'self' 'unsafe-inline' https://*.frontlinesvc.com https://fonts.googleapis.com https://translate.googleapis.com https://*.twitter.com https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.epost.ca https://*.arcgis.com https://*.arcgisonline.com https://app.five9.com; report-uri https://www.canadapost-postescanada.ca/cwc/components/rs/csp-reports;
p3p: CP="NON CUR OTPi OUR NOR UNI"
Connection: keep-alive
Content-Length: 382
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
Last-Modified: Mon, 05 Feb 2018 18:45:12 GMT
ETag: "5a78a638-2d4"
x-frame-options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=86400, private
Accept-Ranges: bytes
Expires: Mon, 25 Jul 2022 17:33:51 GMT

Redirect headers

Location: https://www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/toolbar-cg/feedback.svg
Date: Fri, 28 Apr 2023 06:06:48 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 262ms
142ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ca49635.click
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 18:58:23 GMT
x-content-type-options: nosniff
age: 472105
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 18:58:23 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 10 KB
10 KB 245ms
127ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ca49635.click
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 22:14:00 GMT
x-content-type-options: nosniff
age: 460368
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9840
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 22:14:00 GMT

GET
H2 404 styles__ltr.css
www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/ Frame E86C 0
0 837ms
800ms Stylesheet
text/html 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/styles__ltr.css
Requested by: Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5GaEUAAAAAPOr96CP5TcLgJ47q6GMkl4qIbBF&co=aHR0cHM6Ly9zc28tb3N1LmNhbmFkYXBvc3QtcG9zdGVzY2FuYWRhLmNhOjQ0Mw..&hl=en&v=sG0iO6gHcGdWJzjJjW9AY49S&size=invisible&badge=inline&cb=bduv6gvy4bnn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H2 404 recaptcha__en.js
www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/ Frame E86C 0
0 1067ms
1030ms Script
text/html 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/recaptcha__en.js
Requested by: Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5GaEUAAAAAPOr96CP5TcLgJ47q6GMkl4qIbBF&co=aHR0cHM6Ly9zc28tb3N1LmNhbmFkYXBvc3QtcG9zdGVzY2FuYWRhLmNhOjQ0Mw..&hl=en&v=sG0iO6gHcGdWJzjJjW9AY49S&size=invisible&badge=inline&cb=bduv6gvy4bnn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H2 200 dc_pre=CPf4rrr0y_4CFZuGsgodCFEOxg;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BPage%20Name%5D;u3=%5BURL%5D;u4=%5BReferral%5D;u... Show response
adservice.google.com/ddm/fls/i/ Frame 89FF 645 B
729 B 221ms
98ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CPf4rrr0y_4CFZuGsgodCFEOxg;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BPage%20Name%5D;u3=%5BURL%5D;u4=%5BReferral%5D;u5=%5BLanguage%5D;u6=%5BJourney%20Step%5D;~oref=https%3A%2F%2Fsso-osu.23323232-postescanada.ca%2Fpfe-pap%2Fen%2Fregistration%2Fpersonal

Requested by

Host: 9852050.fls.doubleclick.net
URL: https://9852050.fls.doubleclick.net/activityi;dc_pre=CPf4rrr0y_4CFZuGsgodCFEOxg;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BPage%20Name%5D;u3=%5BURL%5D;u4=%5BReferral%5D;u5=%5BLanguage%5D;u6=%5BJourney%20Step%5D;~oref=https%3A%2F%2Fsso-osu.23323232-postescanada.ca%2Fpfe-pap%2Fen%2Fregistration%2Fpersonal?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2326977eb8049f3fc1811815fcf6e3ba7bebe40b006d9d410467e291181720d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9852050.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 354
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Apr 2023 06:06:48 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dc_pre=CIX5rrr0y_4CFQyesgodFCMOtw;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BPage%20Name%5D;u3=%5BURL%5D;u4=%5BReferral%5D;u... Show response
adservice.google.com/ddm/fls/i/ Frame 27EB 645 B
427 B 221ms
100ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CIX5rrr0y_4CFQyesgodFCMOtw;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BPage%20Name%5D;u3=%5BURL%5D;u4=%5BReferral%5D;u5=%5BLanguage%5D;u6=%5BJourney%20Step%5D;~oref=https%3A%2F%2Fsso-osu.23323232-postescanada.ca%2Fpfe-pap%2Fen%2Fregistration%2Fpersonal

Requested by

Host: 9852050.fls.doubleclick.net
URL: https://9852050.fls.doubleclick.net/activityi;dc_pre=CIX5rrr0y_4CFQyesgodFCMOtw;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BPage%20Name%5D;u3=%5BURL%5D;u4=%5BReferral%5D;u5=%5BLanguage%5D;u6=%5BJourney%20Step%5D;~oref=https%3A%2F%2Fsso-osu.23323232-postescanada.ca%2Fpfe-pap%2Fen%2Fregistration%2Fpersonal?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4cf349c48fe62fe395985d6c8f206d02dcaec8ba8a36ad96902edcd4fdbd3b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9852050.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 357
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Apr 2023 06:06:48 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

dc_pre=CPf4rrr0y_4CFZuGsgodCFEOxg;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BPage%20Name%5D;u3=%5BURL%5D;u4=%5BReferral%5D;u... Show response
9852050.fls.doubleclick.net/ddm/fls/r/ Frame 9DBA
Redirect Chain

https://adservice.google.es/ddm/fls/i/dc_pre=CPf4rrr0y_4CFZuGsgodCFEOxg;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BPage%20Na...
https://9852050.fls.doubleclick.net/ddm/fls/r/dc_pre=CPf4rrr0y_4CFZuGsgodCFEOxg;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BP...

851 B
356 B

100ms
100ms

Document
text/html

142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9852050.fls.doubleclick.net/ddm/fls/r/dc_pre=CPf4rrr0y_4CFZuGsgodCFEOxg;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BPage%20Name%5D;u3=%5BURL%5D;u4=%5BReferral%5D;u5=%5BLanguage%5D;u6=%5BJourney%20Step%5D;~oref=https%3A%2F%2Fsso-osu.23323232-postescanada.ca%2Fpfe-pap%2Fen%2Fregistration%2Fpersonal

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CPf4rrr0y_4CFZuGsgodCFEOxg;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BPage%20Name%5D;u3=%5BURL%5D;u4=%5BReferral%5D;u5=%5BLanguage%5D;u6=%5BJourney%20Step%5D;~oref=https%3A%2F%2Fsso-osu.23323232-postescanada.ca%2Fpfe-pap%2Fen%2Fregistration%2Fpersonal

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

cafe /

Resource Hash

6042ad8c3bdcc3ab368872b5df39419ea249d06ff935990cd5d84e0318d3f091

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 331
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Apr 2023 06:06:49 GMT
expires: Fri, 28 Apr 2023 06:06:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Apr 2023 06:06:49 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://9852050.fls.doubleclick.net/ddm/fls/r/dc_pre=CPf4rrr0y_4CFZuGsgodCFEOxg;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BPage%20Name%5D;u3=%5BURL%5D;u4=%5BReferral%5D;u5=%5BLanguage%5D;u6=%5BJourney%20Step%5D;~oref=https%3A%2F%2Fsso-osu.23323232-postescanada.ca%2Fpfe-pap%2Fen%2Fregistration%2Fpersonal
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

dc_pre=CIX5rrr0y_4CFQyesgodFCMOtw;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BPage%20Name%5D;u3=%5BURL%5D;u4=%5BReferral%5D;u... Show response
9852050.fls.doubleclick.net/ddm/fls/r/ Frame FB98
Redirect Chain

https://adservice.google.es/ddm/fls/i/dc_pre=CIX5rrr0y_4CFQyesgodFCMOtw;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BPage%20Na...
https://9852050.fls.doubleclick.net/ddm/fls/r/dc_pre=CIX5rrr0y_4CFQyesgodFCMOtw;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BP...

851 B
356 B

101ms
99ms

Document
text/html

142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9852050.fls.doubleclick.net/ddm/fls/r/dc_pre=CIX5rrr0y_4CFQyesgodFCMOtw;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BPage%20Name%5D;u3=%5BURL%5D;u4=%5BReferral%5D;u5=%5BLanguage%5D;u6=%5BJourney%20Step%5D;~oref=https%3A%2F%2Fsso-osu.23323232-postescanada.ca%2Fpfe-pap%2Fen%2Fregistration%2Fpersonal

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CIX5rrr0y_4CFQyesgodFCMOtw;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BPage%20Name%5D;u3=%5BURL%5D;u4=%5BReferral%5D;u5=%5BLanguage%5D;u6=%5BJourney%20Step%5D;~oref=https%3A%2F%2Fsso-osu.23323232-postescanada.ca%2Fpfe-pap%2Fen%2Fregistration%2Fpersonal

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

cafe /

Resource Hash

6042ad8c3bdcc3ab368872b5df39419ea249d06ff935990cd5d84e0318d3f091

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 331
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Apr 2023 06:06:49 GMT
expires: Fri, 28 Apr 2023 06:06:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Apr 2023 06:06:49 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://9852050.fls.doubleclick.net/ddm/fls/r/dc_pre=CIX5rrr0y_4CFQyesgodFCMOtw;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BPage%20Name%5D;u3=%5BURL%5D;u4=%5BReferral%5D;u5=%5BLanguage%5D;u6=%5BJourney%20Step%5D;~oref=https%3A%2F%2Fsso-osu.23323232-postescanada.ca%2Fpfe-pap%2Fen%2Fregistration%2Fpersonal
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ Frame FB98 48 KB
18 KB 259ms
128ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: 9852050.fls.doubleclick.net
URL: https://9852050.fls.doubleclick.net/ddm/fls/r/dc_pre=CIX5rrr0y_4CFQyesgodFCMOtw;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BPage%20Name%5D;u3=%5BURL%5D;u4=%5BReferral%5D;u5=%5BLanguage%5D;u6=%5BJourney%20Step%5D;~oref=https%3A%2F%2Fsso-osu.23323232-postescanada.ca%2Fpfe-pap%2Fen%2Fregistration%2Fpersonal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

4372aba02e49d4c17fd18aebec8c3d74cddaaed59a4c9fc81d192c46d6bc9f1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://9852050.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:06:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18092
x-xss-protection: 0
server: cafe
etag: 712763792371857225
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 28 Apr 2023 06:06:49 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ Frame 9DBA 48 KB
18 KB 302ms
177ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: 9852050.fls.doubleclick.net
URL: https://9852050.fls.doubleclick.net/ddm/fls/r/dc_pre=CPf4rrr0y_4CFZuGsgodCFEOxg;src=9852050;type=optim0;cat=perso0;ord=1374118205095;gtm=2od5q1;auiddc=1944792256.1620952204;u1=%5BProduct%5D;u2=%5BPage%20Name%5D;u3=%5BURL%5D;u4=%5BReferral%5D;u5=%5BLanguage%5D;u6=%5BJourney%20Step%5D;~oref=https%3A%2F%2Fsso-osu.23323232-postescanada.ca%2Fpfe-pap%2Fen%2Fregistration%2Fpersonal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

4372aba02e49d4c17fd18aebec8c3d74cddaaed59a4c9fc81d192c46d6bc9f1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://9852050.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:06:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18092
x-xss-protection: 0
server: cafe
etag: 712763792371857225
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 28 Apr 2023 06:06:49 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/674834224/ Frame FB98 3 KB
2 KB 71ms
69ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/674834224/?random=1682662009458&cv=9&fst=1682662009458&num=1&npa=1&label=S1hGCOWN-eEBELDO5MEC&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9852050.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCIX5rrr0y_4CFQyesgodFCMOtw%3Bsrc%3D9852050%3Btype%3Doptim0%3Bcat%3Dperso0%3Bord%3D1374118205095%3Bgtm%3D2od5q1%3Bauiddc%3D1944792256.1620952204%3Bu1%3D%255BProduct%255D%3Bu2%3D%255BPage%2520Name%255D%3Bu3%3D%255BURL%255D%3Bu4%3D%255BReferral%255D%3Bu5%3D%255BLanguage%255D%3Bu6%3D%255BJourney%2520Step%255D%3B~oref%3Dhttps%253A%252F%252Fsso-osu.23323232-postescanada.ca%252Fpfe-pap%252Fen%252Fregistration%252Fpersonal&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

6ac84f792c98211d9e91eefcde4f36dabd0f1dfd33aa7e9c08794a47f91436bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://9852050.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 06:06:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1622
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/674834224/ Frame 9DBA 3 KB
2 KB 69ms
69ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/674834224/?random=1682662009502&cv=9&fst=1682662009502&num=1&npa=1&label=S1hGCOWN-eEBELDO5MEC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9852050.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCPf4rrr0y_4CFZuGsgodCFEOxg%3Bsrc%3D9852050%3Btype%3Doptim0%3Bcat%3Dperso0%3Bord%3D1374118205095%3Bgtm%3D2od5q1%3Bauiddc%3D1944792256.1620952204%3Bu1%3D%255BProduct%255D%3Bu2%3D%255BPage%2520Name%255D%3Bu3%3D%255BURL%255D%3Bu4%3D%255BReferral%255D%3Bu5%3D%255BLanguage%255D%3Bu6%3D%255BJourney%2520Step%255D%3B~oref%3Dhttps%253A%252F%252Fsso-osu.23323232-postescanada.ca%252Fpfe-pap%252Fen%252Fregistration%252Fpersonal&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

f67e448c3c602207d5117ff7404164930e1f1dbe6d2a72d2d247fc8644a3834f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://9852050.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 06:06:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1622
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.es/pagead/1p-conversion/674834224/ Frame FB98
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/674834224/?random=1939782570&cv=9&fst=1682662009458&num=1&npa=1&label=S1hGCOWN-eEBELDO5MEC&guid=ON&resp=GooglemKTybQhCsO&eid=3756032...
https://www.google.com/pagead/1p-conversion/674834224/?random=1939782570&cv=9&fst=1682662009458&num=1&npa=1&label=S1hGCOWN-eEBELDO5MEC&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C5122...
https://www.google.es/pagead/1p-conversion/674834224/?random=1939782570&cv=9&fst=1682662009458&num=1&npa=1&label=S1hGCOWN-eEBELDO5MEC&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C51224...

42 B
455 B

232ms
88ms

Image
image/gif

2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.es/pagead/1p-conversion/674834224/?random=1939782570&cv=9&fst=1682662009458&num=1&npa=1&label=S1hGCOWN-eEBELDO5MEC&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9852050.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCIX5rrr0y_4CFQyesgodFCMOtw%3Bsrc%3D9852050%3Btype%3Doptim0%3Bcat%3Dperso0%3Bord%3D1374118205095%3Bgtm%3D2od5q1%3Bauiddc%3D1944792256.1620952204%3Bu1%3D%255BProduct%255D%3Bu2%3D%255BPage%2520Name%255D%3Bu3%3D%255BURL%255D%3Bu4%3D%255BReferral%255D%3Bu5%3D%255BLanguage%255D%3Bu6%3D%255BJourney%2520Step%255D%3B~oref%3Dhttps%253A%252F%252Fsso-osu.23323232-postescanada.ca%252Fpfe-pap%252Fen%252Fregistration%252Fpersonal&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=eWJLZMGmHtHQ7_UP29ySiAQ&cid=CAQSKQBygQiDovZ7GO22Jr6pIZKjbVUvqLCcSBLOlYP8n5_BqGjZKRroyEBe&random=344728749&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Requested by

Protocol

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://9852050.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 06:06:50 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 28 Apr 2023 06:06:49 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.es/pagead/1p-conversion/674834224/?random=1939782570&cv=9&fst=1682662009458&num=1&npa=1&label=S1hGCOWN-eEBELDO5MEC&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9852050.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCIX5rrr0y_4CFQyesgodFCMOtw%3Bsrc%3D9852050%3Btype%3Doptim0%3Bcat%3Dperso0%3Bord%3D1374118205095%3Bgtm%3D2od5q1%3Bauiddc%3D1944792256.1620952204%3Bu1%3D%255BProduct%255D%3Bu2%3D%255BPage%2520Name%255D%3Bu3%3D%255BURL%255D%3Bu4%3D%255BReferral%255D%3Bu5%3D%255BLanguage%255D%3Bu6%3D%255BJourney%2520Step%255D%3B~oref%3Dhttps%253A%252F%252Fsso-osu.23323232-postescanada.ca%252Fpfe-pap%252Fen%252Fregistration%252Fpersonal&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=eWJLZMGmHtHQ7_UP29ySiAQ&cid=CAQSKQBygQiDovZ7GO22Jr6pIZKjbVUvqLCcSBLOlYP8n5_BqGjZKRroyEBe&random=344728749&resp=GooglemKTybQhCsO&ipr=y&prhg=0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.es/pagead/1p-conversion/674834224/ Frame 9DBA
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/674834224/?random=1402107817&cv=9&fst=1682662009502&num=1&npa=1&label=S1hGCOWN-eEBELDO5MEC&guid=ON&resp=GooglemKTybQhCsO&eid=3756032...
https://www.google.com/pagead/1p-conversion/674834224/?random=1402107817&cv=9&fst=1682662009502&num=1&npa=1&label=S1hGCOWN-eEBELDO5MEC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C5122...
https://www.google.es/pagead/1p-conversion/674834224/?random=1402107817&cv=9&fst=1682662009502&num=1&npa=1&label=S1hGCOWN-eEBELDO5MEC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C51224...

42 B
108 B

237ms
92ms

Image
image/gif

2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.es/pagead/1p-conversion/674834224/?random=1402107817&cv=9&fst=1682662009502&num=1&npa=1&label=S1hGCOWN-eEBELDO5MEC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9852050.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCPf4rrr0y_4CFZuGsgodCFEOxg%3Bsrc%3D9852050%3Btype%3Doptim0%3Bcat%3Dperso0%3Bord%3D1374118205095%3Bgtm%3D2od5q1%3Bauiddc%3D1944792256.1620952204%3Bu1%3D%255BProduct%255D%3Bu2%3D%255BPage%2520Name%255D%3Bu3%3D%255BURL%255D%3Bu4%3D%255BReferral%255D%3Bu5%3D%255BLanguage%255D%3Bu6%3D%255BJourney%2520Step%255D%3B~oref%3Dhttps%253A%252F%252Fsso-osu.23323232-postescanada.ca%252Fpfe-pap%252Fen%252Fregistration%252Fpersonal&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=eWJLZJzWIOG-9u8P3J26-Ao&cid=CAQSKQBygQiD2o5_WF2BiortmLUS-gkHVmf2-6bLbtCpMyqgTFD12n1b1oEg&random=2998505217&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Requested by

Protocol

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://9852050.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Apr 2023 06:06:50 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 28 Apr 2023 06:06:49 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.es/pagead/1p-conversion/674834224/?random=1402107817&cv=9&fst=1682662009502&num=1&npa=1&label=S1hGCOWN-eEBELDO5MEC&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9852050.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCPf4rrr0y_4CFZuGsgodCFEOxg%3Bsrc%3D9852050%3Btype%3Doptim0%3Bcat%3Dperso0%3Bord%3D1374118205095%3Bgtm%3D2od5q1%3Bauiddc%3D1944792256.1620952204%3Bu1%3D%255BProduct%255D%3Bu2%3D%255BPage%2520Name%255D%3Bu3%3D%255BURL%255D%3Bu4%3D%255BReferral%255D%3Bu5%3D%255BLanguage%255D%3Bu6%3D%255BJourney%2520Step%255D%3B~oref%3Dhttps%253A%252F%252Fsso-osu.23323232-postescanada.ca%252Fpfe-pap%252Fen%252Fregistration%252Fpersonal&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=eWJLZJzWIOG-9u8P3J26-Ao&cid=CAQSKQBygQiD2o5_WF2BiortmLUS-gkHVmf2-6bLbtCpMyqgTFD12n1b1oEg&random=2998505217&resp=GooglemKTybQhCsO&ipr=y&prhg=0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.23323232.ca
URL: https://www.23323232.ca/cpc/assets/cpc/img/logos/gov-canada-logo.svg

Domain: evaluation.23323232-postescanada.ca
URL: https://evaluation.23323232-postescanada.ca/jfe/form/SV_71iOFlig0vNugpn?Q_CHL=si&Page=https%3A%2F%2Fsso-osu.23323232-postescanada.ca%2Fpfe-pap%2Fen%2Fregistration%2Fpersonal&Q_lang=EN&Q_CanScreenCapture=1

Domain: www.23323232.ca
URL: https://www.23323232.ca/cpc/assets/cpc/img/logos/gov-canada-logo.svg

Domain: evaluation.23323232-postescanada.ca
URL: https://evaluation.23323232-postescanada.ca/jfe/form/SV_71iOFlig0vNugpn?Q_CHL=si&Page=https%3A%2F%2Fsso-osu.23323232-postescanada.ca%2Fpfe-pap%2Fen%2Fregistration%2Fpersonal&Q_lang=EN&Q_CanScreenCapture=1

Domain: www.23323232.ca
URL: https://www.23323232.ca/cpc/assets/cpc/img/logos/gov-canada-logo.svg

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Canada Post (Transportation)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			ca49635.click/	1969-12-31 23:59:59	Name: PHPSESSID Value: igvdcstdrg6hb18re6jpoh2a9q
			.doubleclick.net/	1970-01-20 20:45:58	Name: IDE Value: AHWqTUk4wul23sfhNCu0g8Q6rqTyZA8UQq3GDgK47XPg0z1DmZfUfE1swbYyWFmQ73w

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.23323232.ca/cpc/assets/cpc/img/logos/gov-canada-logo.svg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://www.23323232.ca/cpc/assets/cpc/img/logos/gov-canada-logo.svg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://www.23323232.ca/cpc/assets/cpc/img/logos/gov-canada-logo.svg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/recaptcha__en.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/styles__ltr.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/recaptcha__en.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/styles__ltr.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/recaptcha__en.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/styles__ltr.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/recaptcha__en.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/styles__ltr.css Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9852050.fls.doubleclick.net
adservice.google.com
adservice.google.es
ca49635.click
evaluation.23323232-postescanada.ca
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
www.23323232.ca
www.canadapost-postescanada.ca
www.canadapost.ca
www.google.com
www.google.es
www.googleadservices.com
www.gstatic.com
evaluation.23323232-postescanada.ca
www.23323232.ca
142.250.185.66
142.250.186.134
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:80f::200a
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:82a::2003
2a02:26f0:480:38d::1dc5
2a02:26f0:480:39d::1dc5
82.223.110.57
184c2793c50d17ac0c802520d61225648885b5bf175ddc0fa0af7b0a1b5a86a8
216da4960223c3fcc55a0fa7942b8c3ef1d21b7fb2143e7ec5e6cd32c13aa13f
2326977eb8049f3fc1811815fcf6e3ba7bebe40b006d9d410467e291181720d8
3228f4cd6fd28ef733c3d98079f3478b1c4cb3338dcd7b95658ba731b817e113
3282572fde87063e4842f0d7399f0af21c1daee8ddae0a82f6cb7b53b484932e
34fa6609f94441ff41a0063fd36620f077b2231b25ed2af63b50cab67f62aadc
3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9
39342ff6661a6c9b0ee66d968bc21ddecc75f752b5112d0835c6d447c48da5b3
414c504f2859b21de9702ccfa94241874e990ab2164dab3f15da79a2fe3c7033
4372aba02e49d4c17fd18aebec8c3d74cddaaed59a4c9fc81d192c46d6bc9f1a
4cf349c48fe62fe395985d6c8f206d02dcaec8ba8a36ad96902edcd4fdbd3b26
6042ad8c3bdcc3ab368872b5df39419ea249d06ff935990cd5d84e0318d3f091
66c84fd2e855f7f8795d82db9f5aacc7b3752200f492850aac5cda6eddad7fd1
6a50626ef34e5da6014662089f0775c6187d23e5c22379da71203848eac50ee3
6ac84f792c98211d9e91eefcde4f36dabd0f1dfd33aa7e9c08794a47f91436bf
8608c8e2dcc2a14b5b21503077bf54d62a215a013a4eb7b80b09099d201a445e
87455028a326735882cbfe69b67ac225493263627e4118743f63730619dffcbb
8dc0e32f565fa87ae14baff1fe4adc70bcccc89ce41c93b7d6b78835bc95635d
a61def1cd61dedd0cccbcefcf32bf6e718434265d41fe7a16ab367fed074e57b
acf56f4833ccd8789f66864deae46f9a6efb8625f15b9e5996a00e5634f094e1
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
c22ce9b3a3e5eaf3d949c2a197872368dca2081323de527311b57c15369b5e7a
ccb5779747a3e1f77431c37182cfa9d968051279d2748e011644c0d31e85f14c
e467e89a41e68909313eef448847f3446650158fb5d046295fea70fd7d776b87
e62e54914dbabecaaaa6b6ba4b605ec384be240d485555452e7e094a3c5d9b7c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f67e448c3c602207d5117ff7404164930e1f1dbe6d2a72d2d247fc8644a3834f
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

ca49635.click Open in urlscan Pro 82.223.110.57 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

53 Requests

79 %HTTPS

75 %IPv6

11 Domains

15 Subdomains

11 IPs

3 Countries

371 kBTransfer

1346 kBSize

2 Cookies

17 Outgoing links

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ca49635.click Open in urlscan Pro
82.223.110.57 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

79 %
HTTPS

75 %
IPv6

11
Domains

15
Subdomains

11
IPs

3
Countries

371 kB
Transfer

1346 kB
Size

2
Cookies

53 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!