www.returned.tracking-ca612056212qb.online Open in urlscan Pro
198.20.70.139 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.returned.tracking-ca612056212qb.online/
Effective URL:
https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
Submission: On February 23 via automatic, source certstream-suspicious (February 23rd 2022, 3:43:48 pm UTC) — Scanned from DE

Summary HTTP 217 Redirects Links 292 Behaviour Indicators

Summary

This website contacted 23 IPs in 5 countries across 19 domains to perform 217 HTTP transactions. The main IP is 198.20.70.139, located in United States and belongs to SINGLEHOP-LLC, US. The main domain is www.returned.tracking-ca612056212qb.online.
TLS certificate: Issued by cPanel, Inc. Certification Authority on February 23rd 2022. Valid for: 3 months.

This is the only time www.returned.tracking-ca612056212qb.online was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Canada Post (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
1 92	198.20.70.139 198.20.70.139	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba0a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
3	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1 17	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
24	104.17.209.240 104.17.209.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1 3	34.240.134.29 34.240.134.29	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:fb:... 2a02:26f0:fb:59e::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 3	143.204.98.86 143.204.98.86	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1 19	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
2 2	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:22::14 2620:1ec:22::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.24 108.174.10.24	14413 (LINKEDIN) (LINKEDIN)
2	15.188.95.229 15.188.95.229	16509 (AMAZON-02) (AMAZON-02)
1 1	52.50.54.3 52.50.54.3	16509 (AMAZON-02) (AMAZON-02)
1	34.248.44.115 34.248.44.115	16509 (AMAZON-02) (AMAZON-02)
17	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
4	2a02:26f0:6c0... 2a02:26f0:6c00:28f::1dc5	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	52.31.233.74 52.31.233.74	16509 (AMAZON-02) (AMAZON-02)
8	74.125.133.155 74.125.133.155	15169 (GOOGLE) (GOOGLE)
10	104.111.224.53 104.111.224.53	16625 (AKAMAI-AS) (AKAMAI-AS)
217	23

92 198.20.70.139 (United States) 1 redirects

ASN32475 (SINGLEHOP-LLC, US)
PTR: phx26.stablehost.com

www.returned.tracking-ca612056212qb.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba0a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 104.17.209.240 (None, )

ASN13335 (CLOUDFLARENET, US)

siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zn0xleir6swszany9-canadapostdigital.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.240.134.29 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-134-29.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:fb:59e::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.98.86 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-86.fra50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:21::14 (United States) 2 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:22::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.24 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-24.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.188.95.229 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

sslstats.canadapost.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.50.54.3 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-54-3.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.248.44.115 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-44-115.eu-west-1.compute.amazonaws.com

canadapost.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:6c00:28f::1dc5 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.canadapost-postescanada.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.31.233.74 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-233-74.eu-west-1.compute.amazonaws.com

canadapost.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 74.125.133.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f155.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.111.224.53 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-224-53.deploy.static.akamaitechnologies.com

evaluation.canadapost-postescanada.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
92	tracking-ca612056212qb.online 1 redirects www.returned.tracking-ca612056212qb.online	7 MB
28	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 googleads.g.doubleclick.net — Cisco Umbrella Rank: 37 bid.g.doubleclick.net — Cisco Umbrella Rank: 448	263 KB
24	qualtrics.com siteintercept.qualtrics.com — Cisco Umbrella Rank: 1020 zn0xleir6swszany9-canadapostdigital.siteintercept.qualtrics.com — Cisco Umbrella Rank: 176034	106 KB
19	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	2 KB
17	google.de www.google.de — Cisco Umbrella Rank: 6342	2 KB
14	canadapost-postescanada.ca www.canadapost-postescanada.ca — Cisco Umbrella Rank: 93090 evaluation.canadapost-postescanada.ca — Cisco Umbrella Rank: 157214	359 KB
4	gstatic.com fonts.gstatic.com	63 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 439 www.linkedin.com — Cisco Umbrella Rank: 602 px4.ads.linkedin.com — Cisco Umbrella Rank: 5087	4 KB
4	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 187 canadapost.demdex.net — Cisco Umbrella Rank: 173591	6 KB
3	scorecardresearch.com b.scorecardresearch.com Failed sb.scorecardresearch.com — Cisco Umbrella Rank: 129	2 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	113 KB
2	canadapost.ca sslstats.canadapost.ca — Cisco Umbrella Rank: 150947	748 B
1	omtrdc.net canadapost.tt.omtrdc.net — Cisco Umbrella Rank: 162663	416 B
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 881	517 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	2 KB
1	adobedtm.com assetss.adobedtm.com Failed assets.adobedtm.com — Cisco Umbrella Rank: 505	28 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 146 Failed	28 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 830	2 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 99	15 KB
217	19

	Domain	Requested by
92	www.returned.tracking-ca612056212qb.online	1 redirects www.returned.tracking-ca612056212qb.online
21	siteintercept.qualtrics.com	www.returned.tracking-ca612056212qb.online siteintercept.qualtrics.com
19	www.google.com	1 redirects www.returned.tracking-ca612056212qb.online
17	www.google.de	www.returned.tracking-ca612056212qb.online
17	googleads.g.doubleclick.net	1 redirects www.returned.tracking-ca612056212qb.online www.googleadservices.com
10	evaluation.canadapost-postescanada.ca	evaluation.canadapost-postescanada.ca
8	bid.g.doubleclick.net	www.returned.tracking-ca612056212qb.online
4	fonts.gstatic.com	fonts.googleapis.com
4	www.canadapost-postescanada.ca	www.returned.tracking-ca612056212qb.online
3	zn0xleir6swszany9-canadapostdigital.siteintercept.qualtrics.com	www.returned.tracking-ca612056212qb.online
3	sb.scorecardresearch.com	1 redirects www.returned.tracking-ca612056212qb.online
3	dpm.demdex.net	1 redirects www.returned.tracking-ca612056212qb.online
3	securepubads.g.doubleclick.net	www.returned.tracking-ca612056212qb.online www.googletagservices.com
3	www.googletagmanager.com	www.returned.tracking-ca612056212qb.online www.googletagmanager.com
2	sslstats.canadapost.ca	www.returned.tracking-ca612056212qb.online
2	px.ads.linkedin.com	2 redirects
1	canadapost.demdex.net	www.returned.tracking-ca612056212qb.online
1	canadapost.tt.omtrdc.net	www.returned.tracking-ca612056212qb.online
1	cm.everesttech.net	1 redirects
1	px4.ads.linkedin.com	www.returned.tracking-ca612056212qb.online
1	www.linkedin.com	1 redirects
1	assets.adobedtm.com	www.returned.tracking-ca612056212qb.online
1	fonts.googleapis.com	www.returned.tracking-ca612056212qb.online
1	www.googletagservices.com	www.returned.tracking-ca612056212qb.online
1	snap.licdn.com	www.returned.tracking-ca612056212qb.online
1	www.googleadservices.com	www.returned.tracking-ca612056212qb.online
0	assetss.adobedtm.com Failed	www.returned.tracking-ca612056212qb.online
0	b.scorecardresearch.com Failed	www.returned.tracking-ca612056212qb.online
217	28

This site contains links to these domains. Also see Links.

Domain
www.canadapost-postescanada.ca
sso-osu.canadapost-postescanada.ca
jobs.canadapost.ca
itunes.apple.com
play.google.com
www.facebook.com
twitter.com
www.instagram.com
www.linkedin.com
www.youtube.com
evaluation.canadapost-postescanada.ca
infopost.ca
mysite.canadapost.ca
www.canada.ca

Subject Issuer	Validity	Valid
returned.tracking-ca612056212qb.online cPanel, Inc. Certification Authority	`2022-02-23` - `2022-05-24`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.qualtrics.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-24` - `2022-09-24`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-10` - `2022-09-10`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
sslstats.canadapost.ca DigiCert TLS RSA SHA256 2020 CA1	`2021-04-06` - `2022-05-07`	a year	crt.sh
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-11` - `2022-10-12`	a year	crt.sh
www.google.de GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
www.canadapost.ca GeoTrust RSA CA 2018	`2021-06-24` - `2022-06-28`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
akamaisecure7.qualtrics.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-20` - `2022-05-21`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
Frame ID: C6165FA7FA5D05CD4718ECDDAE63F158
Requests: 185 HTTP requests in this frame

Frame: https://canadapost.demdex.net/dest5.html?d_nsid=0
Frame ID: C779C2859C922E4EA07F941979D242E7
Requests: 1 HTTP requests in this frame

Frame: https://www.returned.tracking-ca612056212qb.online/restor/assetss/dest5.html
Frame ID: 092D948A54AE7AF9A96EC8EEC101EE4C
Requests: 1 HTTP requests in this frame

Frame: https://www.returned.tracking-ca612056212qb.online/restor/assetss/saved_resource.html
Frame ID: E1F7DB1605EC72931D454D6C56BCD2AF
Requests: 12 HTTP requests in this frame

Frame: https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Frame ID: A880B1A27AAB6BFA7BF174D298154ACE
Requests: 1 HTTP requests in this frame

Frame: https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Frame ID: 2FBDB6C97D97A366F1B5C843B61DA497
Requests: 1 HTTP requests in this frame

Frame: https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Frame ID: D724A3FD91838084A625B8675AEADB26
Requests: 1 HTTP requests in this frame

Frame: https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Frame ID: EE05FA204290E7DAF93E85A112EC2756
Requests: 1 HTTP requests in this frame

Frame: https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Frame ID: 79AECACF0AC58C5BCA40C80F7FFBD1B8
Requests: 1 HTTP requests in this frame

Frame: https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Frame ID: C45F0C43FF20CA6941C8DBF02A76E41E
Requests: 1 HTTP requests in this frame

Frame: https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Frame ID: 16E00E07A9EE2391C25375CBD3F0BCB8
Requests: 1 HTTP requests in this frame

Frame: https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Frame ID: 36EF51EACE3E499E8D2A0CB604941641
Requests: 1 HTTP requests in this frame

Frame: https://evaluation.canadapost-postescanada.ca/jfe/form/SV_71iOFlig0vNugpn?Q_CHL=si&Q_CanScreenCapture=1
Frame ID: 704298C84305246E6CEC4D55E80AC6E4
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Canada Post - Track a package by tracking numberFacebookTwitterInstagramLinkedinYouTubeFacebookTwitterInstagramLinkedinYouTubeFacebookTwitterInstagramLinkedinYouTube

Page URL History Show full URLs

https://www.returned.tracking-ca612056212qb.online/ HTTP 302
https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008 Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+foundation[^>"]+css

Prototype (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

217
Requests

95 %
HTTPS

48 %
IPv6

19
Domains

28
Subdomains

23
IPs

5
Countries

8591 kB
Transfer

11694 kB
Size

31
Cookies

292 Outgoing links

These are links going to different origins than the main page.

URL: https://www.canadapost-postescanada.ca/track-reperage/en#main-content
Title: Skip to Main Content

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/track-reperage/en
Title: Menu

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/personal.page
Title: Personal

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business.page
Title: Business

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/our-company.page
Title: Our company

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/store-boutique/en/home
Title: Store

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/tools.page
Title: Tools

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/track-reperage/undefined

Search URL Search Domain Scan URL

URL: https://sso-osu.canadapost-postescanada.ca/lfe-cap/en/forgot-username?&sourceUrl=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Ftrack-reperage%2Fen&targetUrl=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Ftrack-reperage%2Fen%3FforceVouchFor%3Dtrue&businessUrl=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fdash-tableau%2Fen%2F%3FforceVouchFor%3Dtrue?&templateId=cpcapps&language=en&manifestId=cpgSecurity&sourceUrl=file%3A%2F%2F%2FC%3A%2FUsers%2FArduino%2FDesktop%2Fcan%2Ftracking.html&targetUrl=file%3A%2F%2F%2FC%3A%2FUsers%2FArduino%2FDesktop%2Fcan%2Ftracking.html%3FforceVouchFor%3Dtrue&businessUrl=https%3A%2F%2Fwww.canadapost.ca%2Fdash-tableau%2Fen%2F%3FforceVouchFor%3Dtrue?&templateId=cpcapps&language=en&manifestId=cpgSecurity&sourceUrl=file%3A%2F%2F%2FC%3A%2FUsers%2FArduino%2FDesktop%2Fcan%2Ftracking.html&targetUrl=file%3A%2F%2F%2FC%3A%2FUsers%2FArduino%2FDesktop%2Fcan%2Ftracking.html%3FforceVouchFor%3Dtrue&businessUrl=https%3A%2F%2Fwww.canadapost.ca%2Fdash-tableau%2Fen%2F%3FforceVouchFor%3Dtrue?&templateId=cpcapps&language=en&manifestId=cpgSecurity&sourceUrl=https%3A%2F%2Fwww.returned.tracking-ca612056212qb.online%2Frestor%2Findex.php%3Fid%3D69363191008&targetUrl=https%3A%2F%2Fwww.returned.tracking-ca612056212qb.online%2Frestor%2Findex.php%3Fid%3D69363191008%26forceVouchFor%3Dtrue&businessUrl=https%3A%2F%2Fwww.canadapost.ca%2Fdash-tableau%2Fen%2F%3FforceVouchFor%3Dtrue
Title: Username?

Search URL Search Domain Scan URL

URL: https://sso-osu.canadapost-postescanada.ca/lfe-cap/en/forgot-password?&sourceUrl=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Ftrack-reperage%2Fen&targetUrl=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Ftrack-reperage%2Fen%3FforceVouchFor%3Dtrue&businessUrl=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fdash-tableau%2Fen%2F%3FforceVouchFor%3Dtrue?&templateId=cpcapps&language=en&manifestId=cpgSecurity&sourceUrl=file%3A%2F%2F%2FC%3A%2FUsers%2FArduino%2FDesktop%2Fcan%2Ftracking.html&targetUrl=file%3A%2F%2F%2FC%3A%2FUsers%2FArduino%2FDesktop%2Fcan%2Ftracking.html%3FforceVouchFor%3Dtrue&businessUrl=https%3A%2F%2Fwww.canadapost.ca%2Fdash-tableau%2Fen%2F%3FforceVouchFor%3Dtrue?&templateId=cpcapps&language=en&manifestId=cpgSecurity&sourceUrl=file%3A%2F%2F%2FC%3A%2FUsers%2FArduino%2FDesktop%2Fcan%2Ftracking.html&targetUrl=file%3A%2F%2F%2FC%3A%2FUsers%2FArduino%2FDesktop%2Fcan%2Ftracking.html%3FforceVouchFor%3Dtrue&businessUrl=https%3A%2F%2Fwww.canadapost.ca%2Fdash-tableau%2Fen%2F%3FforceVouchFor%3Dtrue?&templateId=cpcapps&language=en&manifestId=cpgSecurity&sourceUrl=https%3A%2F%2Fwww.returned.tracking-ca612056212qb.online%2Frestor%2Findex.php%3Fid%3D69363191008&targetUrl=https%3A%2F%2Fwww.returned.tracking-ca612056212qb.online%2Frestor%2Findex.php%3Fid%3D69363191008%26forceVouchFor%3Dtrue&businessUrl=https%3A%2F%2Fwww.canadapost.ca%2Fdash-tableau%2Fen%2F%3FforceVouchFor%3Dtrue
Title: Password?

Search URL Search Domain Scan URL

URL: https://sso-osu.canadapost-postescanada.ca/pfe-pap/en/registration?&sourceUrl=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Ftrack-reperage%2Fen&targetUrl=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Ftrack-reperage%2Fen%3FforceVouchFor%3Dtrue&businessUrl=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Fdash-tableau%2Fen%2F%3FforceVouchFor%3Dtrue?stepupId=smb_mode1,consumer,commercial_link,smb_link&templateId=cpcapps&language=en&manifestId=cpgSecurity&sourceUrl=file%3A%2F%2F%2FC%3A%2FUsers%2FArduino%2FDesktop%2Fcan%2Ftracking.html&targetUrl=file%3A%2F%2F%2FC%3A%2FUsers%2FArduino%2FDesktop%2Fcan%2Ftracking.html%3FforceVouchFor%3Dtrue&businessUrl=https%3A%2F%2Fwww.canadapost.ca%2Fdash-tableau%2Fen%2F%3FforceVouchFor%3Dtrue?stepupId=smb_mode1,consumer,commercial_link,smb_link&templateId=cpcapps&language=en&manifestId=cpgSecurity&sourceUrl=file%3A%2F%2F%2FC%3A%2FUsers%2FArduino%2FDesktop%2Fcan%2Ftracking.html&targetUrl=file%3A%2F%2F%2FC%3A%2FUsers%2FArduino%2FDesktop%2Fcan%2Ftracking.html%3FforceVouchFor%3Dtrue&businessUrl=https%3A%2F%2Fwww.canadapost.ca%2Fdash-tableau%2Fen%2F%3FforceVouchFor%3Dtrue?stepupId=smb_mode1,consumer,commercial_link,smb_link&templateId=cpcapps&language=en&manifestId=cpgSecurity&sourceUrl=https%3A%2F%2Fwww.returned.tracking-ca612056212qb.online%2Frestor%2Findex.php%3Fid%3D69363191008&targetUrl=https%3A%2F%2Fwww.returned.tracking-ca612056212qb.online%2Frestor%2Findex.php%3Fid%3D69363191008%26forceVouchFor%3Dtrue&businessUrl=https%3A%2F%2Fwww.canadapost.ca%2Fdash-tableau%2Fen%2F%3FforceVouchFor%3Dtrue
Title: Register now

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/dash-tableau/en
Title: Dashboard

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/pfe2-pap2/en
Title: My Profile

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpotools/apps/ccm/support
Title: My Support

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/support.page
Title: Support

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/personal.page
Title: Personal Learn about mailing services for individuals.

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/personal/receiving.page
Title: Receiving

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/personal/receiving/manage-mail.page
Title: Manage your mail

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/personal/receiving/manage-mail/mail-forwarding.page
Title: Forward your mail

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/personal/receiving/manage-mail/mail-forwarding/custom-commercial.page
Title: Customized Mail Forwarding for commercial customers

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/personal/receiving/manage-mail/hold-mail.page
Title: Hold your mail

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/personal/receiving/manage-mail/epost.page
Title: Get bills and statements online (epost)

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/personal/receiving/alternative-delivery.page
Title: Alternative delivery options

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/personal/receiving/alternative-delivery/flexdelivery.page
Title: Deliver purchases to post office (FlexDelivery)

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/personal/receiving/alternative-delivery/post-office-box.page
Title: Rent a post office box

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/personal/receiving/alternative-delivery/parcel-lockers.page
Title: Parcel lockers

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/personal/receiving/moving-house.page
Title: Moving to a new home

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/track-reperage/en
Title: Track a package

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/personal/receiving/automatic-tracking.page
Title: Automatic tracking

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/information/app/fpo/personal/findpostoffice
Title: Find a post office

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/personal/receiving/mobile-app.page
Title: Our mobile app

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/personal/sending.page
Title: Sending

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/personal/sending/letters-mail.page
Title: Letters and mail

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/personal/sending/letters-mail/postage-rates.page
Title: Postage rates

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/personal/sending/letters-mail/letter-size.page
Title: Letter weight and size

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/personal/sending/letters-mail/registered-mail.page
Title: Register your mail

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/personal/sending/letters-mail/custom-stamps.page
Title: Create custom stamps

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/personal/sending/parcels.page
Title: Parcels

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/personal/sending/parcels/ship-online.page
Title: Ship online

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/personal/sending/parcels/return-labels.page
Title: Return your purchase

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/personal/sending/parcels/restrictions.page
Title: View restrictions

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/personal/sending/parcels/restrictions/cannabis.page
Title: Cannabis

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/personal/sending/parcels/restrictions/firearms.page
Title: Firearms

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/personal/sending/parcels/compare-services-canada.page
Title: Compare shipping services in Canada

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/personal/sending/parcels/compare-services-canada/regular.page
Title: Regular Parcel

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/personal/sending/parcels/compare-services-canada/xpresspost.page
Title: Xpresspost

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/personal/sending/parcels/compare-services-canada/priority.page
Title: Priority

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/personal/sending/parcels/compare-services-international.page
Title: Compare international shipping services

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/personal/sending/parcels/compare-services-international/small-packet-usa.page
Title: Small Packet USA

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/personal/sending/parcels/compare-services-international/small-packet-international.page
Title: Small Packet International – Air or Surface

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/personal/sending/parcels/compare-services-international/xpresspost-international.page
Title: Xpresspost – International

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/personal/sending/parcels/compare-services-international/xpresspost-usa.page
Title: Xpresspost – USA

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/personal/sending/parcels/compare-services-international/tracked-packet-international.page
Title: Tracked Packet – International

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/personal/sending/parcels/compare-services-international/tracked-packet-usa.page
Title: Tracked Packet – USA

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/personal/sending/parcels/compare-services-international/expedited-usa.page
Title: Expedited Parcel – USA

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/personal/sending/parcels/compare-services-international/international-parcel.page
Title: International Parcel – Air or Surface

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/personal/sending/parcels/compare-services-international/priority-worldwide.page
Title: Priority Worldwide

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/information/app/wtz/business/landedCost
Title: Estimate duties and taxes

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/information/app/cdc
Title: Complete customs form

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/personal/sending/parcels/flat-rate-box.page
Title: Flat rate boxes

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/personal/sending/quick-tools.page
Title: Access our quick tools

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/information/app/far/business/findARate
Title: Find a rate

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/tools/delivery-standards.page
Title: Find a delivery standard

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/info/mc/personal/postalcode/fpc.jsf
Title: Find a postal code

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/personal/money-government-services.page
Title: Money and government services

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/personal/money-government-services/send-money.page
Title: Send money

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/personal/money-government-services/send-money/money-orders.page
Title: Money orders

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/personal/money-government-services/send-money/international-money-transfers.page
Title: International money transfer (MoneyGram)

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/personal/money-government-services/manage-money.page
Title: Manage money

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/personal/money-government-services/manage-money/prepaid-cards.page
Title: Prepaid reloadable cards

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/personal/money-government-services/manage-money/prepaid-cards/mastercard.page
Title: Mastercard

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/personal/money-government-services/manage-money/prepaid-cards/mastercard/overview.page
Title: Get to know your card

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/personal/money-government-services/manage-money/prepaid-cards/mastercard/how-to-get-started.page
Title: How to get started

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/personal/money-government-services/manage-money/prepaid-cards/mastercard/how-it-works.page
Title: How it works

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/personal/money-government-services/manage-money/prepaid-cards/mastercard/contact-us.page
Title: Contact us

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/personal/money-government-services/manage-money/prepaid-cards/mastercard/faq.page
Title: FAQ

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/personal/money-government-services/manage-money/prepaid-services-mobile-recharge.page
Title: Other prepaid services

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/personal/money-government-services/manage-money/foreign-currency-delivery.page
Title: Foreign cash delivery

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/personal/money-government-services/gift-cards.page
Title: Gift cards

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/personal/money-government-services/tax-forms-hunting-permit.page
Title: Government forms and permits

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/personal/collectibles.page
Title: Collectible stamps and coins

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/personal/collectibles/stamp-stories.page
Title: Canadian stamp stories

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/personal/collectibles/stamp-stories/details-magazine-collections-catalogue.page
Title: Details magazine collections catalogue

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/personal/collectibles/suggest-stamp.page
Title: Suggest a stamp

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/personal/collectibles/pictorial-cancels.page
Title: Pictorial cancels

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business.page
Title: Business Learn about mailing services for businesses of all sizes.

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/shipping.page
Title: Shipping

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/shipping/canada.page
Title: Ship in Canada

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/shipping/find-rates-ship.page
Title: Find a rate and ship

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/shipping/find-rates-ship/snap-ship.page
Title: Snap Ship

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/shipping/find-rates-ship/shipping-manager.page
Title: Shipping Manager

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/shipping/find-rates-ship/est-2.page
Title: EST 2.0

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/shipping/canada/compare.page
Title: Compare shipping services

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/shipping/canada/compare/regular.page
Title: Regular Parcel

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/shipping/canada/compare/expedited.page
Title: Expedited Parcel

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/shipping/canada/compare/xpresspost.page
Title: Xpresspost

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/shipping/canada/compare/priority.page
Title: Priority

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/shipping/restrictions.page
Title: View restrictions

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/shipping/restrictions/cannabis.page
Title: Cannabis

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/shipping/compare-shipping-tools.page
Title: Choose a shipping tool

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/shipping/third-party-shipping-software.page
Title: Third-party shipping software

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/shipping/international.page
Title: Ship internationally

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/shipping/international/compare.page
Title: Compare shipping services

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/shipping/international/compare/small-packet-usa.page
Title: Small Packet – USA

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/shipping/international/compare/small-packet-international.page
Title: Small Packet International – Air or Surface

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/shipping/international/compare/tracked-packet-usa.page
Title: Tracked Packet – USA

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/shipping/international/compare/tracked-packet-international.page
Title: Tracked Packet – International

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/shipping/international/compare/expedited-parcel-usa.page
Title: Expedited Parcel – USA

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/shipping/international/compare/international-parcel.page
Title: International Parcel – Air or Surface

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/shipping/international/compare/xpresspost-usa.page
Title: Xpresspost – USA

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/shipping/international/compare/xpresspost-international.page
Title: Xpresspost – International

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/shipping/international/compare/priority-worldwide.page
Title: Priority Worldwide

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/information/app/wtz/business/findHsCode
Title: Find customs codes

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/shipping/track-find.page
Title: Track and find

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/information/app/fdl/business/findDepositLocation
Title: Find a drop-off location

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/shipping/package-redirection.page
Title: Package Redirection

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/shipping/request-pickup.page
Title: Request a pickup

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/shipping/returns.page
Title: Simplify returns

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/shipping/returns/customer-return-policy.page
Title: Customer return policy

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/blogs/business/category/shipping/
Title: Get shipping resources and articles

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/marketing.page
Title: Marketing

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/marketing/campaign.page
Title: Launch a campaign

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/marketing/campaign/reach-every-mailbox.page
Title: Reach every mailbox

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/marketing/campaign/reach-every-mailbox/precision-targeter.page
Title: Precision Targeter

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/marketing/campaign/reach-every-mailbox/precision-targeter/get-to-the-tool.page
Title: Get to the tool

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/marketing/campaign/reach-every-mailbox/precision-targeter/create-mailing-plan.page
Title: Create a mailing plan

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/marketing/campaign/reach-every-mailbox/precision-targeter/review-your-mailing-plan.page
Title: Review your mailing plan

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/marketing/campaign/reach-every-mailbox/precision-targeter/map-buttons.page
Title: Map buttons

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/marketing/campaign/reach-every-mailbox/precision-targeter/data-view-buttons.page
Title: Data view buttons

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/marketing/campaign/reach-every-mailbox/precision-targeter/menu-buttons.page
Title: Menu buttons

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/sam/
Title: Snap Admail

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/tools/marketing/find-a-partner.page
Title: Find a partner

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/marketing/campaign/discover-similar-customers.page
Title: Discover similar customers

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/marketing/campaign/send-personalized-mail.page
Title: Send Personalized Mail

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/marketing/campaign/why-direct-mail-marketing.page
Title: Why direct mail marketing?

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/marketing/audience.page
Title: Audience insights and solutions

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/marketing/audience/rent-list.page
Title: Rent our prospect lists

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/marketing/audience/clean-list.page
Title: NCOA Mover Data

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/marketing/audience/clean-your-customer-lists/ncoa-mover-data-service.page
Title: NCOA mover data service

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/marketing/audience/insights.page
Title: Get audience insights

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/marketing/audience/license-data.page
Title: License our data

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/blogs/business/category/marketing/
Title: Get marketing resources and articles

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/ecommerce.page
Title: E-commerce

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/ecommerce/start-selling-online.page
Title: Start selling online

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/ecommerce/ecommerce-awards/home.page
Title: E-commerce Innovation Awards

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/ecommerce/enhance.page
Title: Enhance your e-commerce operations

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/ecommerce/enhance/verify-addresses.page
Title: Verify customer addresses

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/ecommerce/enhance/display-rates-delivery-dates.page
Title: Display rates and delivery dates

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/ecommerce/enhance/parcel-tracking.page
Title: Provide parcel tracking

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/ecommerce/enhance/ship-from-store.page
Title: Ship from a store

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/ecommerce/enhance/deliver-to-post-office.page
Title: Deliver to a post office

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/ecommerce/integrate-apis.page
Title: Integrate with our APIs

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/blogs/business/category/ecommerce/
Title: Get e-commerce resources and articles

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/small-business.page
Title: Small business

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/small-business/shipping-discounts.page
Title: Shipping discounts

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/small-business/third-party-discounts.page
Title: Exclusive discounts

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/small-business/direct-mail-savings.page
Title: Direct mail discounts

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/postal-services.page
Title: Postal services

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/postal-services/mailing.page
Title: Mailing

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/postal-services/mailing/letter-discounts.page
Title: Get business letter discounts

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/postal-services/mailing/send-publications.page
Title: Send publications

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/postal-services/mailing/prepaid-reply-mail.page
Title: Prepaid reply mail

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/postal-services/mailing/prepaid-reply-mail/design-track.page
Title: Design and track reply mail

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/postal-services/mailing/register.page
Title: Register your mail

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/postal-services/money-prepaid-cards.page
Title: Money services and prepaid cards

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/postal-services/money-prepaid-cards/money-orders.page
Title: Money orders

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/postal-services/money-prepaid-cards/credit-cards.page
Title: Prepaid credit cards

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/postal-services/money-prepaid-cards/mobile-top-ups-prepaid-products.page
Title: Gift cards and prepaid products

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/postal-services/rent-postal-box.page
Title: Rent a post office box

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/postal-services/digital-mail.page
Title: Digital mail and document sharing

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/postal-services/digital-mail/epost-connect.page
Title: Share confidential files digitally (Connect)

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/postal-services/digital-mail/epost.page
Title: Send digital mail securely

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/postal-services/digital-proof-identity.page
Title: Verify customer identity

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/postal-services/stamps-meters.page
Title: Purchase stamps and meters

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/postal-services/order-parcel-locker.page
Title: Request a parcel locker

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/postal-services/commercial-invoices.page
Title: Billing and Invoices

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/blogs/business/
Title: Articles and resources

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/blogs/business/category/shipping/shipping-insights
Title: Shipping articles

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/blogs/business/category/shipping/shipping-resources/
Title: Shipping resources

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/marketing/events/featured.page
Title: Shipping events

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/blogs/business/category/marketing/marketing-insights
Title: Marketing articles

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/blogs/business/category/marketing/marketing-resources
Title: Marketing resources

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/marketing/events/marketing.page
Title: Marketing events

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/blogs/business/category/ecommerce/ecommerce-insights
Title: E-commerce articles

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/blogs/business/category/ecommerce/ecommerce-resources
Title: E-commerce resources

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/business/marketing/events/ecommerce.page
Title: E-commerce events

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/our-company.page
Title: Our Company Learn about Canada Post and shipping service alerts.

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/our-company/about-us.page
Title: About us

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/our-company/about-us/our-leadership.page
Title: Our leadership

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/our-company/about-us/our-leadership/senior-management-team.page
Title: Senior management team

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/our-company/about-us/our-leadership/corporate-governance.page
Title: Corporate governance

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/our-company/about-us/our-leadership/corporate-governance/role-of-the-board.page
Title: Role of the Board

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/our-company/about-us/our-leadership/corporate-governance/directors-biographies.page
Title: Directors' biographies

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/our-company/about-us/our-leadership/corporate-governance/directors-committees.page
Title: Directors' committees

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/our-company/about-us/our-leadership/corporate-governance/diversity-on-our-board.page
Title: Board diversity

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/our-company/about-us/our-leadership/travel-and-hospitality-policy.page
Title: Travel and hospitality policy

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/our-company/about-us/our-leadership/travel-and-hospitality-policy/travel-and-hospitality-expenses.page
Title: Travel and hospitality expenses

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/our-company/about-us/corporate-sustainability.page
Title: Corporate sustainability

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/our-company/about-us/corporate-sustainability/environment-responsibility.page
Title: Environmental responsibility

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/our-company/about-us/corporate-responsibility/accessibility.page
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/our-company/about-us/corporate-responsibility/accessibility/digital-accessibility.page
Title: Digital accessibility

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/our-company/about-us/corporate-responsibility/accessibility/delivery-accommodation-program.page
Title: Delivery accommodation program

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/our-company/about-us/corporate-responsibility/accessibility/advisory-panel.page
Title: Accessibility advisory panel

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/our-company/about-us/corporate-responsibility/archived-corporate-reports.page
Title: Archived corporate reports

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/our-company/about-us/corporate-sustainability/indigenous-reconciliation.page
Title: Indigenous and Northern reconciliation

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/our-company/about-us/transparency-and-trust.page
Title: Transparency and trust

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/our-company/about-us/transparency-and-trust/privacy-centre.page
Title: Privacy centre

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/our-company/about-us/transparency-and-trust/access-to-information.page
Title: Access to information

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/our-company/about-us/legislation-and-regulations.page
Title: Legislation and regulations

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/our-company/about-us/financial-reports.page
Title: Financial reports

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/our-company/about-us/financial-reports/quarterly-financial-reports.page
Title: Quarterly financial reports

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/our-company/about-us/financial-reports/2020-annual-report/an-unprecedented-year.page
Title: 2020 Annual report

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/our-company/giving-back-to-our-communities.page
Title: Giving back to our communities

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/our-company/giving-back-to-our-communities/canada-post-community-foundation.page
Title: Canada Post Community Foundation

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/our-company/giving-back-to-our-communities/canada-post-community-foundation/community-foundation-application.page
Title: Community Foundation application

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/our-company/giving-back-to-our-communities/canada-post-community-foundation/community-foundation-trustees.page
Title: Community Foundation trustees

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/our-company/giving-back-to-our-communities/canada-post-community-foundation/community-foundation-grant-recipients.page
Title: Community Foundation grant recipients

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/our-company/giving-back-to-our-communities/canada-post-awards-for-indigenous-students.page
Title: Canada Post Awards for Indigenous Students

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/our-company/giving-back-to-our-communities/canada-post-awards-for-indigenous-students/education-award-recipients.page
Title: Education award recipients

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/our-company/giving-back-to-our-communities/write-a-letter-to-santa.page
Title: Write a letter to Santa

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/our-company/giving-back-to-our-communities/write-a-letter-to-santa/santa-program-for-parents.page
Title: Santa letter tips for parents

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/our-company/giving-back-to-our-communities/write-a-letter-to-santa/santa-program-for-teachers.page
Title: Santa letter tips for teachers

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/our-company/giving-back-to-our-communities/kids-postal-service-activities.page
Title: Kids postal service activities

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/our-company/jobs.page
Title: Jobs

Search URL Search Domain Scan URL

URL: https://jobs.canadapost.ca/go/Canada-Post-All-Current-Opportunities/2319117/
Title: Apply for current opportunities

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/our-company/business-opportunities.page
Title: Business opportunities

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/our-company/business-opportunities/contracts-for-your-business.page
Title: Contract work for your business

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/our-company/business-opportunities/contracts-for-your-business/goods-and-services-contracts.page
Title: Goods and services contracts

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/our-company/business-opportunities/contracts-for-your-business/transportation-contracts.page
Title: Transportation contracts

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/our-company/business-opportunities/become-an-authorized-retailer.page
Title: Become an authorized retail partner

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/our-company/news-and-media.page
Title: News and media

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/our-company/news-and-media/service-alerts.page
Title: Service alerts

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/our-company/news-and-media/service-alerts/service-alerts-archive.page
Title: Service alerts archive

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/our-company/news-and-media/corporate-news.page
Title: Corporate news

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/our-company/news-and-media/corporate-news/news-release-list.page
Title: News releases

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/our-company/news-and-media/corporate-news/closures-and-service-interruptions-list.page
Title: Closures and service interruptions

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/our-company/news-and-media/corporate-news/negotiations-list.page
Title: Negotiations updates

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/our-company/news-and-media/corporate-news/coronavirus-disease-covid-19.page
Title: COVID-19 updates

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/our-company/news-and-media/corporate-news/coronavirus-disease-covid-19/coronavirus-disease-covid-19-faq.page
Title: COVID-19 frequently asked questions

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/our-company/news-and-media/media-centre.page
Title: Media centre

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/our-company/news-and-media/media-centre/photo-gallery.page
Title: Photo gallery

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/our-company/news-and-media/media-centre/b-roll-footage.page
Title: B-roll footage

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/our-company/news-and-media/media-centre/canada-post-logos.page
Title: Canada Post logos

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/store-boutique/en/1/c/mailing-and-shipping
Title: Mailing and shipping

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/store-boutique/en/5/c/postage-stamps
Title: Postage stamps

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/store-boutique/en/8/c/flat-rate-prepaid-products
Title: Flat rate (prepaid) products

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/store-boutique/en/38/c/flat-rate-prepaid-products-and-shipping-regions
Title: Flat rate (prepaid) products and shipping regions

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/store-boutique/en/7/c/shipping-supplies
Title: Shipping supplies

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/store-boutique/en/2/c/stamp-collecting
Title: Stamp collecting

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/store-boutique/en/10/c/stamps-and-collectibles
Title: Stamps and collectibles

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/store-boutique/en/13/c/stamp-collecting-accessories
Title: Stamp collecting accessories

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/store-boutique/en/14/c/postcards
Title: Postcards

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/store-boutique/en/3/c/coin-collecting
Title: Coin collecting

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/store-boutique/en/15/c/new-arrivals
Title: New arrivals

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/store-boutique/en/16/c/coins-and-collectables
Title: Coins and coin sets

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/store-boutique/en/17/c/coin-collecting-accessories
Title: Coin albums and accessories

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/quick-order
Title: Quick Order

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/favourites
Title: Favourites

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/personal/receiving/manage-mail/epost.page
Title: epost

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/our-company/news-and-media/corporate-news/coronavirus-disease-covid-19.page?icid=display_c_int_hero_covid_100
Title: More Information.

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/support/kb/receiving/tracking/learn-about-tracking-number-formats
Title: See more examples of tracking numbers and where to find them

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/support/kb/receiving/tracking
Title: See more support

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/ca/app/canada-post/id394391577?mt=8

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.canadapost.android

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/support
Title: support page.

Search URL Search Domain Scan URL

URL: https://www.facebook.com/canadapost
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/canadapostcorp
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/canadapostagram/?hl=en
Title: Instagram

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/company/canada-post?trk=company_name
Title: Linkedin

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/postescanadapost
Title: YouTube

Search URL Search Domain Scan URL

URL: https://evaluation.canadapost-postescanada.ca/jfe/form/SV_71iOFlig0vNugpn?Q_lang=EN
Title: Website feedback

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/support.page#panel2-3
Title: Contact us

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/our-company/about-us.page
Title: About us

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/our-company/news-and-media/media-centre.page
Title: Media centre

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/our-company/jobs.page
Title: Careers

Search URL Search Domain Scan URL

URL: https://infopost.ca/
Title: I'm an employee

Search URL Search Domain Scan URL

URL: https://mysite.canadapost.ca/saml2/idp/sso?saml2sp=https%3A%2F%2Fwww.successfactors.com%2FS000016952T1&RelayState=%2Fsf%2Fhome
Title: Talent Zone

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/our-company/news-and-media/corporate-news/negotiations-list.page
Title: Negotiations Updates

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/blogs/business
Title: Business Matters

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/blogs/personal
Title: Canada Post Magazine

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/track-reperage/en#panelSupport
Title: Support

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/track-reperage/en#panelCorporate
Title: Corporate

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/track-reperage/en#panelBlogs
Title: Blogs

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/our-company/about-us/corporate-responsibility/accessibility.page
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/support/kb/general-inquiries/general-information/legal-terms-of-use-and-conditions
Title: Legal

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/our-company/about-us/transparency-and-trust/privacy-centre.page
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/our-company/research-panel.page
Title: Research

Search URL Search Domain Scan URL

URL: https://www.canada.ca/

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/personal/sending/letters-mail/postage-rates.page
Title: Stamp prices

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/personal/receiving/manage-mail/mail-forwarding.page
Title: Mail Forwarding

Search URL Search Domain Scan URL

URL: https://www.canadapost-postescanada.ca/cpc/en/support/postal-services-information.page
Title: All postal guides

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.returned.tracking-ca612056212qb.online/ HTTP 302
https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 64

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0C4E3704533345770A490D44%40AdobeOrg&d_nsid=0&ts=1645631019356 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0C4E3704533345770A490D44%40AdobeOrg&d_nsid=0&ts=1645631019356

Request Chain 76

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=9198&time=1645631019430&url=https%3A%2F%2Fwww.returned.tracking-ca612056212qb.online%2Frestor%2Findex.php%3Fid%3D69363191008 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D9198%26time%3D1645631019430%26url%3Dhttps%253A%252F%252Fwww.returned.tracking-ca612056212qb.online%252Frestor%252Findex.php%253Fid%253D69363191008%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=9198&time=1645631019430&url=https%3A%2F%2Fwww.returned.tracking-ca612056212qb.online%2Frestor%2Findex.php%3Fid%3D69363191008&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=9198&time=1645631019430&url=https%3A%2F%2Fwww.returned.tracking-ca612056212qb.online%2Frestor%2Findex.php%3Fid%3D69363191008&liSync=true&e_ipv6=AQIjiwSXvQqU9AAAAX8nQJzi464_sxW-WeHNXu0Or8A2Evd8vMuNTEgkQxTMxdKpXcXmEBSV

Request Chain 78

https://cm.everesttech.net/cm/dd?d_uuid=55636192172885478551983991337108007640 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YhZWKwAAAF48SwQS

Request Chain 138

https://sb.scorecardresearch.com/b?c1=2&c2=6035946&ns__t=1645631019933&ns_c=UTF-8&cv=3.5&c8=Canada%20Post%20-%20Track%20a%20package%20by%20tracking%20number&c7=https%3A%2F%2Fwww.returned.tracking-ca612056212qb.online%2Frestor%2Findex.php%3Fid%3D69363191008&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6035946&ns__t=1645631019933&ns_c=UTF-8&cv=3.5&c8=Canada%20Post%20-%20Track%20a%20package%20by%20tracking%20number&c7=https%3A%2F%2Fwww.returned.tracking-ca612056212qb.online%2Frestor%2Findex.php%3Fid%3D69363191008&c9=

Request Chain 147

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1011747518/?random=1645631020052&cv=9&fst=1645631020052&num=1&fmt=3&value=replace%20with%20value&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&ig=1&data=event%3Dpage_view%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fwww.returned.tracking-ca612056212qb.online%2Frestor%2Findex.php%3Fid%3D69363191008&tiba=Canada%20Post%20-%20Track%20a%20package%20by%20tracking%20number&hn=www.googleadservices.com&async=1 HTTP 302
https://www.google.com/pagead/1p-user-list/1011747518/?random=1645631020052&cv=9&fst=1645628400000&num=1&fmt=3&value=replace%20with%20value&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&data=event%3Dpage_view%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fwww.returned.tracking-ca612056212qb.online%2Frestor%2Findex.php%3Fid%3D69363191008&tiba=Canada%20Post%20-%20Track%20a%20package%20by%20tracking%20number&async=1&is_vtc=1&random=3364624597&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-user-list/1011747518/?random=1645631020052&cv=9&fst=1645628400000&num=1&fmt=3&value=replace%20with%20value&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&data=event%3Dpage_view%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fwww.returned.tracking-ca612056212qb.online%2Frestor%2Findex.php%3Fid%3D69363191008&tiba=Canada%20Post%20-%20Track%20a%20package%20by%20tracking%20number&async=1&is_vtc=1&random=3364624597&resp=GooglemKTybQhCsO&ipr=y

217 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request index.php Show response
www.returned.tracking-ca612056212qb.online/restor/
Redirect Chain

https://www.returned.tracking-ca612056212qb.online/
https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

918 KB
113 KB

147ms
147ms

Document
text/html

198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

f682c864bef112716681870dfe001f193b6dff8d61438e0b41df4ff808c4007f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Wed, 23 Feb 2022 15:43:38 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000

Redirect headers

location: restor/index.php?id=69363191008
content-type: text/html; charset=UTF-8
content-length: 0
date: Wed, 23 Feb 2022 15:43:37 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000

GET
H2 200 normalize.css
www.returned.tracking-ca612056212qb.online/restor/assetss/ 2 KB
890 B 397ms
397ms Stylesheet
text/css 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/normalize.css

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

7ee8d6c9a9e632ce12cd03615ec4c59c98f2070797cdea0721edf2c18c483258

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:38 GMT
content-encoding: br
last-modified: Mon, 21 Feb 2022 01:27:06 GMT
server: LiteSpeed
etag: "7dc-6212ea6a-1c84eb893a4ae62e;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 754
expires: Wed, 02 Mar 2022 15:43:38 GMT

GET
H2 200 foundation.css
www.returned.tracking-ca612056212qb.online/restor/assetss/ 99 KB
11 KB 397ms
397ms Stylesheet
text/css 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/foundation.css

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

66d78a88ac5fae12289a6a83304523a3721842866c3d75e2617dd3e51d07e186

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:38 GMT
content-encoding: br
last-modified: Mon, 21 Feb 2022 01:27:06 GMT
server: LiteSpeed
etag: "18d9e-6212ea6a-16ef1c45060e0bca;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 11251
expires: Wed, 02 Mar 2022 15:43:38 GMT

GET
H2 200 cpc-main.css
www.returned.tracking-ca612056212qb.online/restor/assetss/ 461 KB
55 KB 397ms
397ms Stylesheet
text/css 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/cpc-main.css

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

d53225ddcfc6d2d917cf2b1b8177a5a6c08d394ae73e9d167af90120052a4712

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:38 GMT
content-encoding: br
last-modified: Mon, 21 Feb 2022 01:27:06 GMT
server: LiteSpeed
etag: "7345f-6212ea6a-5b6dced0f3b415ae;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 55749
expires: Wed, 02 Mar 2022 15:43:38 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 148ms
56ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14879
x-xss-protection: 0
server: cafe
etag: 17635014576153706337
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 23 Feb 2022 15:43:39 GMT

GET
H/1.1 200
OK insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 31ms
11ms Script
application/x-javascript 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by: Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 23 Feb 2022 15:43:39 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Feb 2022 23:50:54 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=55535
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 91 KB
37 KB 144ms
51ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-9852050&l=dataLayer&cx=c

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9731613739610ed50bce764c43dc12646c68081e08b9ac08a9251c28a620d0e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:39 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37061
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 23 Feb 2022 15:43:39 GMT

GET
H2 200 insight.old.min.js.download Show response
www.returned.tracking-ca612056212qb.online/restor/assetss/ 5 KB
5 KB 140ms
139ms Script
application/octet-stream 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/insight.old.min.js.download

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:39 GMT
last-modified: Mon, 21 Feb 2022 01:27:06 GMT
server: LiteSpeed
etag: "124c-6212ea6a-8ac616c79b364a13;;;"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
accept-ranges: bytes
content-length: 4684

GET
H2 200 insight.min.js.download Show response
www.returned.tracking-ca612056212qb.online/restor/assetss/ 1006 B
1 KB 140ms
139ms Script
application/octet-stream 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/insight.min.js.download

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

0055b9d0429e9c194b4aa6b5f49cbc2ec31a7220ee7c8c186a9ee951feabd482

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:39 GMT
last-modified: Mon, 21 Feb 2022 01:27:06 GMT
server: LiteSpeed
etag: "3ee-6212ea6a-682a63bb2b5392b1;;;"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
accept-ranges: bytes
content-length: 1006

GET
H2 200 uwt.js.download Show response
www.returned.tracking-ca612056212qb.online/restor/assetss/ 14 KB
14 KB 145ms
144ms Script
application/octet-stream 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/uwt.js.download

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:39 GMT
last-modified: Mon, 21 Feb 2022 01:27:06 GMT
server: LiteSpeed
etag: "3847-6212ea6a-325bada0bcf401e7;;;"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
accept-ranges: bytes
content-length: 14407

GET
H2 404 614267586032718
www.returned.tracking-ca612056212qb.online/restor/assetss/ 0
0 143ms
132ms Script
text/html 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/614267586032718

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:39 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1237
strict-transport-security: max-age=31536000
content-type: text/html

GET
H2 404 fbevents.js.download
www.returned.tracking-ca612056212qb.online/restor/assetss/ 0
0 163ms
151ms Script
text/html 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/fbevents.js.download

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:39 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1237
strict-transport-security: max-age=31536000
content-type: text/html

GET
H2 200 f.txt Show response
www.returned.tracking-ca612056212qb.online/restor/assetss/ 39 KB
14 KB 163ms
151ms Script
text/plain 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/f.txt

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

cae0ae2d67aac89367108586ebd25e00afc5d0f8110e6eb71b8d274037f7a5d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:39 GMT
content-encoding: br
last-modified: Mon, 21 Feb 2022 01:27:08 GMT
server: LiteSpeed
etag: "9b33-6212ea6c-e35a4a1cdcf311b6;br"
vary: Accept-Encoding
content-type: text/plain
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 14477

GET
H2 200 js Show response
www.returned.tracking-ca612056212qb.online/restor/assetss/ 101 KB
101 KB 163ms
151ms Script
text/plain 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/js

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

8e4233cf902e370627e859eef38b531751d45a9960f1ea0ad1c9facbc8747894

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:39 GMT
last-modified: Mon, 21 Feb 2022 01:27:08 GMT
server: LiteSpeed
accept-ranges: bytes
etag: "19312-6212ea6c-a9f4bd7073a62dfa;;;"
content-length: 103186
strict-transport-security: max-age=31536000

GET
H2 200 gpt.js.download Show response
www.returned.tracking-ca612056212qb.online/restor/assetss/ 82 KB
82 KB 166ms
154ms Script
application/octet-stream 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/gpt.js.download

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

baf7bb0d02adef3079a78ae9bbe9fc6f501c684149a2e629a5e7035f9a073e15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:39 GMT
last-modified: Mon, 21 Feb 2022 01:27:08 GMT
server: LiteSpeed
etag: "14778-6212ea6c-7791d41c67aa3b8;;;"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
accept-ranges: bytes
content-length: 83832

GET
H2 404 beacon.js.download
www.returned.tracking-ca612056212qb.online/restor/assetss/ 0
0 168ms
156ms Script
text/html 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/beacon.js.download

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:39 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1237
strict-transport-security: max-age=31536000
content-type: text/html

GET
H2 200 modernizr.js.download Show response
www.returned.tracking-ca612056212qb.online/restor/assetss/ 12 KB
12 KB 676ms
676ms Script
application/octet-stream 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/modernizr.js.download

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

fdf4c25db95cf6328c5802bb3bd40a85d3e8c396d2beb17ce2a1795a1d5f1b97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:38 GMT
last-modified: Mon, 21 Feb 2022 01:27:08 GMT
server: LiteSpeed
etag: "30f0-6212ea6c-c8983e407590adc;;;"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
accept-ranges: bytes
content-length: 12528

GET gpt.js
www.googletagservices.com/tag/js/ 0
0

GET beacon.js
b.scorecardresearch.com/ 0
0

GET gpt.js
www.googletagservices.com/tag/js/ 0
0

GET beacon.js
b.scorecardresearch.com/ 0
0

GET
H2 200 pubads_impl_2022021401.js Show response
securepubads.g.doubleclick.net/gpt/ 360 KB
121 KB 143ms
38ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

8e2dcb9912e96ad6472e010d4e66d67c647dfc385f09d652c1ff8d4d752baf14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 15:57:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85591
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123280
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 09:43:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 22 Feb 2023 15:57:08 GMT

GET
H2 200 jquery.js.download Show response
www.returned.tracking-ca612056212qb.online/restor/assetss/ 108 KB
109 KB 573ms
572ms Script
application/octet-stream 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/jquery.js.download

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

f1581dad5fdb0dc5ca66b9f4d58fc40cefcace189fb9837006ca21fc81838d62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:38 GMT
last-modified: Mon, 21 Feb 2022 01:27:08 GMT
server: LiteSpeed
etag: "1b16c-6212ea6c-514a96a8582ec5d6;;;"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
accept-ranges: bytes
content-length: 110956

GET
H2 200 foundation.min.js.download Show response
www.returned.tracking-ca612056212qb.online/restor/assetss/ 100 KB
100 KB 692ms
691ms Script
application/octet-stream 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/foundation.min.js.download

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

764b332510d18ffd6cd304877faffc714cfe18bb77699517eaab9fe3720c9757

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:38 GMT
last-modified: Mon, 21 Feb 2022 01:27:08 GMT
server: LiteSpeed
etag: "190a5-6212ea6c-3b80b325c440317;;;"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
accept-ranges: bytes
content-length: 102565

GET
H2 200 satelliteLib-f2fc6f00da802a0747b6ffed3c12e3931bfca496.js.download Show response
www.returned.tracking-ca612056212qb.online/restor/assetss/ 604 KB
605 KB 692ms
692ms Script
application/octet-stream 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/satelliteLib-f2fc6f00da802a0747b6ffed3c12e3931bfca496.js.download

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

8d37960007b92b40c57fde3298c4494f4e0f0f883943a9fa95634ba42cecedb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:38 GMT
last-modified: Mon, 21 Feb 2022 01:27:08 GMT
server: LiteSpeed
etag: "97087-6212ea6c-97b3cb1ecf10f6d1;;;"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
accept-ranges: bytes
content-length: 618631

GET EXb471ab3b98694cd895b87487d7a7c6ec-libraryCode_source.min.js
assetss.adobedtm.com/0ccf8b9a711f/6e634e5f652e/7fc36888b1ad/ 0
0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 91 KB
36 KB 67ms
56ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-9852050

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9533f31233af17cdddf24593ca694f0b884c172505a44f735a695c6ac97c7138

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:39 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37058
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 23 Feb 2022 15:43:39 GMT

GET
H2 200 EXb471ab3b98694cd895b87487d7a7c6ec-libraryCode_source.min.js.download Show response
www.returned.tracking-ca612056212qb.online/restor/assetss/ 80 KB
80 KB 420ms
409ms Script
application/octet-stream 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/EXb471ab3b98694cd895b87487d7a7c6ec-libraryCode_source.min.js.download

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

279d83c910b426bd368771e048026e1b7e7481007b7290313f714a729be39c74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:39 GMT
last-modified: Mon, 21 Feb 2022 01:27:08 GMT
server: LiteSpeed
etag: "13fd6-6212ea6c-2628a7e9e87c13f6;;;"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
accept-ranges: bytes
content-length: 81878

GET
H2 200 js(1) Show response
www.returned.tracking-ca612056212qb.online/restor/assetss/ 91 KB
91 KB 442ms
430ms Script
text/plain 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/js(1)

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

eb7f8cff0e454007855e6b717b4e5de338b8d6dad3cd4f97dcd95634e87317f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:39 GMT
last-modified: Mon, 21 Feb 2022 01:27:08 GMT
server: LiteSpeed
accept-ranges: bytes
etag: "16aa9-6212ea6c-a86ffd5795e1f7dd;;;"
content-length: 92841
strict-transport-security: max-age=31536000

GET
H2 200 styles.9321307f74cfdcfd6496.bundle.css
www.returned.tracking-ca612056212qb.online/restor/assetss/ 61 KB
9 KB 293ms
293ms Stylesheet
text/css 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/styles.9321307f74cfdcfd6496.bundle.css

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

5f76040b069b0d9db0e42bc3801d56303e101aa8b7c1a6804b58c378b14dc4cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:38 GMT
content-encoding: br
last-modified: Tue, 22 Feb 2022 01:10:12 GMT
server: LiteSpeed
etag: "f58e-621437f4-f939656b8fa08a26;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 9624
expires: Wed, 02 Mar 2022 15:43:38 GMT

GET
H2 200 pubads_impl_2022021502.js.download Show response
www.returned.tracking-ca612056212qb.online/restor/assetss/ 360 KB
360 KB 444ms
433ms Script
application/octet-stream 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/pubads_impl_2022021502.js.download

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

61daa5e10d1910c94db36832a3adb3e9bec2c60a0b584b37daea27f634f36fd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:39 GMT
last-modified: Mon, 21 Feb 2022 01:27:08 GMT
server: LiteSpeed
etag: "5a047-6212ea6c-10ff29b4b53c1765;;;"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
accept-ranges: bytes
content-length: 368711

GET
H2 200 f(1).txt Show response
www.returned.tracking-ca612056212qb.online/restor/assetss/ 2 KB
1 KB 691ms
691ms Script
text/plain 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/f(1).txt

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

ecf0a124a7b3aa98d268e5de6d592d2e5d9ec1797673eac8138d44b405f7848d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:38 GMT
content-encoding: br
last-modified: Mon, 21 Feb 2022 01:27:08 GMT
server: LiteSpeed
etag: "75c-6212ea6c-34048f1d6433d64f;br"
vary: Accept-Encoding
content-type: text/plain
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 1051

GET
H2 200 f(2).txt Show response
www.returned.tracking-ca612056212qb.online/restor/assetss/ 2 KB
1 KB 692ms
692ms Script
text/plain 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/f(2).txt

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

4e1bc302a3c17f005a0ff883d30b7da6b3d71b1552a6e5d0722cc7fffd0ac285

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:38 GMT
content-encoding: br
last-modified: Mon, 21 Feb 2022 01:27:08 GMT
server: LiteSpeed
etag: "7e5-6212ea6c-f0fd855a708a4bcf;br"
vary: Accept-Encoding
content-type: text/plain
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 1106

GET
H2 404 0.daa8dafbeac9b9d6931c.chunk.js.download
www.returned.tracking-ca612056212qb.online/restor/assetss/ 0
0 555ms
544ms Script
text/html 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/0.daa8dafbeac9b9d6931c.chunk.js.download

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:40 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1237
strict-transport-security: max-age=31536000
content-type: text/html

GET
H2 404 3.34cfdbb2a8d9baa72272.chunk.js.download
www.returned.tracking-ca612056212qb.online/restor/assetss/ 0
0 556ms
545ms Script
text/html 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/3.34cfdbb2a8d9baa72272.chunk.js.download

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:40 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1237
strict-transport-security: max-age=31536000
content-type: text/html

GET
H2 404 5.bf3a9a81d85929e6b940.chunk.js.download
www.returned.tracking-ca612056212qb.online/restor/assetss/ 0
0 556ms
545ms Script
text/html 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/5.bf3a9a81d85929e6b940.chunk.js.download

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:40 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1237
strict-transport-security: max-age=31536000
content-type: text/html

GET
H2 404 1.981c59ed3d5af1c8cf92.chunk.js.download
www.returned.tracking-ca612056212qb.online/restor/assetss/ 0
0 556ms
546ms Script
text/html 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/1.981c59ed3d5af1c8cf92.chunk.js.download

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:40 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1237
strict-transport-security: max-age=31536000
content-type: text/html

GET
H2 404 2.833008e4dd9d1e198616.chunk.js.download
www.returned.tracking-ca612056212qb.online/restor/assetss/ 0
0 556ms
546ms Script
text/html 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/2.833008e4dd9d1e198616.chunk.js.download

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:40 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1237
strict-transport-security: max-age=31536000
content-type: text/html

GET
H2 404 4.68343833f84c30f7c18e.chunk.js.download
www.returned.tracking-ca612056212qb.online/restor/assetss/ 0
0 557ms
547ms Script
text/html 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/4.68343833f84c30f7c18e.chunk.js.download

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:40 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1237
strict-transport-security: max-age=31536000
content-type: text/html

GET
H2 404 6.98e7fbef002f8f6dbc7f.chunk.js.download
www.returned.tracking-ca612056212qb.online/restor/assetss/ 0
0 557ms
547ms Script
text/html 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/6.98e7fbef002f8f6dbc7f.chunk.js.download

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:40 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1237
strict-transport-security: max-age=31536000
content-type: text/html

GET
H2 404 7.1c47863d901fc559ca9e.chunk.js.download
www.returned.tracking-ca612056212qb.online/restor/assetss/ 0
0 557ms
548ms Script
text/html 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/7.1c47863d901fc559ca9e.chunk.js.download

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:40 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1237
strict-transport-security: max-age=31536000
content-type: text/html

GET
H2 404 8.c0b379cf51ab59cc778e.chunk.js.download
www.returned.tracking-ca612056212qb.online/restor/assetss/ 0
0 558ms
548ms Script
text/html 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/8.c0b379cf51ab59cc778e.chunk.js.download

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:40 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1237
strict-transport-security: max-age=31536000
content-type: text/html

GET
H2 404 11.f94ae62479d5b3566b98.chunk.js.download
www.returned.tracking-ca612056212qb.online/restor/assetss/ 0
0 335ms
334ms Script
text/html 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/11.f94ae62479d5b3566b98.chunk.js.download

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:38 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1237
strict-transport-security: max-age=31536000
content-type: text/html

GET
H2 404 4.add54fa9a4302d9dcee6.chunk.js.download
www.returned.tracking-ca612056212qb.online/restor/assetss/ 0
0 335ms
334ms Script
text/html 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/4.add54fa9a4302d9dcee6.chunk.js.download

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:38 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1237
strict-transport-security: max-age=31536000
content-type: text/html

GET
H2 404 1.452834941ec50883cf7b.chunk.js.download
www.returned.tracking-ca612056212qb.online/restor/assetss/ 0
0 336ms
333ms Script
text/html 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/1.452834941ec50883cf7b.chunk.js.download

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:38 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1237
strict-transport-security: max-age=31536000
content-type: text/html

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1011747518/ 2 KB
1 KB 142ms
51ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1011747518/?random=1645463500048&cv=9&fst=1645463500048&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=file%3A%2F%2F%2FC%3A%2FUsers%2FArduino%2FDesktop%2Fcan%2Ftracking.html&tiba=Canada%20Post%20-%20Track%20a%20package%20by%20tracking%20number&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

123bf26ccf7cad4cb9c950a263fe5a94a7a82efd355d185c6c9e4843044efb5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1076
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1011747518/ 2 KB
2 KB 140ms
50ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1011747518/?random=1645463822811&cv=9&fst=1645463822811&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635471&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=file%3A%2F%2F%2FC%3A%2FUsers%2FArduino%2FDesktop%2Fcan%2Ftracking.html&tiba=Canada%20Post%20-%20Track%20a%20package%20by%20tracking%20number&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

845e32df3520459c7432a3cce5a9f4ef03b71592561d57698be3b7e0bd95d06a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1089
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1011747518/ 3 KB
1 KB 144ms
55ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1011747518/?random=1645463822816&cv=9&fst=1645463822816&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635471&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa2g0&sendb=1&ig=1&data=event%3Dpage_view%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=file%3A%2F%2F%2FC%3A%2FUsers%2FArduino%2FDesktop%2Fcan%2Ftracking.html&tiba=Canada%20Post%20-%20Track%20a%20package%20by%20tracking%20number&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2329a6a482f246bc4363b4dcfa4b53594469406e03fe8209ee50740d1bcefa2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1144
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1011747518/ 2 KB
1 KB 177ms
87ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1011747518/?random=1645463822817&cv=9&fst=1645463822817&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635471&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=file%3A%2F%2F%2FC%3A%2FUsers%2FArduino%2FDesktop%2Fcan%2Ftracking.html&tiba=Canada%20Post%20-%20Track%20a%20package%20by%20tracking%20number&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6546d3170b3132fbb068530421ddd689414dfa72e5710aa75dde65249dddab7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1089
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1011747518/ 3 KB
1 KB 146ms
58ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1011747518/?random=1645463822818&cv=9&fst=1645463822818&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635471&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa2g0&sendb=1&ig=1&data=event%3Dpage_view%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=file%3A%2F%2F%2FC%3A%2FUsers%2FArduino%2FDesktop%2Fcan%2Ftracking.html&tiba=Canada%20Post%20-%20Track%20a%20package%20by%20tracking%20number&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57a312c41f55655316b7f662c2f61be3b32e50c9190770004d15620f78c27c72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1146
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1011747518/ 3 KB
1 KB 141ms
53ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1011747518/?random=1645463822819&cv=9&fst=1645463822819&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635471&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa2g0&sendb=1&ig=1&data=event%3Dpage_view%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=file%3A%2F%2F%2FC%3A%2FUsers%2FArduino%2FDesktop%2Fcan%2Ftracking.html&tiba=Canada%20Post%20-%20Track%20a%20package%20by%20tracking%20number&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d15b15ae8fe77aac0010ac0c6ce2891eea9c8a6badd9d1a29be2a079cd7172b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1146
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1011747518/ 3 KB
1 KB 139ms
51ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1011747518/?random=1645463500052&cv=9&fst=1645463500052&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa2g0&sendb=1&ig=1&data=event%3Dpage_view%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=file%3A%2F%2F%2FC%3A%2FUsers%2FArduino%2FDesktop%2Fcan%2Ftracking.html&tiba=Canada%20Post%20-%20Track%20a%20package%20by%20tracking%20number&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d45d27ead8c38956d7f640025d9d47a214d8dd5c8782ba91f2ee5802ad7660e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1133
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1011747518/ 2 KB
1 KB 143ms
55ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1011747518/?random=1645463500053&cv=9&fst=1645463500053&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635471&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=file%3A%2F%2F%2FC%3A%2FUsers%2FArduino%2FDesktop%2Fcan%2Ftracking.html&tiba=Canada%20Post%20-%20Track%20a%20package%20by%20tracking%20number&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

479c6bd59d67a7b56e13ac91c313bca8cba3852d7015becdf0131c1bada4f3ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1087
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1011747518/ 3 KB
1 KB 144ms
56ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1011747518/?random=1645463500054&cv=9&fst=1645463500054&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635471&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa2g0&sendb=1&ig=1&data=event%3Dpage_view%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=file%3A%2F%2F%2FC%3A%2FUsers%2FArduino%2FDesktop%2Fcan%2Ftracking.html&tiba=Canada%20Post%20-%20Track%20a%20package%20by%20tracking%20number&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a592209f7eeb33781bf57dfc696f913a4cae61d0e5af9303ad44ad8b01a3e03c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1145
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 11.f94ae62479d5b3566b98.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 57 KB
18 KB 66ms
46ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/11.f94ae62479d5b3566b98.chunk.js?Q_CLIENTVERSION=1.66.1&Q_CLIENTTYPE=web&Q_BRANDID=

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f495b0356a71a36df0640d33686b4e2122c74ea174bc4b593b7c1d469a00515

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 140590
cf-polished: origSize=59349
cf-ray: 6e21922b78a8908e-FRA
edge-control: max-age=604800
x-envoy-upstream-service-time: 10
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 11 Feb 2022 00:35:36 GMT
server: cloudflare
etag: W/"e7d5-17ee634efc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify

GET
H2 200 4.add54fa9a4302d9dcee6.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 2 KB
906 B 66ms
46ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/4.add54fa9a4302d9dcee6.chunk.js?Q_CLIENTVERSION=1.66.1&Q_CLIENTTYPE=web&Q_BRANDID=canadapostdigital

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e444d7b706bfd14ec1c3a5f980a93b0a70af3fa07a2bc94e134987a3b77495d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 140578
cf-polished: origSize=2539
cf-ray: 6e21922b78a9908e-FRA
edge-control: max-age=604800
x-envoy-upstream-service-time: 3
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 11 Feb 2022 00:35:36 GMT
server: cloudflare
etag: W/"9eb-17ee634efc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify

GET
H2 200 1.452834941ec50883cf7b.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 28 KB
7 KB 64ms
44ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/1.452834941ec50883cf7b.chunk.js?Q_CLIENTVERSION=1.66.1&Q_CLIENTTYPE=web&Q_BRANDID=canadapostdigital

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2c81d373c6ef2701c910ddea7d457687d9773bf3a3163ccff1740a3eaca0f3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 103184
cf-polished: origSize=29269
cf-ray: 6e21922b78b0908e-FRA
edge-control: max-age=604800
x-envoy-upstream-service-time: 8
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 11 Feb 2022 00:35:36 GMT
server: cloudflare
etag: W/"7255-17ee634efc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify

GET
H2 200 cpc-main-logo.svg
www.returned.tracking-ca612056212qb.online/restor/assetss/ 12 KB
4 KB 558ms
549ms Image
image/svg+xml 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/cpc-main-logo.svg

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

e467e89a41e68909313eef448847f3446650158fb5d046295fea70fd7d776b87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:40 GMT
content-encoding: br
last-modified: Mon, 21 Feb 2022 01:27:10 GMT
server: LiteSpeed
etag: "3037-6212ea6e-b876e5c606bf503b;br"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 3734
expires: Wed, 02 Mar 2022 15:43:40 GMT

GET
H2 200 cpc-logo.svg
www.returned.tracking-ca612056212qb.online/restor/assetss/ 938 B
674 B 558ms
549ms Image
image/svg+xml 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/cpc-logo.svg

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

52044e8d2e2dc085d3cff4cb721560e811200cc7ed7ab45f5ee32467f895df0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:40 GMT
content-encoding: br
last-modified: Mon, 21 Feb 2022 01:27:10 GMT
server: LiteSpeed
etag: "3aa-6212ea6e-f11e140c9a684b4d;br"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 553
expires: Wed, 02 Mar 2022 15:43:40 GMT

GET
H2 200 search.svg
www.returned.tracking-ca612056212qb.online/restor/assetss/ 320 B
257 B 558ms
550ms Image
image/svg+xml 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/search.svg

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

3228f4cd6fd28ef733c3d98079f3478b1c4cb3338dcd7b95658ba731b817e113

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:40 GMT
content-encoding: br
last-modified: Mon, 21 Feb 2022 01:27:10 GMT
server: LiteSpeed
etag: "140-6212ea6e-abe39e088fc044f1;br"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 194
expires: Wed, 02 Mar 2022 15:43:40 GMT

GET
H2 200 info-glyph.svg
www.returned.tracking-ca612056212qb.online/restor/assetss/ 2 KB
667 B 559ms
551ms Image
image/svg+xml 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/info-glyph.svg

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

2c3ef75ec5c7389ab19835091856419a5e6c220a8446ed5145561705912ac971

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:40 GMT
content-encoding: br
last-modified: Mon, 21 Feb 2022 01:27:10 GMT
server: LiteSpeed
etag: "614-6212ea6e-4b9d3b13f96fa9d5;br"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 603
expires: Wed, 02 Mar 2022 15:43:40 GMT

GET
H2 200 No_Tracked_Items.svg
www.returned.tracking-ca612056212qb.online/restor/assetss/ 6 KB
2 KB 559ms
551ms Image
image/svg+xml 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/No_Tracked_Items.svg

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

9a4cf81db2f47b8e6dc55b9d84dd6485e72517354d7a6bceb7b3102880ea0900

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:40 GMT
content-encoding: br
last-modified: Mon, 21 Feb 2022 01:27:10 GMT
server: LiteSpeed
etag: "18c4-6212ea6e-cf93e93ca0fae89a;br"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 1542
expires: Wed, 02 Mar 2022 15:43:40 GMT

GET
H2 200 Plus.svg
www.returned.tracking-ca612056212qb.online/restor/assetss/ 625 B
415 B 560ms
552ms Image
image/svg+xml 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/Plus.svg

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

eb53bd4dea7062e9a7eb7b5cc56576ac7d773142684850caa93c6f4ae2104a40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:40 GMT
content-encoding: br
last-modified: Mon, 21 Feb 2022 01:27:10 GMT
server: LiteSpeed
etag: "271-6212ea6e-82291e8d98445ea4;br"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 352
expires: Wed, 02 Mar 2022 15:43:40 GMT

GET
H2 200 css2
fonts.googleapis.com/ 21 KB
2 KB 139ms
49ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;0,900;1,300;1,400;1,500;1,700;1,900&display=swap

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/assetss/cpc-main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8dfc0ae8ecca5b8d31b22274afd2d694f14a18cdaaaeae1808c51fd6f4abe91d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 14:06:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 23 Feb 2022 15:43:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 23 Feb 2022 15:43:39 GMT

GET
H2 200 Barcodes1.jpg
www.returned.tracking-ca612056212qb.online/restor/assetss/ 425 KB
425 KB 561ms
554ms Image
image/jpeg 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/Barcodes1.jpg

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

af0ff38759324a8313d883ff16f681e2f8ca9cb55831212e3a4a7682d1b93f78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:40 GMT
last-modified: Mon, 21 Feb 2022 01:27:10 GMT
server: LiteSpeed
etag: "6a4b5-6212ea6e-401f2018ddf4a7f0;;;"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 435381
expires: Wed, 02 Mar 2022 15:43:40 GMT

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0C4E3704533345770A490D44%40AdobeOrg&d_nsid=0&ts=1645631019356
https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0C4E3704533345770A490D44%40AdobeOrg&d_nsid=0&ts=1645631019356

369 B
1 KB

34ms
34ms

XHR
application/json

34.240.134.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0C4E3704533345770A490D44%40AdobeOrg&d_nsid=0&ts=1645631019356

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

HTTP/1.1

Server

34.240.134.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-240-134-29.eu-west-1.compute.amazonaws.com

Software

Resource Hash

a010df4e1770a89ac0e537b1a047a962eb31f1d05123ff78f4651d78419753ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v028-0054810bc.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: qFufSov/S1s=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.returned.tracking-ca612056212qb.online
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 310
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v028-051e97d6d.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://www.returned.tracking-ca612056212qb.online
X-TID: zkuyrU9lSSM=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0C4E3704533345770A490D44%40AdobeOrg&d_nsid=0&ts=1645631019356
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 EXb471ab3b98694cd895b87487d7a7c6ec-libraryCode_source.min.js Show response
assets.adobedtm.com/0ccf8b9a711f/6e634e5f652e/7fc36888b1ad/ 80 KB
28 KB 33ms
6ms Script
application/x-javascript 2a02:26f0:fb:59e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/0ccf8b9a711f/6e634e5f652e/7fc36888b1ad/EXb471ab3b98694cd895b87487d7a7c6ec-libraryCode_source.min.js
Requested by: Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/assetss/satelliteLib-f2fc6f00da802a0747b6ffed3c12e3931bfca496.js.download
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:fb:59e::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 279d83c910b426bd368771e048026e1b7e7481007b7290313f714a729be39c74

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:39 GMT
content-encoding: gzip
last-modified: Fri, 18 Feb 2022 21:33:26 GMT
server: AkamaiNetStorage
etag: "119a99e66a5c749290e4867a6073de03:1645220006.737545"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.returned.tracking-ca612056212qb.online
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 28310
expires: Wed, 23 Feb 2022 16:43:39 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 51ms
24ms Script
application/javascript 143.204.98.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-86.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 07:22:23 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 30076
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 9c7c26f5beeb09381cea450ea3581b36.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: c02DmsACoOxgHb77tLxx9AZKoBaCDNgCgIZSrHMYUyQVyXdCUG6ETw==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 82 KB
28 KB 159ms
66ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f22199bae8b8829f81d8838b76a9a97c5817a477e25105aebe4397d198e89856

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27612
x-xss-protection: 0
server: sffe
etag: "1140 / 833 of 1000 / last-modified: 1645618101"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 23 Feb 2022 15:43:39 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1011747518/ 42 B
108 B 158ms
63ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1011747518/?random=1645377835407&cv=9&fst=1645376400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=3&u_tz=-300&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Ftrack-reperage%2Fen&ref=https%3A%2F%2Fwww.google.com%2F&tiba=Canada%20Post%20-%20Track%20a%20package%20by%20tracking%20number%20%2F%20Postes%20Canada%20-%20Rep%C3%A9rer%20un%20colis%20au%20moyen%20du%20num%C3%A9ro%20de%20rep%C3%A9rage&async=1&fmt=3&is_vtc=1&random=3722456601&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1011747518/ 42 B
108 B 315ms
220ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1011747518/?random=1645377835412&cv=9&fst=1645376400000&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=3&u_tz=-300&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa2g0&sendb=1&data=event%3Dpage_view%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fwww.canadapost-postescanada.ca%2Ftrack-reperage%2Fen&ref=https%3A%2F%2Fwww.google.com%2F&tiba=Canada%20Post%20-%20Track%20a%20package%20by%20tracking%20number%20%2F%20Postes%20Canada%20-%20Rep%C3%A9rer%20un%20colis%20au%20moyen%20du%20num%C3%A9ro%20de%20rep%C3%A9rage&async=1&fmt=3&is_vtc=1&random=542094693&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 11.f94ae62479d5b3566b98.chunk.js.download
www.returned.tracking-ca612056212qb.online/restor/assetss/ 0
0 139ms
139ms Script
text/html 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/11.f94ae62479d5b3566b98.chunk.js.download

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:39 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1237
strict-transport-security: max-age=31536000
content-type: text/html

GET
H2 200 Barcodes2.jpg
www.returned.tracking-ca612056212qb.online/restor/assetss/ 312 KB
312 KB 560ms
554ms Image
image/jpeg 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/Barcodes2.jpg

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

123f24a220dcb3811035d4bfcb3395a7feb51fef5da5532242eca3106c99df72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:40 GMT
last-modified: Mon, 21 Feb 2022 01:27:10 GMT
server: LiteSpeed
etag: "4df9b-6212ea6e-af6b860082b5d04f;;;"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 319387
expires: Wed, 02 Mar 2022 15:43:40 GMT

GET
H2 200 Barcodes3.jpg
www.returned.tracking-ca612056212qb.online/restor/assetss/ 293 KB
293 KB 560ms
554ms Image
image/jpeg 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/Barcodes3.jpg

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

738fd24a72e6008169e004b6a6b5f74d651953d1d90d645a4decdf28012f7ceb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:40 GMT
last-modified: Mon, 21 Feb 2022 01:27:10 GMT
server: LiteSpeed
etag: "4921c-6212ea6e-ee8f4c628c3aa6de;;;"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 299548
expires: Wed, 02 Mar 2022 15:43:40 GMT

GET
H2 200 MobileApp_lg_en.jpg
www.returned.tracking-ca612056212qb.online/restor/assetss/ 81 KB
81 KB 560ms
554ms Image
image/jpeg 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/MobileApp_lg_en.jpg

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

12636ae94be1b787eea7db3083274d06b856fd802111786428ba732d4c010aeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:40 GMT
last-modified: Mon, 21 Feb 2022 01:27:12 GMT
server: LiteSpeed
etag: "14443-6212ea70-99ed48fc230799c1;;;"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 83011
expires: Wed, 02 Mar 2022 15:43:40 GMT

GET
H2 200 apple-store-badge_en.png
www.returned.tracking-ca612056212qb.online/restor/assetss/ 9 KB
9 KB 562ms
556ms Image
image/png 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/apple-store-badge_en.png

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

53ec06fc03e9d183baefe6291fe06331908247eed14a775ee805855662b6f48b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:40 GMT
last-modified: Mon, 21 Feb 2022 01:27:12 GMT
server: LiteSpeed
etag: "2242-6212ea70-5bb2fd368b5c6ae6;;;"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 8770
expires: Wed, 02 Mar 2022 15:43:40 GMT

GET
H2 200 google-play-badge_en.png
www.returned.tracking-ca612056212qb.online/restor/assetss/ 12 KB
12 KB 562ms
556ms Image
image/png 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/google-play-badge_en.png

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

ffc2023778c8007c764ffbd2375de234d76d482879531e1910797b6f96c4e60b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:40 GMT
last-modified: Mon, 21 Feb 2022 01:27:12 GMT
server: LiteSpeed
etag: "304f-6212ea70-c318bf277a64a0d5;;;"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 12367
expires: Wed, 02 Mar 2022 15:43:40 GMT

GET
H/1.1

200
OK

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=9198&time=1645631019430&url=https%3A%2F%2Fwww.returned.tracking-ca612056212qb.online%2Frestor%2Findex.php%3Fid%3D69363191008
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D9198%26time%3D1645631019430%26url%3Dhttps%253A%252F%252Fwww.returned.tracking-ca6...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=9198&time=1645631019430&url=https%3A%2F%2Fwww.returned.tracking-ca612056212qb.online%2Frestor%2Findex.php%3Fid%3D69363191008&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=9198&time=1645631019430&url=https%3A%2F%2Fwww.returned.tracking-ca612056212qb.online%2Frestor%2Findex.php%3Fid%3D69363191008&liSync=true&e_ipv6=A...

0
545 B

300ms
105ms

Image
application/javascript

108.174.10.24
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=9198&time=1645631019430&url=https%3A%2F%2Fwww.returned.tracking-ca612056212qb.online%2Frestor%2Findex.php%3Fid%3D69363191008&liSync=true&e_ipv6=AQIjiwSXvQqU9AAAAX8nQJzi464_sxW-WeHNXu0Or8A2Evd8vMuNTEgkQxTMxdKpXcXmEBSV
Requested by: Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
Protocol: HTTP/1.1
Server: 108.174.10.24 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-24.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 23 Feb 2022 15:43:40 GMT
Connection: keep-alive
NEL: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
Server: Play
LinkedIn-Action: 1
Report-To: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
X-Li-Fabric: prod-lva1
X-LI-Proto: http/1.1
X-Li-Pop: prod-lva1-x
Content-Type: application/javascript
content-length: 0
X-LI-UUID: AAXYsVRpRfytuvaCVRqoXg==

Redirect headers

date: Wed, 23 Feb 2022 15:43:39 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 8A73EF0F268741A0BACF57C5527F1562 Ref B: FRAEDGE0808 Ref C: 2022-02-23T15:43:40Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=9198&time=1645631019430&url=https%3A%2F%2Fwww.returned.tracking-ca612056212qb.online%2Frestor%2Findex.php%3Fid%3D69363191008&liSync=true&e_ipv6=AQIjiwSXvQqU9AAAAX8nQJzi464_sxW-WeHNXu0Or8A2Evd8vMuNTEgkQxTMxdKpXcXmEBSV
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
x-li-uuid: AAXYsVRkqqIAjaDSxEYuPw==

GET
H2 200 id Show response
sslstats.canadapost.ca/ 48 B
527 B 68ms
16ms XHR
application/x-javascript 15.188.95.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sslstats.canadapost.ca/id?d_visid_ver=5.2.0&d_fieldgroup=A&mcorgid=0C4E3704533345770A490D44%40AdobeOrg&mid=55657432146818332321981586415102041031&ts=1645631019519

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/assetss/satelliteLib-f2fc6f00da802a0747b6ffed3c12e3931bfca496.js.download

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

ce46d86e064e6b32f26d759b701c4c858c58cdf6c09f75e13c220ddb3f33ef4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.returned.tracking-ca612056212qb.online/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 23 Feb 2022 15:43:39 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-cdfbd77b-62966
vary: Origin
x-c: main-1585.I7afc85.M0-540
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.returned.tracking-ca612056212qb.online
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YhZWKwAAAF48SwQS
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=55636192172885478551983991337108007640
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YhZWKwAAAF48SwQS

42 B
945 B

35ms
33ms

Image
image/gif

34.240.134.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YhZWKwAAAF48SwQS

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

HTTP/1.1

Server

34.240.134.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-240-134-29.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v028-086712121.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: EbhE94jgQcM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YhZWKwAAAF48SwQS
Date: Wed, 23 Feb 2022 15:43:39 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 json Show response
canadapost.tt.omtrdc.net/m2/canadapost/mbox/ 96 B
416 B 129ms
43ms XHR
application/json 34.248.44.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://canadapost.tt.omtrdc.net/m2/canadapost/mbox/json?mbox=target-global-mbox&mboxSession=9211a4534fa445d78ceb985f98c085c7&mboxPC=&mboxPage=c7a0640fcc1a4d3f8b238376db9e4999&mboxRid=9fa709172de344db981edc0904e4f5f4&mboxVersion=1.8.3&mboxCount=1&mboxTime=1645631019403&mboxHost=www.returned.tracking-ca612056212qb.online&mboxURL=https%3A%2F%2Fwww.returned.tracking-ca612056212qb.online%2Frestor%2Findex.php%3Fid%3D69363191008&mboxReferrer=&browserHeight=1200&browserWidth=1600&browserTimeOffset=0&screenHeight=1200&screenWidth=1600&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&webGLRenderer=Intel%20Iris%20OpenGL%20Engine&user.status=anonymous&visitNumber=1&user.profileType=anonymous&mboxMCSDID=37966D06DD35A5AE-4095BF1AAECCCE87&vst.trk=sslstats.canadapost.ca&vst.trks=sslstats.canadapost.ca&mboxMCGVID=55657432146818332321981586415102041031&mboxAAMB=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&mboxMCGLH=6
Requested by: Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/assetss/satelliteLib-f2fc6f00da802a0747b6ffed3c12e3931bfca496.js.download
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.44.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-44-115.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6a0f21f7d7ab82d78d5f71b0f00e8176bcfb4dc36a27896062754e20e5aefda8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:39 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.returned.tracking-ca612056212qb.online
cache-control: no-cache
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 96
x-request-id: 9fa709172de344db981edc0904e4f5f4

GET
H2 404 4.add54fa9a4302d9dcee6.chunk.js.download
www.returned.tracking-ca612056212qb.online/restor/assetss/ 0
0 140ms
140ms Script
text/html 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/4.add54fa9a4302d9dcee6.chunk.js.download

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:39 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1237
strict-transport-security: max-age=31536000
content-type: text/html

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 101 KB
40 KB 73ms
69ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1011747518&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-9852050&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f84bb1211171ea4ee915fe46fa04ebcb3c3b602d873da0977d553428a4c6952b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:39 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40733
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 23 Feb 2022 15:43:39 GMT

GET
H2 404 1.452834941ec50883cf7b.chunk.js.download
www.returned.tracking-ca612056212qb.online/restor/assetss/ 0
0 140ms
140ms Script
text/html 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/1.452834941ec50883cf7b.chunk.js.download

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:39 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1237
strict-transport-security: max-age=31536000
content-type: text/html

GET
H2 200 /
www.google.com/pagead/1p-user-list/1011747518/ 42 B
108 B 156ms
63ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1011747518/?random=1645463500048&cv=9&fst=1645462800000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=file%3A%2F%2F%2FC%3A%2FUsers%2FArduino%2FDesktop%2Fcan%2Ftracking.html&tiba=Canada%20Post%20-%20Track%20a%20package%20by%20tracking%20number&async=1&fmt=3&is_vtc=1&random=3413297132&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1011747518/ 42 B
108 B 151ms
60ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1011747518/?random=1645463500048&cv=9&fst=1645462800000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=file%3A%2F%2F%2FC%3A%2FUsers%2FArduino%2FDesktop%2Fcan%2Ftracking.html&tiba=Canada%20Post%20-%20Track%20a%20package%20by%20tracking%20number&async=1&fmt=3&is_vtc=1&random=3413297132&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1011747518/ 42 B
548 B 118ms
62ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1011747518/?random=1645463822811&cv=9&fst=1645462800000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=file%3A%2F%2F%2FC%3A%2FUsers%2FArduino%2FDesktop%2Fcan%2Ftracking.html&tiba=Canada%20Post%20-%20Track%20a%20package%20by%20tracking%20number&async=1&fmt=3&is_vtc=1&random=2338139657&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1011747518/ 42 B
548 B 107ms
59ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1011747518/?random=1645463822811&cv=9&fst=1645462800000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=file%3A%2F%2F%2FC%3A%2FUsers%2FArduino%2FDesktop%2Fcan%2Ftracking.html&tiba=Canada%20Post%20-%20Track%20a%20package%20by%20tracking%20number&async=1&fmt=3&is_vtc=1&random=2338139657&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1011747518/ 42 B
64 B 134ms
71ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1011747518/?random=1645463822816&cv=9&fst=1645462800000&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&eid=376635471&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa2g0&sendb=1&data=event%3Dpage_view%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=file%3A%2F%2F%2FC%3A%2FUsers%2FArduino%2FDesktop%2Fcan%2Ftracking.html&tiba=Canada%20Post%20-%20Track%20a%20package%20by%20tracking%20number&async=1&fmt=3&is_vtc=1&random=103018313&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1011747518/ 42 B
64 B 132ms
70ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1011747518/?random=1645463822816&cv=9&fst=1645462800000&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&eid=376635471&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa2g0&sendb=1&data=event%3Dpage_view%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=file%3A%2F%2F%2FC%3A%2FUsers%2FArduino%2FDesktop%2Fcan%2Ftracking.html&tiba=Canada%20Post%20-%20Track%20a%20package%20by%20tracking%20number&async=1&fmt=3&is_vtc=1&random=103018313&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1011747518/ 42 B
64 B 124ms
62ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1011747518/?random=1645463822817&cv=9&fst=1645462800000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=file%3A%2F%2F%2FC%3A%2FUsers%2FArduino%2FDesktop%2Fcan%2Ftracking.html&tiba=Canada%20Post%20-%20Track%20a%20package%20by%20tracking%20number&async=1&fmt=3&is_vtc=1&random=1132894590&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1011747518/ 42 B
64 B 120ms
60ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1011747518/?random=1645463822817&cv=9&fst=1645462800000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=file%3A%2F%2F%2FC%3A%2FUsers%2FArduino%2FDesktop%2Fcan%2Ftracking.html&tiba=Canada%20Post%20-%20Track%20a%20package%20by%20tracking%20number&async=1&fmt=3&is_vtc=1&random=1132894590&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1011747518/ 42 B
64 B 132ms
71ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1011747518/?random=1645463822818&cv=9&fst=1645462800000&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&eid=376635471&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa2g0&sendb=1&data=event%3Dpage_view%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=file%3A%2F%2F%2FC%3A%2FUsers%2FArduino%2FDesktop%2Fcan%2Ftracking.html&tiba=Canada%20Post%20-%20Track%20a%20package%20by%20tracking%20number&async=1&fmt=3&is_vtc=1&random=1578739626&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1011747518/ 42 B
64 B 131ms
71ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1011747518/?random=1645463822818&cv=9&fst=1645462800000&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&eid=376635471&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa2g0&sendb=1&data=event%3Dpage_view%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=file%3A%2F%2F%2FC%3A%2FUsers%2FArduino%2FDesktop%2Fcan%2Ftracking.html&tiba=Canada%20Post%20-%20Track%20a%20package%20by%20tracking%20number&async=1&fmt=3&is_vtc=1&random=1578739626&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1011747518/ 42 B
64 B 132ms
71ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1011747518/?random=1645463822819&cv=9&fst=1645462800000&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&eid=376635471&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa2g0&sendb=1&data=event%3Dpage_view%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=file%3A%2F%2F%2FC%3A%2FUsers%2FArduino%2FDesktop%2Fcan%2Ftracking.html&tiba=Canada%20Post%20-%20Track%20a%20package%20by%20tracking%20number&async=1&fmt=3&is_vtc=1&random=855063198&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1011747518/ 42 B
64 B 117ms
56ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1011747518/?random=1645463822819&cv=9&fst=1645462800000&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&eid=376635471&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa2g0&sendb=1&data=event%3Dpage_view%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=file%3A%2F%2F%2FC%3A%2FUsers%2FArduino%2FDesktop%2Fcan%2Ftracking.html&tiba=Canada%20Post%20-%20Track%20a%20package%20by%20tracking%20number&async=1&fmt=3&is_vtc=1&random=855063198&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1011747518/ 42 B
64 B 133ms
71ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1011747518/?random=1645463500052&cv=9&fst=1645462800000&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa2g0&sendb=1&data=event%3Dpage_view%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=file%3A%2F%2F%2FC%3A%2FUsers%2FArduino%2FDesktop%2Fcan%2Ftracking.html&tiba=Canada%20Post%20-%20Track%20a%20package%20by%20tracking%20number&async=1&fmt=3&is_vtc=1&random=2172945657&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1011747518/ 42 B
64 B 124ms
64ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1011747518/?random=1645463500052&cv=9&fst=1645462800000&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa2g0&sendb=1&data=event%3Dpage_view%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=file%3A%2F%2F%2FC%3A%2FUsers%2FArduino%2FDesktop%2Fcan%2Ftracking.html&tiba=Canada%20Post%20-%20Track%20a%20package%20by%20tracking%20number&async=1&fmt=3&is_vtc=1&random=2172945657&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1011747518/ 42 B
64 B 133ms
72ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1011747518/?random=1645463500053&cv=9&fst=1645462800000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=file%3A%2F%2F%2FC%3A%2FUsers%2FArduino%2FDesktop%2Fcan%2Ftracking.html&tiba=Canada%20Post%20-%20Track%20a%20package%20by%20tracking%20number&async=1&fmt=3&is_vtc=1&random=3172840486&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1011747518/ 42 B
64 B 130ms
69ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1011747518/?random=1645463500053&cv=9&fst=1645462800000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=file%3A%2F%2F%2FC%3A%2FUsers%2FArduino%2FDesktop%2Fcan%2Ftracking.html&tiba=Canada%20Post%20-%20Track%20a%20package%20by%20tracking%20number&async=1&fmt=3&is_vtc=1&random=3172840486&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1011747518/ 42 B
64 B 124ms
62ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1011747518/?random=1645463500054&cv=9&fst=1645462800000&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&eid=376635471&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa2g0&sendb=1&data=event%3Dpage_view%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=file%3A%2F%2F%2FC%3A%2FUsers%2FArduino%2FDesktop%2Fcan%2Ftracking.html&tiba=Canada%20Post%20-%20Track%20a%20package%20by%20tracking%20number&async=1&fmt=3&is_vtc=1&random=1739457196&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1011747518/ 42 B
64 B 119ms
59ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1011747518/?random=1645463500054&cv=9&fst=1645462800000&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&eid=376635471&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa2g0&sendb=1&data=event%3Dpage_view%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=file%3A%2F%2F%2FC%3A%2FUsers%2FArduino%2FDesktop%2Fcan%2Ftracking.html&tiba=Canada%20Post%20-%20Track%20a%20package%20by%20tracking%20number&async=1&fmt=3&is_vtc=1&random=1739457196&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK search.svg
www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/ 320 B
983 B 655ms
583ms Image
image/svg+xml 2a02:26f0:6c00:28f::1dc5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/search.svg

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/assetss/cpc-main.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:28f::1dc5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3228f4cd6fd28ef733c3d98079f3478b1c4cb3338dcd7b95658ba731b817e113

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
p3p: CP="NON CUR OTPi OUR NOR UNI"
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 218
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
Last-Modified: Mon, 05 Feb 2018 18:44:49 GMT
x-frame-options: SAMEORIGIN
Date: Wed, 23 Feb 2022 15:43:40 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=31536000; includeSubdomains; preload
Content-Type: image/svg+xml
Cache-Control: max-age=86400, private
ETag: "5a78a621-140"
Accept-Ranges: bytes
Expires: Tue, 18 May 2021 07:03:01 GMT

GET
H/1.1 200
OK alert.svg
www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/global-alert/ 1007 B
1 KB 481ms
409ms Image
image/svg+xml 2a02:26f0:6c00:28f::1dc5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/global-alert/alert.svg

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/assetss/cpc-main.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:28f::1dc5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e62e54914dbabecaaaa6b6ba4b605ec384be240d485555452e7e094a3c5d9b7c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
p3p: CP="NON CUR OTPi OUR NOR UNI"
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 455
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
Last-Modified: Fri, 26 Jan 2018 16:25:10 GMT
x-frame-options: SAMEORIGIN
Date: Wed, 23 Feb 2022 15:43:40 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=31536000; includeSubdomains; preload
Content-Type: image/svg+xml
Cache-Control: max-age=86400, private
ETag: "5a6b5666-3ef"
Accept-Ranges: bytes
Expires: Wed, 12 May 2021 06:15:58 GMT

GET
H/1.1 200
OK cancel.svg
www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/global-alert/ 817 B
1 KB 220ms
148ms Image
image/svg+xml 2a02:26f0:6c00:28f::1dc5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/global-alert/cancel.svg

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/assetss/cpc-main.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:28f::1dc5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8608c8e2dcc2a14b5b21503077bf54d62a215a013a4eb7b80b09099d201a445e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
p3p: CP="NON CUR OTPi OUR NOR UNI"
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 377
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
Last-Modified: Fri, 26 Jan 2018 16:25:10 GMT
x-frame-options: SAMEORIGIN
Date: Wed, 23 Feb 2022 15:43:40 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=31536000; includeSubdomains; preload
Content-Type: image/svg+xml
Cache-Control: max-age=86400, private
ETag: "5a6b5666-331"
Accept-Ranges: bytes
Expires: Tue, 14 Dec 2021 19:01:48 GMT

GET
H2 404 track-banner-chevron-desktop.svg
www.returned.tracking-ca612056212qb.online/track-reperage/assetss/images/track2.0/common/ 1 KB
1 KB 549ms
548ms Image
text/html 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.returned.tracking-ca612056212qb.online/track-reperage/assetss/images/track2.0/common/track-banner-chevron-desktop.svg

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

79ce4e2bbf25c4a4d91458d191d6ef268b4592169ae6586ba52242f412670b5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:40 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1237
strict-transport-security: max-age=31536000
content-type: text/html

GET
H2 404 white.svg
www.returned.tracking-ca612056212qb.online/track-reperage/assetss/images/track2.0/common/ 1 KB
1 KB 544ms
544ms Image
text/html 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.returned.tracking-ca612056212qb.online/track-reperage/assetss/images/track2.0/common/white.svg

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

79ce4e2bbf25c4a4d91458d191d6ef268b4592169ae6586ba52242f412670b5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:40 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1237
strict-transport-security: max-age=31536000
content-type: text/html

GET
H2 404 track-banner-bg-desktop.svg
www.returned.tracking-ca612056212qb.online/track-reperage/assetss/images/track2.0/common/ 1 KB
1 KB 549ms
548ms Image
text/html 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.returned.tracking-ca612056212qb.online/track-reperage/assetss/images/track2.0/common/track-banner-bg-desktop.svg

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

79ce4e2bbf25c4a4d91458d191d6ef268b4592169ae6586ba52242f412670b5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:40 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1237
strict-transport-security: max-age=31536000
content-type: text/html

GET
H2 404 track-icon-desktop.svg
www.returned.tracking-ca612056212qb.online/track-reperage/assetss/images/track2.0/common/ 1 KB
1 KB 544ms
543ms Image
text/html 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.returned.tracking-ca612056212qb.online/track-reperage/assetss/images/track2.0/common/track-icon-desktop.svg

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

79ce4e2bbf25c4a4d91458d191d6ef268b4592169ae6586ba52242f412670b5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:40 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1237
strict-transport-security: max-age=31536000
content-type: text/html

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 140ms
51ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;0,900;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.returned.tracking-ca612056212qb.online
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 18:59:49 GMT
x-content-type-options: nosniff
age: 74630
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 22 Feb 2023 18:59:49 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 214ms
126ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;0,900;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.returned.tracking-ca612056212qb.online
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 20:07:55 GMT
x-content-type-options: nosniff
age: 70544
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 22 Feb 2023 20:07:55 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 259ms
171ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;0,900;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.returned.tracking-ca612056212qb.online
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 11:22:37 GMT
x-content-type-options: nosniff
age: 15662
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 23 Feb 2023 11:22:37 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 16 KB
16 KB 219ms
131ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;0,900;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.returned.tracking-ca612056212qb.online
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 05:33:18 GMT
x-content-type-options: nosniff
age: 36621
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 23 Feb 2023 05:33:18 GMT

GET
H2 200 close_grey.svg
www.returned.tracking-ca612056212qb.online/restor/assetss/ 603 B
368 B 1222ms
921ms Image
image/svg+xml 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/close_grey.svg

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

8754aadb1e4a2ae34539fa890aef276dcce219c3a22de8f6fa5c7a89e7edc523

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:40 GMT
content-encoding: br
last-modified: Mon, 21 Feb 2022 01:27:12 GMT
server: LiteSpeed
etag: "25b-6212ea70-7953220468eed0ae;br"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 305
expires: Wed, 02 Mar 2022 15:43:40 GMT

GET
H2 200 live-chat-icon.svg
www.returned.tracking-ca612056212qb.online/restor/assetss/ 2 KB
877 B 1222ms
922ms Image
image/svg+xml 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/live-chat-icon.svg

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

3653651e11f0a74c5a2e8925e34730a1fb8da827b51daabcd2d6a705f9999463

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:40 GMT
content-encoding: br
last-modified: Mon, 21 Feb 2022 01:27:12 GMT
server: LiteSpeed
etag: "7b5-6212ea70-1771f3136e6d7f32;br"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 813
expires: Wed, 02 Mar 2022 15:43:40 GMT

GET
H2 200 gov-canada-logo.svg
www.returned.tracking-ca612056212qb.online/restor/assetss/ 14 KB
5 KB 1222ms
921ms Image
image/svg+xml 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/gov-canada-logo.svg

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

6a50626ef34e5da6014662089f0775c6187d23e5c22379da71203848eac50ee3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:40 GMT
content-encoding: br
last-modified: Mon, 21 Feb 2022 01:27:12 GMT
server: LiteSpeed
etag: "37b3-6212ea70-bf8deed1bf09bc7b;br"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 4954
expires: Wed, 02 Mar 2022 15:43:40 GMT

GET
H2 200 jquery-ui.min.js.download Show response
www.returned.tracking-ca612056212qb.online/restor/assetss/ 248 KB
248 KB 779ms
478ms Script
application/octet-stream 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/jquery-ui.min.js.download

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:40 GMT
last-modified: Mon, 21 Feb 2022 01:27:12 GMT
server: LiteSpeed
etag: "3dee5-6212ea70-9f6e49b947d35518;;;"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
accept-ranges: bytes
content-length: 253669

GET
H2 200 toggle.js.download Show response
www.returned.tracking-ca612056212qb.online/restor/assetss/ 13 KB
13 KB 942ms
641ms Script
application/octet-stream 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/toggle.js.download

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

f7f580369ac30ad1c770458e4c255a0c70e111be7c1b4b9ea6410bb0bbfd8f08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:40 GMT
last-modified: Mon, 21 Feb 2022 01:27:12 GMT
server: LiteSpeed
etag: "34cc-6212ea70-d360e62ac6db23ac;;;"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
accept-ranges: bytes
content-length: 13516

GET
H2 200 function.js.download Show response
www.returned.tracking-ca612056212qb.online/restor/assetss/ 22 KB
22 KB 942ms
641ms Script
application/octet-stream 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/function.js.download

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

c382870f87b6bb3afaae4566273f34a23f18ca840cf5aa868726d4d66c1c145e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:40 GMT
last-modified: Mon, 21 Feb 2022 01:27:12 GMT
server: LiteSpeed
etag: "5766-6212ea70-4a704e94419f08b0;;;"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
accept-ranges: bytes
content-length: 22374

GET
H2 200 responsive-header.js.download Show response
www.returned.tracking-ca612056212qb.online/restor/assetss/ 21 KB
21 KB 942ms
639ms Script
application/octet-stream 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/responsive-header.js.download

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

64430f94acefca97eaef4d65042ab77ca35dac0c0c4a57d5c52ffdfd54faacf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:40 GMT
last-modified: Mon, 21 Feb 2022 01:27:12 GMT
server: LiteSpeed
etag: "5415-6212ea70-f4a45212eb8353d6;;;"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
accept-ranges: bytes
content-length: 21525

GET
H2 200 register.js.download Show response
www.returned.tracking-ca612056212qb.online/restor/assetss/ 4 KB
4 KB 942ms
639ms Script
application/octet-stream 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/register.js.download

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

683769299759a5cea73358caec8e4f92c3615139b1b329d20e387f1bceee31b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:40 GMT
last-modified: Mon, 21 Feb 2022 01:27:12 GMT
server: LiteSpeed
etag: "1059-6212ea70-c34962100f7a9cad;;;"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
accept-ranges: bytes
content-length: 4185

GET
H2 404 cwc.js.download
www.returned.tracking-ca612056212qb.online/restor/assetss/ 0
0 943ms
640ms Script
text/html 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/cwc.js.download

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:40 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1237
strict-transport-security: max-age=31536000
content-type: text/html

GET
H2 200 track.js.download Show response
www.returned.tracking-ca612056212qb.online/restor/assetss/ 6 KB
6 KB 943ms
640ms Script
application/octet-stream 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/track.js.download

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

5f03f83bd7e313c27ac8dd16b5ac8a6eafb8c16a6891d79183a2c9f6d826ab1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:40 GMT
last-modified: Mon, 21 Feb 2022 01:27:12 GMT
server: LiteSpeed
etag: "1605-6212ea70-9911596b5e5bf5ae;;;"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
accept-ranges: bytes
content-length: 5637

GET
H2 200 inline.30d58e1ba80cb9f2e8d9.bundle.js.download Show response
www.returned.tracking-ca612056212qb.online/restor/assetss/ 2 KB
2 KB 943ms
641ms Script
application/octet-stream 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/inline.30d58e1ba80cb9f2e8d9.bundle.js.download

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

2eb73aa64541e6cf0032942c80bcdb5012a45adc6e7c6e78b1a19de0444e3b1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:40 GMT
last-modified: Mon, 21 Feb 2022 01:27:12 GMT
server: LiteSpeed
etag: "699-6212ea70-9f40a695a2efd48b;;;"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
accept-ranges: bytes
content-length: 1689

GET
H2 200 polyfills.429da8bc2163952ceb85.bundle.js.download Show response
www.returned.tracking-ca612056212qb.online/restor/assetss/ 241 KB
241 KB 942ms
641ms Script
application/octet-stream 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/polyfills.429da8bc2163952ceb85.bundle.js.download

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

4c4f6ee77956f38cab82190bc1838688fd2c84f8ca23037c9647629105676cf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:40 GMT
last-modified: Mon, 21 Feb 2022 01:27:12 GMT
server: LiteSpeed
etag: "3c307-6212ea70-d8df145a4cced908;;;"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
accept-ranges: bytes
content-length: 246535

GET
H2 200 scripts.f3012896740d0cdb2c9b.bundle.js.download Show response
www.returned.tracking-ca612056212qb.online/restor/assetss/ 38 B
96 B 943ms
639ms Script
application/octet-stream 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/scripts.f3012896740d0cdb2c9b.bundle.js.download

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

b2cc470ca1f9343ddc3867eeea62bfd919f94df9bc1cf84bb8036542869c1397

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:40 GMT
last-modified: Mon, 21 Feb 2022 01:27:12 GMT
server: LiteSpeed
etag: "26-6212ea70-eab1979cf12b2163;;;"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
accept-ranges: bytes
content-length: 38

GET
H2 200 main.e6489688b59da8dd0409.bundle.js.download Show response
www.returned.tracking-ca612056212qb.online/restor/assetss/ 3 MB
3 MB 943ms
640ms Script
application/octet-stream 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/main.e6489688b59da8dd0409.bundle.js.download

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

920938a5ba533d0e766b90ef153b190185bdc349fbcffd1535bb52271d4bb371

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:40 GMT
last-modified: Mon, 21 Feb 2022 01:27:12 GMT
server: LiteSpeed
etag: "32f0ee-6212ea70-1ca38650cc8d3ce7;;;"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
accept-ranges: bytes
content-length: 3338478

GET
H2 200 saved_resource Show response
www.returned.tracking-ca612056212qb.online/restor/assetss/ 7 KB
7 KB 943ms
640ms Script
text/plain 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/saved_resource

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

227a5b92f8b3842930cb010753b1acbe0da3833d27220e38c2944f4dd54e3466

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:40 GMT
last-modified: Mon, 21 Feb 2022 01:27:12 GMT
server: LiteSpeed
accept-ranges: bytes
etag: "1c52-6212ea70-335cde89ddf46f55;;;"
content-length: 7250
strict-transport-security: max-age=31536000

GET
H2 200 CoreModule.js.download Show response
www.returned.tracking-ca612056212qb.online/restor/assetss/ 101 KB
101 KB 1219ms
915ms Script
application/octet-stream 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/CoreModule.js.download

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

b60af31f4402255b9fe3e40e493adfde0b7fdb8a71891151c04c51ca788e79eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:40 GMT
last-modified: Mon, 21 Feb 2022 01:27:12 GMT
server: LiteSpeed
etag: "192ad-6212ea70-18ed6ee75db23ec8;;;"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
accept-ranges: bytes
content-length: 103085

GET
H2 200 UserDefinedHTMLModule.js.download Show response
www.returned.tracking-ca612056212qb.online/restor/assetss/ 7 KB
7 KB 1219ms
916ms Script
application/octet-stream 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/UserDefinedHTMLModule.js.download

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

f6f011c0b9379c09b5a2fdda17a16749af0e4b207b9e136bedb891cedb2b8cc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:40 GMT
last-modified: Mon, 21 Feb 2022 01:27:14 GMT
server: LiteSpeed
etag: "1b42-6212ea72-1ab2fce30a9d0c09;;;"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
accept-ranges: bytes
content-length: 6978

GET
H2 200 ScreenCaptureModule.js.download Show response
www.returned.tracking-ca612056212qb.online/restor/assetss/ 25 KB
25 KB 1219ms
917ms Script
application/octet-stream 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/ScreenCaptureModule.js.download

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

9ca27b7ce0a96c6183df98cd355c30e9db59fb4ab7181a3abd9c5687e785622c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:40 GMT
last-modified: Mon, 21 Feb 2022 01:27:14 GMT
server: LiteSpeed
etag: "6532-6212ea72-e04b62dcfec32a83;;;"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
accept-ranges: bytes
content-length: 25906

GET
H2 200 remove_screen_capture.png
www.returned.tracking-ca612056212qb.online/restor/assetss/ 857 B
919 B 1222ms
919ms Image
image/png 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/remove_screen_capture.png

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

37f7e4cae3c3a409193078169c5731a142552e04ca3bbb19c85e87432ce58afb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:40 GMT
last-modified: Mon, 21 Feb 2022 01:27:14 GMT
server: LiteSpeed
etag: "359-6212ea72-ea36ca495a2e1d52;;;"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 857
expires: Wed, 02 Mar 2022 15:43:40 GMT

GET
H2 200 building_preview.gif
www.returned.tracking-ca612056212qb.online/restor/assetss/ 12 KB
12 KB 1222ms
920ms Image
image/gif 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/building_preview.gif

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

9096646da2177d5db92f79352509450582a376913bb5387557c1efd28d0c377b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:40 GMT
last-modified: Mon, 21 Feb 2022 01:27:14 GMT
server: LiteSpeed
etag: "3030-6212ea72-6dbec44f88bfb64;;;"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 12336
expires: Wed, 02 Mar 2022 15:43:40 GMT

GET
H2 404 adsct
www.returned.tracking-ca612056212qb.online/restor/assetss/ 0
0 942ms
640ms Script
text/html 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/adsct

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:40 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1237
strict-transport-security: max-age=31536000
content-type: text/html

GET
H2 200 / Show response
zn0xleir6swszany9-canadapostdigital.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 7 KB
3 KB 103ms
77ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zn0xleir6swszany9-canadapostdigital.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_0xleIR6sWSZaNY9&Q_LOC=file%3A%2F%2F%2FC%3A%2FUsers%2FArduino%2FDesktop%2Fcan%2Ftracking.html&t=1645463500542

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

227a5b92f8b3842930cb010753b1acbe0da3833d27220e38c2944f4dd54e3466

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 136192
cf-polished: origSize=8435
cf-ray: 6e2192334f46908e-FRA
edge-control: max-age=604800
x-envoy-upstream-service-time: 26
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"20f3-tefiRi1cMbCF7PLp5pyKGWtAYyU"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=604800
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 CoreModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 101 KB
32 KB 43ms
42ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.66.1&Q_CLIENTTYPE=web&Q_BRANDID=canadapostdigital

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b60af31f4402255b9fe3e40e493adfde0b7fdb8a71891151c04c51ca788e79eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 140592
cf-polished: origSize=103870
cf-ray: 6e2192327de5908e-FRA
edge-control: max-age=604800
x-envoy-upstream-service-time: 5
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 11 Feb 2022 00:35:36 GMT
server: cloudflare
etag: W/"195be-17ee634efc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify

GET
H2 200 / Show response
zn0xleir6swszany9-canadapostdigital.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 7 KB
3 KB 66ms
40ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

227a5b92f8b3842930cb010753b1acbe0da3833d27220e38c2944f4dd54e3466

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 136192
cf-polished: origSize=8435
cf-ray: 6e2192334f48908e-FRA
edge-control: max-age=604800
x-envoy-upstream-service-time: 26
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"20f3-tefiRi1cMbCF7PLp5pyKGWtAYyU"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=604800
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H/1.1 200
OK dest5.html Show response
canadapost.demdex.net/ Frame C779 7 KB
3 KB 146ms
35ms Document
text/html 52.31.233.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://canadapost.demdex.net/dest5.html?d_nsid=0

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/assetss/satelliteLib-f2fc6f00da802a0747b6ffed3c12e3931bfca496.js.download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.233.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-233-74.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Wed, 23 Feb 2022 15:43:40 GMT
DCS: dcs-prod-irl1-1-v028-011c1d713.edge-irl1.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Mon, 14 Feb 2022 15:44:39 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: +EiDSHKXRdk=
Content-Length: 2791
Connection: keep-alive

GET
H/1.1 200
OK feedback.svg
www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/toolbar-cg/ 724 B
1 KB 306ms
286ms Image
image/svg+xml 2a02:26f0:6c00:28f::1dc5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/toolbar-cg/feedback.svg

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/assetss/cpc-main.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:28f::1dc5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

acf56f4833ccd8789f66864deae46f9a6efb8625f15b9e5996a00e5634f094e1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload, max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self'
Content-Encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
p3p: CP="NON CUR OTPi OUR NOR UNI"
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 382
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
Last-Modified: Mon, 05 Feb 2018 18:45:12 GMT
x-frame-options: SAMEORIGIN
Date: Wed, 23 Feb 2022 15:43:40 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload, max-age=31536000; includeSubdomains; preload
Content-Type: image/svg+xml
Cache-Control: max-age=86400, private
ETag: "5a78a638-2d4"
Accept-Ranges: bytes
Expires: Mon, 11 Oct 2021 18:31:03 GMT

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6035946&ns__t=1645631019933&ns_c=UTF-8&cv=3.5&c8=Canada%20Post%20-%20Track%20a%20package%20by%20tracking%20number&c7=https%3A%2F%2Fwww.returned.tracking-c...
https://sb.scorecardresearch.com/b2?c1=2&c2=6035946&ns__t=1645631019933&ns_c=UTF-8&cv=3.5&c8=Canada%20Post%20-%20Track%20a%20package%20by%20tracking%20number&c7=https%3A%2F%2Fwww.returned.tracking-...

0
225 B

27ms
27ms

Image
text/plain

143.204.98.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6035946&ns__t=1645631019933&ns_c=UTF-8&cv=3.5&c8=Canada%20Post%20-%20Track%20a%20package%20by%20tracking%20number&c7=https%3A%2F%2Fwww.returned.tracking-ca612056212qb.online%2Frestor%2Findex.php%3Fid%3D69363191008&c9=
Requested by: Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
Protocol: H2
Server: 143.204.98.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-86.fra50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:39 GMT
via: 1.1 9c7c26f5beeb09381cea450ea3581b36.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: JwaTJbQxUeweiBIunQx35nCoSLhETXwgCuD3vsAQKpm3qE3lumUKYQ==
x-cache: Miss from cloudfront

Redirect headers

date: Wed, 23 Feb 2022 15:43:39 GMT
via: 1.1 9c7c26f5beeb09381cea450ea3581b36.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=6035946&ns__t=1645631019933&ns_c=UTF-8&cv=3.5&c8=Canada%20Post%20-%20Track%20a%20package%20by%20tracking%20number&c7=https%3A%2F%2Fwww.returned.tracking-ca612056212qb.online%2Frestor%2Findex.php%3Fid%3D69363191008&c9=
content-length: 283
x-amz-cf-id: G5rP17qzj3gltTmH4wxMFxzm8vVtB7siiFzJuXXVe1JPjbZBLm-2Ag==

GET
H2 200 s33604987480985
sslstats.canadapost.ca/b/ss/canadapostcapool/1/JS-2.5.0-LBWB/ 43 B
221 B 30ms
30ms Image
image/gif 15.188.95.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sslstats.canadapost.ca/b/ss/canadapostcapool/1/JS-2.5.0-LBWB/s33604987480985?AQB=1&ndh=1&pf=1&t=23%2F1%2F2022%2015%3A43%3A39%203%200&sdid=37966D06DD35A5AE-4095BF1AAECCCE87&mid=55657432146818332321981586415102041031&aamlh=6&ce=UTF-8&ns=canadapost&cdp=3&fpCookieDomainPeriods=3&g=https%3A%2F%2Fwww.returned.tracking-ca612056212qb.online%2Frestor%2Findex.php%3Fid%3D69363191008&c.&getVisitNum=4.2&endOfDatePeriod=1.2&.c&cc=CAD&server=www.returned.tracking-ca612056212qb.online&events=event96%3D19&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c3=D%3DpageName&v3=D%3DpageName&c8=www.returned.tracking-ca612056212qb.online&c9=D%3DpageName&v9=D%3DpageName&c10=D%3DpageName&v10=D%3DpageName&c11=D%3DpageName&v11=D%3DpageName&c13=D%3DpageName&v13=D%3DpageName&c14=common&v14=common&c15=en&v15=en&c16=standard&v16=standard&c17=anonymous&v17=anonymous&c24=www.returned.tracking-ca612056212qb.online&v24=www.returned.tracking-ca612056212qb.online&c34=10%3A30&v34=10%3A30&c35=Wednesday&v35=Wednesday&c36=weekday&v36=weekday&v37=First%20Visit&c39=New&v39=New&c56=None&v56=D%3Dc56&v69=D%3DUser-Agent&c70=D%3Dv70&v70=https%3A%2F%2Fwww.returned.tracking-ca612056212qb.online%2Frestor%2Findex.php%3Fid%3D69363191008&c72=19&v85=Wednesday%202022-2-23&v94=55657432146818332321981586415102041031&v122=anonymous&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=0C4E3704533345770A490D44%40AdobeOrg&AQE=1

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:39 GMT
x-content-type-options: nosniff
x-c: main-1585.I7afc85.M0-540
p3p: CP="This is not a P3P policy"
vary: *
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Thu, 24 Feb 2022 15:43:39 GMT
server: jag
xserver: anedge-cdfbd77b-rgqpw
etag: 3533965706031431680-4619906190416099841
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Tue, 22 Feb 2022 15:43:39 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1011747518/ 2 KB
1 KB 135ms
60ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1011747518/?random=1645631020048&cv=9&fst=1645631020048&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.returned.tracking-ca612056212qb.online%2Frestor%2Findex.php%3Fid%3D69363191008&tiba=Canada%20Post%20-%20Track%20a%20package%20by%20tracking%20number&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e4682fab8e097c87b1f7805726c662f67b5b3514f4ba9345ac0398ea36935d46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1094
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1011747518/ 3 KB
1 KB 133ms
61ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1011747518/?random=1645631020050&cv=9&fst=1645631020050&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&ig=1&data=event%3Dpage_view%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fwww.returned.tracking-ca612056212qb.online%2Frestor%2Findex.php%3Fid%3D69363191008&tiba=Canada%20Post%20-%20Track%20a%20package%20by%20tracking%20number&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aef7b3b7839a63c74be3defee1e751b8ac85a2e273a2b7bfec60acdae94fdcf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1151
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1011747518/ 2 KB
1 KB 226ms
155ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1011747518/?random=1645631020052&cv=9&fst=1645631020052&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.returned.tracking-ca612056212qb.online%2Frestor%2Findex.php%3Fid%3D69363191008&tiba=Canada%20Post%20-%20Track%20a%20package%20by%20tracking%20number&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09d38e6df31e02a66917ed98824da42e0de0770f313880b0a879cdf648a09f94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1095
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1011747518/ 2 KB
1 KB 133ms
62ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1011747518/?random=1645631020053&cv=9&fst=1645631020053&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.returned.tracking-ca612056212qb.online%2Frestor%2Findex.php%3Fid%3D69363191008&tiba=Canada%20Post%20-%20Track%20a%20package%20by%20tracking%20number&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aeb6f90d34a12eca52b5bc903c56bb033fb6cb99c255931464b3bdf2212c7356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1094
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1011747518/ 3 KB
1 KB 135ms
64ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1011747518/?random=1645631020054&cv=9&fst=1645631020054&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&ig=1&data=event%3Dpage_view%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fwww.returned.tracking-ca612056212qb.online%2Frestor%2Findex.php%3Fid%3D69363191008&tiba=Canada%20Post%20-%20Track%20a%20package%20by%20tracking%20number&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

acf8f5ac80909314187583188ea33f8192fcf18db6b20e7b2944472198ac4bc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1151
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1011747518/ 2 KB
1 KB 122ms
58ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1011747518/?random=1645631020056&cv=9&fst=1645631020056&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.returned.tracking-ca612056212qb.online%2Frestor%2Findex.php%3Fid%3D69363191008&tiba=Canada%20Post%20-%20Track%20a%20package%20by%20tracking%20number&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aadb712af0292ec48ffed43c37ced41411575f58842de6f9b1587adf6339a6c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1095
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1011747518/ 3 KB
1 KB 119ms
57ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1011747518/?random=1645631020057&cv=9&fst=1645631020057&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&ig=1&data=event%3Dpage_view%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fwww.returned.tracking-ca612056212qb.online%2Frestor%2Findex.php%3Fid%3D69363191008&tiba=Canada%20Post%20-%20Track%20a%20package%20by%20tracking%20number&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e44cc187e08b9307011a0f394146c19e3fcb052a15c3494443943578650a97a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1152
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/1011747518/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1011747518/?random=1645631020052&cv=9&fst=1645631020052&num=1&fmt=3&value=replace%20with%20value&bg=ffffff&guid=ON&resp=GooglemKTybQ...
https://www.google.com/pagead/1p-user-list/1011747518/?random=1645631020052&cv=9&fst=1645628400000&num=1&fmt=3&value=replace%20with%20value&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u...
https://www.google.de/pagead/1p-user-list/1011747518/?random=1645631020052&cv=9&fst=1645628400000&num=1&fmt=3&value=replace%20with%20value&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_...

42 B
64 B

60ms
59ms

Image
image/gif

2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1011747518/?random=1645631020052&cv=9&fst=1645628400000&num=1&fmt=3&value=replace%20with%20value&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&data=event%3Dpage_view%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fwww.returned.tracking-ca612056212qb.online%2Frestor%2Findex.php%3Fid%3D69363191008&tiba=Canada%20Post%20-%20Track%20a%20package%20by%20tracking%20number&async=1&is_vtc=1&random=3364624597&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:40 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/1011747518/?random=1645631020052&cv=9&fst=1645628400000&num=1&fmt=3&value=replace%20with%20value&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&data=event%3Dpage_view%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fwww.returned.tracking-ca612056212qb.online%2Frestor%2Findex.php%3Fid%3D69363191008&tiba=Canada%20Post%20-%20Track%20a%20package%20by%20tracking%20number&async=1&is_vtc=1&random=3364624597&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_2022021701.js Show response
securepubads.g.doubleclick.net/gpt/ 363 KB
122 KB 97ms
39ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

80df80639eff50b28f33ab6354c5f7448973e4f47c47fe0c3813c7dea361a7c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 14:21:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4930
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124510
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 09:34:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 23 Feb 2023 14:21:30 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 61 B
102 B 104ms
48ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.returned.tracking-ca612056212qb.online

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

6d152c946298385ccf2e47f3f068705ea8fccb9f9f8aee4aba6ec2230bca39e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 23 Feb 2022 15:43:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 77
x-xss-protection: 0
expires: Wed, 23 Feb 2022 15:43:40 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1011747518/ 42 B
64 B 53ms
53ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1011747518/?random=1645631020057&cv=9&fst=1645628400000&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&data=event%3Dpage_view%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fwww.returned.tracking-ca612056212qb.online%2Frestor%2Findex.php%3Fid%3D69363191008&tiba=Canada%20Post%20-%20Track%20a%20package%20by%20tracking%20number&async=1&fmt=3&is_vtc=1&random=3578328744&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1011747518/ 42 B
64 B 62ms
62ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1011747518/?random=1645631020057&cv=9&fst=1645628400000&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&data=event%3Dpage_view%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fwww.returned.tracking-ca612056212qb.online%2Frestor%2Findex.php%3Fid%3D69363191008&tiba=Canada%20Post%20-%20Track%20a%20package%20by%20tracking%20number&async=1&fmt=3&is_vtc=1&random=3578328744&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1011747518/ 42 B
64 B 72ms
70ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1011747518/?random=1645631020056&cv=9&fst=1645628400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.returned.tracking-ca612056212qb.online%2Frestor%2Findex.php%3Fid%3D69363191008&tiba=Canada%20Post%20-%20Track%20a%20package%20by%20tracking%20number&async=1&fmt=3&is_vtc=1&random=3857977365&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1011747518/ 42 B
64 B 54ms
52ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1011747518/?random=1645631020056&cv=9&fst=1645628400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.returned.tracking-ca612056212qb.online%2Frestor%2Findex.php%3Fid%3D69363191008&tiba=Canada%20Post%20-%20Track%20a%20package%20by%20tracking%20number&async=1&fmt=3&is_vtc=1&random=3857977365&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1011747518/ 42 B
64 B 60ms
59ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1011747518/?random=1645631020048&cv=9&fst=1645628400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.returned.tracking-ca612056212qb.online%2Frestor%2Findex.php%3Fid%3D69363191008&tiba=Canada%20Post%20-%20Track%20a%20package%20by%20tracking%20number&async=1&fmt=3&is_vtc=1&random=3166775557&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1011747518/ 42 B
64 B 57ms
55ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1011747518/?random=1645631020048&cv=9&fst=1645628400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.returned.tracking-ca612056212qb.online%2Frestor%2Findex.php%3Fid%3D69363191008&tiba=Canada%20Post%20-%20Track%20a%20package%20by%20tracking%20number&async=1&fmt=3&is_vtc=1&random=3166775557&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1011747518/ 42 B
64 B 57ms
56ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1011747518/?random=1645631020050&cv=9&fst=1645628400000&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&data=event%3Dpage_view%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fwww.returned.tracking-ca612056212qb.online%2Frestor%2Findex.php%3Fid%3D69363191008&tiba=Canada%20Post%20-%20Track%20a%20package%20by%20tracking%20number&async=1&fmt=3&is_vtc=1&random=3770056174&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1011747518/ 42 B
64 B 54ms
53ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1011747518/?random=1645631020050&cv=9&fst=1645628400000&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&data=event%3Dpage_view%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fwww.returned.tracking-ca612056212qb.online%2Frestor%2Findex.php%3Fid%3D69363191008&tiba=Canada%20Post%20-%20Track%20a%20package%20by%20tracking%20number&async=1&fmt=3&is_vtc=1&random=3770056174&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1011747518/ 42 B
64 B 54ms
53ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1011747518/?random=1645631020053&cv=9&fst=1645628400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.returned.tracking-ca612056212qb.online%2Frestor%2Findex.php%3Fid%3D69363191008&tiba=Canada%20Post%20-%20Track%20a%20package%20by%20tracking%20number&async=1&fmt=3&is_vtc=1&random=4107535686&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1011747518/ 42 B
64 B 58ms
57ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1011747518/?random=1645631020053&cv=9&fst=1645628400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.returned.tracking-ca612056212qb.online%2Frestor%2Findex.php%3Fid%3D69363191008&tiba=Canada%20Post%20-%20Track%20a%20package%20by%20tracking%20number&async=1&fmt=3&is_vtc=1&random=4107535686&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1011747518/ 42 B
64 B 55ms
54ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1011747518/?random=1645631020054&cv=9&fst=1645628400000&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&data=event%3Dpage_view%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fwww.returned.tracking-ca612056212qb.online%2Frestor%2Findex.php%3Fid%3D69363191008&tiba=Canada%20Post%20-%20Track%20a%20package%20by%20tracking%20number&async=1&fmt=3&is_vtc=1&random=962144553&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1011747518/ 42 B
64 B 53ms
52ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1011747518/?random=1645631020054&cv=9&fst=1645628400000&num=1&value=replace%20with%20value&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&data=event%3Dpage_view%3Bgoogle_business_vertical%3Dcustom%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2Fwww.returned.tracking-ca612056212qb.online%2Frestor%2Findex.php%3Fid%3D69363191008&tiba=Canada%20Post%20-%20Track%20a%20package%20by%20tracking%20number&async=1&fmt=3&is_vtc=1&random=962144553&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1011747518/ 42 B
64 B 58ms
57ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1011747518/?random=1645631020052&cv=9&fst=1645628400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.returned.tracking-ca612056212qb.online%2Frestor%2Findex.php%3Fid%3D69363191008&tiba=Canada%20Post%20-%20Track%20a%20package%20by%20tracking%20number&async=1&fmt=3&is_vtc=1&random=952712193&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1011747518/ 42 B
64 B 60ms
59ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1011747518/?random=1645631020052&cv=9&fst=1645628400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.returned.tracking-ca612056212qb.online%2Frestor%2Findex.php%3Fid%3D69363191008&tiba=Canada%20Post%20-%20Track%20a%20package%20by%20tracking%20number&async=1&fmt=3&is_vtc=1&random=952712193&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dest5.html Show response
www.returned.tracking-ca612056212qb.online/restor/assetss/ Frame 092D 7 KB
3 KB 670ms
368ms Document
text/html 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/dest5.html

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

ca0874863457f57388d19b6c3c3e999e1c1472a89a8fb29b34a7ba2c4fe9f5e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Response headers

content-type: text/html
last-modified: Mon, 21 Feb 2022 01:27:14 GMT
etag: "1bc4-6212ea72-21d1233a99e839f9;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2605
date: Wed, 23 Feb 2022 15:43:41 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000

GET
H2 404 cwc.js.download
www.returned.tracking-ca612056212qb.online/restor/assetss/ 0
0 671ms
369ms Script
text/html 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/cwc.js.download

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:41 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1237
strict-transport-security: max-age=31536000
content-type: text/html

GET
H2 404 locales.json Show response
www.returned.tracking-ca612056212qb.online/restor/assets/i18n/ 1 KB
1 KB 140ms
139ms XHR
text/html 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assets/i18n/locales.json

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/assetss/polyfills.429da8bc2163952ceb85.bundle.js.download

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

79ce4e2bbf25c4a4d91458d191d6ef268b4592169ae6586ba52242f412670b5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/plain, */*
Pragma: no-cache
Cache-Control: no-cache
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:42 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1237
strict-transport-security: max-age=31536000
content-type: text/html

GET
H2 200 saved_resource.html Show response
www.returned.tracking-ca612056212qb.online/restor/assetss/ Frame E1F7 53 KB
19 KB 140ms
140ms Document
text/html 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/saved_resource.html

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

20ddb9d1ccea44f0c383ded5fa1c0743ade76898a54e46f57bd757a90f4a79ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Response headers

content-type: text/html
last-modified: Mon, 21 Feb 2022 01:27:14 GMT
etag: "d3b3-6212ea72-ca807b86e08f91f8;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 19640
date: Wed, 23 Feb 2022 15:43:42 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000

POST
H2 200 Targeting.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 16 KB
3 KB 69ms
68ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_0xleIR6sWSZaNY9&Q_CLIENTVERSION=1.66.1&Q_CLIENTTYPE=web

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/assetss/polyfills.429da8bc2163952ceb85.bundle.js.download

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85538c4b32bf157a445df513bf7db467eb55efd76ef24a648f813dd655935773

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.returned.tracking-ca612056212qb.online/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 23 Feb 2022 15:43:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 10
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.returned.tracking-ca612056212qb.online
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
trace-id: 6b9a2edc101bfc21
cf-ray: 6e219242accd908e-FRA

GET
H2 404 adsct
www.returned.tracking-ca612056212qb.online/restor/assetss/ 0
0 148ms
148ms Script
text/html 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/adsct

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:42 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1237
strict-transport-security: max-age=31536000
content-type: text/html

POST
H2 200 Targeting.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 16 KB
2 KB 109ms
108ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_0xleIR6sWSZaNY9&Q_CLIENTVERSION=1.66.1&Q_CLIENTTYPE=web

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/assetss/polyfills.429da8bc2163952ceb85.bundle.js.download

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85538c4b32bf157a445df513bf7db467eb55efd76ef24a648f813dd655935773

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.returned.tracking-ca612056212qb.online/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 23 Feb 2022 15:43:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 13
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.returned.tracking-ca612056212qb.online
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
trace-id: 4c41d5165bda498b
cf-ray: 6e219243aea0908e-FRA

GET
H2 200 pixel Show response
bid.g.doubleclick.net/xbbe/ Frame A880 0
434 B 92ms
24ms Document
text/html 74.125.133.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/pixel?d=KAE

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.133.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wo-in-f155.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 23 Feb 2022 15:43:42 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pixel Show response
bid.g.doubleclick.net/xbbe/ Frame 2FBD 0
53 B 101ms
35ms Document
text/html 74.125.133.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/pixel?d=KAE

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.133.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wo-in-f155.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 23 Feb 2022 15:43:42 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pixel Show response
bid.g.doubleclick.net/xbbe/ Frame D724 0
44 B 100ms
35ms Document
text/html 74.125.133.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/pixel?d=KAE

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.133.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wo-in-f155.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 23 Feb 2022 15:43:42 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pixel Show response
bid.g.doubleclick.net/xbbe/ Frame EE05 0
53 B 99ms
36ms Document
text/html 74.125.133.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/pixel?d=KAE

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.133.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wo-in-f155.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 23 Feb 2022 15:43:42 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pixel Show response
bid.g.doubleclick.net/xbbe/ Frame 79AE 0
53 B 99ms
37ms Document
text/html 74.125.133.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/pixel?d=KAE

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.133.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wo-in-f155.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 23 Feb 2022 15:43:42 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pixel Show response
bid.g.doubleclick.net/xbbe/ Frame C45F 0
53 B 96ms
34ms Document
text/html 74.125.133.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/pixel?d=KAE

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.133.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wo-in-f155.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 23 Feb 2022 15:43:42 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pixel Show response
bid.g.doubleclick.net/xbbe/ Frame 16E0 0
53 B 94ms
34ms Document
text/html 74.125.133.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/pixel?d=KAE

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.133.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wo-in-f155.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 23 Feb 2022 15:43:42 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pixel Show response
bid.g.doubleclick.net/xbbe/ Frame 36EF 0
44 B 96ms
36ms Document
text/html 74.125.133.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/pixel?d=KAE

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.133.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wo-in-f155.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 23 Feb 2022 15:43:42 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 Targeting.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 16 KB
2 KB 106ms
106ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_0xleIR6sWSZaNY9&Q_CLIENTVERSION=1.66.1&Q_CLIENTTYPE=web

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/assetss/polyfills.429da8bc2163952ceb85.bundle.js.download

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85538c4b32bf157a445df513bf7db467eb55efd76ef24a648f813dd655935773

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.returned.tracking-ca612056212qb.online/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 23 Feb 2022 15:43:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 12
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.returned.tracking-ca612056212qb.online
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
trace-id: 7d1e4344543068d0
cf-ray: 6e219243bed2908e-FRA

GET
H2 404 db.0de5ebd22e5fb37bd752.js.download
www.returned.tracking-ca612056212qb.online/restor/assetss/ Frame E1F7 0
0 140ms
139ms Script
text/html 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/db.0de5ebd22e5fb37bd752.js.download

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/assetss/saved_resource.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/assetss/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:42 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1237
strict-transport-security: max-age=31536000
content-type: text/html

GET
H2 200 mc.62704e92e4244f6ba4a3.js.download Show response
www.returned.tracking-ca612056212qb.online/restor/assetss/ Frame E1F7 38 KB
38 KB 140ms
139ms Script
application/octet-stream 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/mc.62704e92e4244f6ba4a3.js.download

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/assetss/saved_resource.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

5d375d6faa4bc90694173cca2301d3c74ecdd4b75e66e8f926ee243d096913be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/assetss/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:42 GMT
last-modified: Mon, 21 Feb 2022 01:27:14 GMT
server: LiteSpeed
etag: "9945-6212ea72-cd7a0a56cef04d1f;;;"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
accept-ranges: bytes
content-length: 39237

GET
H2 200 meta.ef1a589412bdf82442a2.js.download Show response
www.returned.tracking-ca612056212qb.online/restor/assetss/ Frame E1F7 2 KB
2 KB 144ms
143ms Script
application/octet-stream 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/meta.ef1a589412bdf82442a2.js.download

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/assetss/saved_resource.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

3f4b388ae92975e16d2c5b5e8107c75466915ccc8dd532f0cc8aa53fbabb2172

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/assetss/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:42 GMT
last-modified: Mon, 21 Feb 2022 01:27:14 GMT
server: LiteSpeed
etag: "993-6212ea72-4879f98296d8e8a4;;;"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
accept-ranges: bytes
content-length: 2451

GET
H2 200 jsApi.f90ab520a01ef0455322.js.download Show response
www.returned.tracking-ca612056212qb.online/restor/assetss/ Frame E1F7 14 KB
14 KB 144ms
143ms Script
application/octet-stream 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/jsApi.f90ab520a01ef0455322.js.download

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/assetss/saved_resource.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

5048c6be9fbe930eb06e264147aed24b826724bccafd81278dcf0add561a343c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/assetss/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:42 GMT
last-modified: Mon, 21 Feb 2022 01:27:14 GMT
server: LiteSpeed
etag: "36f2-6212ea72-e88b6178e4e5fa3a;;;"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
accept-ranges: bytes
content-length: 14066

GET
H2 200 mp.c0e4f496922e36a569e3.js.download Show response
www.returned.tracking-ca612056212qb.online/restor/assetss/ Frame E1F7 5 KB
5 KB 144ms
143ms Script
application/octet-stream 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/mp.c0e4f496922e36a569e3.js.download

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/assetss/saved_resource.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

04dae6889f8351ed5ffd2feccacb0aa6b1a2c0c6dc8c57d39a3ff54068eb142d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/assetss/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:42 GMT
last-modified: Mon, 21 Feb 2022 01:27:14 GMT
server: LiteSpeed
etag: "13af-6212ea72-1e2360075cf16fc7;;;"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
accept-ranges: bytes
content-length: 5039

GET
H2 200 prototype.ad3ea2baf13adce7a7f0.js.download Show response
www.returned.tracking-ca612056212qb.online/restor/assetss/ Frame E1F7 91 KB
91 KB 144ms
144ms Script
application/octet-stream 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/prototype.ad3ea2baf13adce7a7f0.js.download

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/assetss/saved_resource.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

a1aabc083ff05ff4cd83489fbfd165714717a29b2c83a4b19b52f791064847ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/assetss/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:42 GMT
last-modified: Mon, 21 Feb 2022 01:27:14 GMT
server: LiteSpeed
etag: "16b16-6212ea72-5ff80c18b6d559b6;;;"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
accept-ranges: bytes
content-length: 92950

GET
H2 200 vendor.04949745891b21438af7.js.download Show response
www.returned.tracking-ca612056212qb.online/restor/assetss/ Frame E1F7 261 KB
261 KB 143ms
142ms Script
application/octet-stream 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/vendor.04949745891b21438af7.js.download

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/assetss/saved_resource.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

2a7e270e3045a1f2a56a806431eecd13438a5fb40b0ff3c6a52544197383a5c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.returned.tracking-ca612056212qb.online/restor/assetss/saved_resource.html
Origin: https://www.returned.tracking-ca612056212qb.online
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:42 GMT
last-modified: Mon, 21 Feb 2022 01:27:14 GMT
server: LiteSpeed
etag: "412d3-6212ea72-429c701c53f612ed;;;"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
accept-ranges: bytes
content-length: 266963

GET
H2 200 jfe.4651e3cc8598c44f58dd.js.download Show response
www.returned.tracking-ca612056212qb.online/restor/assetss/ Frame E1F7 254 KB
255 KB 143ms
143ms Script
application/octet-stream 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/jfe.4651e3cc8598c44f58dd.js.download

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/assetss/saved_resource.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

02a961f5a95c2888dc48405d9e71405f864c5db6cd6fbc3594bca92d00854b53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.returned.tracking-ca612056212qb.online/restor/assetss/saved_resource.html
Origin: https://www.returned.tracking-ca612056212qb.online
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:42 GMT
last-modified: Mon, 21 Feb 2022 01:27:14 GMT
server: LiteSpeed
etag: "3f964-6212ea72-9ea4b4279ccff58f;;;"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
accept-ranges: bytes
content-length: 260452

GET
H2 200 stylesheet.css
www.returned.tracking-ca612056212qb.online/restor/assetss/ Frame E1F7 145 KB
23 KB 141ms
140ms Stylesheet
text/css 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.returned.tracking-ca612056212qb.online/restor/assetss/stylesheet.css

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/assetss/saved_resource.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

9dba6fa92f9dd9c47188a8f3d6122d534cff769729e99da3804563eebff098b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/assetss/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:42 GMT
content-encoding: br
last-modified: Mon, 21 Feb 2022 01:27:14 GMT
server: LiteSpeed
etag: "243b5-6212ea72-ec1d27cc2064fc98;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 23816
expires: Wed, 02 Mar 2022 15:43:42 GMT

GET
H2 200 UserDefinedHTMLModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 7 KB
2 KB 53ms
53ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/UserDefinedHTMLModule.js?Q_CLIENTVERSION=1.66.1&Q_CLIENTTYPE=web&Q_BRANDID=canadapostdigital

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/11.f94ae62479d5b3566b98.chunk.js?Q_CLIENTVERSION=1.66.1&Q_CLIENTTYPE=web&Q_BRANDID=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6f011c0b9379c09b5a2fdda17a16749af0e4b207b9e136bedb891cedb2b8cc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 507757
cf-polished: origSize=7763
cf-ray: 6e219244b87e908e-FRA
edge-control: max-age=604800
x-envoy-upstream-service-time: 9
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 11 Feb 2022 00:35:36 GMT
server: cloudflare
etag: W/"1e53-17ee634efc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 5 KB
1 KB 515ms
495ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_8JvATaFmNHboNxj&Version=61&Q_ORIGIN=https://www.returned.tracking-ca612056212qb.online&Q_CLIENTVERSION=1.66.1&Q_CLIENTTYPE=web

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/assetss/polyfills.429da8bc2163952ceb85.bundle.js.download

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

995d5a3e0e3e217d8c2ee892dce1043f4560b3ed5f059410bedd880361ad342a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 0
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
x-envoy-upstream-service-time: 15
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 23 Feb 2022 15:43:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
expires: Sat, 21 Feb 2032 15:43:43 GMT
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
cf-ray: 6e219244dc57904e-FRA
servershortname

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 1 KB
1 KB 507ms
488ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_dha0LmWh6FlJbI9&Version=20&Q_InterceptID=SI_8JvATaFmNHboNxj&Q_ORIGIN=https://www.returned.tracking-ca612056212qb.online&Q_CLIENTVERSION=1.66.1&Q_CLIENTTYPE=web

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/assetss/polyfills.429da8bc2163952ceb85.bundle.js.download

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6a0dd3d9456d74cda04e3d67a859ee919dd8fd99cd88ac160d969aebfd424f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
x-envoy-upstream-service-time: 18
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 23 Feb 2022 15:43:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
cf-ray: 6e219244dc5f904e-FRA
servershortname
expires: Sat, 21 Feb 2032 15:43:43 GMT

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 5 KB
1 KB 475ms
475ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/assetss/polyfills.429da8bc2163952ceb85.bundle.js.download

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

995d5a3e0e3e217d8c2ee892dce1043f4560b3ed5f059410bedd880361ad342a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
x-envoy-upstream-service-time: 15
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 23 Feb 2022 15:43:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
cf-ray: 6e219244ec9d904e-FRA
servershortname
expires: Sat, 21 Feb 2032 15:43:43 GMT

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 1 KB
704 B 729ms
729ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/assetss/polyfills.429da8bc2163952ceb85.bundle.js.download

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6a0dd3d9456d74cda04e3d67a859ee919dd8fd99cd88ac160d969aebfd424f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 0
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
x-envoy-upstream-service-time: 18
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 23 Feb 2022 15:43:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
expires: Sat, 21 Feb 2032 15:43:43 GMT
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
cf-ray: 6e219244eca4904e-FRA
servershortname

GET
H2 200 / Show response
zn0xleir6swszany9-canadapostdigital.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 7 KB
3 KB 50ms
49ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zn0xleir6swszany9-canadapostdigital.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_0xleIR6sWSZaNY9&Q_LOC=https%3A%2F%2Fwww.returned.tracking-ca612056212qb.online%2Frestor%2Findex.php%3Fid%3D69363191008&t=1645631023033

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

227a5b92f8b3842930cb010753b1acbe0da3833d27220e38c2944f4dd54e3466

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 136195
cf-polished: origSize=8435
cf-ray: 6e219245faa0908e-FRA
edge-control: max-age=604800
x-envoy-upstream-service-time: 26
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"20f3-tefiRi1cMbCF7PLp5pyKGWtAYyU"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=604800
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 404 db.0de5ebd22e5fb37bd752.js
www.returned.tracking-ca612056212qb.online/jfe/static/dist/c/ Frame E1F7 0
0 139ms
139ms Script
text/html 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.returned.tracking-ca612056212qb.online/jfe/static/dist/c/db.0de5ebd22e5fb37bd752.js

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/assetss/saved_resource.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/restor/assetss/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:43 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1237
strict-transport-security: max-age=31536000
content-type: text/html

POST
H2 200 Targeting.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 16 KB
2 KB 65ms
65ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_0xleIR6sWSZaNY9&Q_CLIENTVERSION=1.66.1&Q_CLIENTTYPE=web

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/assetss/polyfills.429da8bc2163952ceb85.bundle.js.download

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85538c4b32bf157a445df513bf7db467eb55efd76ef24a648f813dd655935773

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.returned.tracking-ca612056212qb.online/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 23 Feb 2022 15:43:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 10
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.returned.tracking-ca612056212qb.online
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
trace-id: c1e7d049b30d226d
cf-ray: 6e2192465b74908e-FRA

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 5 KB
1 KB 178ms
178ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/assetss/polyfills.429da8bc2163952ceb85.bundle.js.download

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

995d5a3e0e3e217d8c2ee892dce1043f4560b3ed5f059410bedd880361ad342a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 0
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
x-envoy-upstream-service-time: 15
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 23 Feb 2022 15:43:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
expires: Sat, 21 Feb 2032 15:43:43 GMT
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
cf-ray: 6e219246daa9904e-FRA
servershortname

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 1 KB
704 B 258ms
258ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/assetss/polyfills.429da8bc2163952ceb85.bundle.js.download

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6a0dd3d9456d74cda04e3d67a859ee919dd8fd99cd88ac160d969aebfd424f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 0
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
x-envoy-upstream-service-time: 18
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 23 Feb 2022 15:43:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
expires: Sat, 21 Feb 2032 15:43:43 GMT
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
cf-ray: 6e219246daad904e-FRA
servershortname

POST
H2 404 resume Show response
www.returned.tracking-ca612056212qb.online/jfe4/restor/assetss/saved_resource.html/ Frame E1F7 1 KB
1 KB 140ms
139ms XHR
text/html 198.20.70.139
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.returned.tracking-ca612056212qb.online/jfe4/restor/assetss/saved_resource.html/resume?rand=171853328&tid=1&t=1645631023189&

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/assetss/jfe.4651e3cc8598c44f58dd.js.download

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.20.70.139 , United States, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

phx26.stablehost.com

Software

LiteSpeed /

Resource Hash

79ce4e2bbf25c4a4d91458d191d6ef268b4592169ae6586ba52242f412670b5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.returned.tracking-ca612056212qb.online/restor/assetss/saved_resource.html
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
XSRFToken: i5VPlrkm8f_qgCzU4reDuw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 23 Feb 2022 15:43:43 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1237
strict-transport-security: max-age=31536000
content-type: text/html

POST
H2 200 / Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 45 B
236 B 164ms
164ms XHR
text/plain 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_Impress=1&Q_CID=CR_dha0LmWh6FlJbI9&Q_SIID=SI_8JvATaFmNHboNxj&Q_ASID=AS_77882102&Q_CLIENTVERSION=1.66.1&Q_CLIENTTYPE=web&r=1645631023361

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/assetss/polyfills.429da8bc2163952ceb85.bundle.js.download

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.returned.tracking-ca612056212qb.online/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 23 Feb 2022 15:43:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 3
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.returned.tracking-ca612056212qb.online
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
trace-id: 34a18c0e0ec52143
cf-ray: 6e2192480dc4904e-FRA

POST
H2 200 SV_71iOFlig0vNugpn Show response
evaluation.canadapost-postescanada.ca/jfe/form/ Frame 7042 41 KB
20 KB 128ms
64ms Document
text/html 104.111.224.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://evaluation.canadapost-postescanada.ca/jfe/form/SV_71iOFlig0vNugpn?Q_CHL=si&Q_CanScreenCapture=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.224.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-224-53.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

cb516c01f0f3f70af3ff7c03be4a172e6ede1a7c3375b737d846128304c83538

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.returned.tracking-ca612056212qb.online
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/

Response headers

content-type: text/html; charset=utf-8
server: nginx
x-host-id: 70726f642e73706f6b652e6a6665382d3137322e31372e302e32
x-request-id: e3217af3-4025-430d-b12a-2c76ac5f2d8a
x-transaction-id: 9cd132a5-95ee-49e2-91f0-503557ab8b01
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
x-ua-compatible: IE=edge
content-encoding: gzip
content-length: 19863
date: Wed, 23 Feb 2022 15:43:43 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload

GET
H2 200 vendor.04949745891b21438af7.js Show response
evaluation.canadapost-postescanada.ca/jfe/static/dist/ Frame 7042 261 KB
82 KB 10ms
10ms Script
application/javascript 104.111.224.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://evaluation.canadapost-postescanada.ca/jfe/static/dist/vendor.04949745891b21438af7.js

Requested by

Host: evaluation.canadapost-postescanada.ca
URL: https://evaluation.canadapost-postescanada.ca/jfe/form/SV_71iOFlig0vNugpn?Q_CHL=si&Q_CanScreenCapture=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.224.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-224-53.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

2a7e270e3045a1f2a56a806431eecd13438a5fb40b0ff3c6a52544197383a5c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://evaluation.canadapost-postescanada.ca/jfe/form/SV_71iOFlig0vNugpn?Q_CHL=si&Q_CanScreenCapture=1
Origin: https://evaluation.canadapost-postescanada.ca
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 2303, 2303
date: Wed, 23 Feb 2022 15:43:43 GMT
content-encoding: gzip
server: nginx
x-edgeconnect-midmile-rtt: 0, 0
x-edgeconnect-cache-status: 1
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=30412951
x-host-id: 70726f642e73706f6b652e6a6665382d3137322e31372e302e32
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 83126

GET
H2 200 jfe.4651e3cc8598c44f58dd.js Show response
evaluation.canadapost-postescanada.ca/jfe/static/dist/ Frame 7042 254 KB
65 KB 20ms
19ms Script
application/javascript 104.111.224.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://evaluation.canadapost-postescanada.ca/jfe/static/dist/jfe.4651e3cc8598c44f58dd.js

Requested by

Host: evaluation.canadapost-postescanada.ca
URL: https://evaluation.canadapost-postescanada.ca/jfe/form/SV_71iOFlig0vNugpn?Q_CHL=si&Q_CanScreenCapture=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.224.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-224-53.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

02a961f5a95c2888dc48405d9e71405f864c5db6cd6fbc3594bca92d00854b53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://evaluation.canadapost-postescanada.ca/jfe/form/SV_71iOFlig0vNugpn?Q_CHL=si&Q_CanScreenCapture=1
Origin: https://evaluation.canadapost-postescanada.ca
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 2364
date: Wed, 23 Feb 2022 15:43:43 GMT
content-encoding: gzip
server: nginx
x-edgeconnect-midmile-rtt: 0
x-edgeconnect-cache-status: 1
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=30412972
x-host-id: 70726f642e73706f6b652e6a6665382d3137322e31372e302e32
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 66615

GET
H2 200 stylesheet.css
evaluation.canadapost-postescanada.ca/jfe/themes/skins/canadapostdigital/canadapostdigital/version-1607539201681-196304/ Frame 7042 145 KB
146 KB 19ms
19ms Stylesheet
text/css 104.111.224.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://evaluation.canadapost-postescanada.ca/jfe/themes/skins/canadapostdigital/canadapostdigital/version-1607539201681-196304/stylesheet.css

Requested by

Host: evaluation.canadapost-postescanada.ca
URL: https://evaluation.canadapost-postescanada.ca/jfe/form/SV_71iOFlig0vNugpn?Q_CHL=si&Q_CanScreenCapture=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.224.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-224-53.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

9dba6fa92f9dd9c47188a8f3d6122d534cff769729e99da3804563eebff098b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://evaluation.canadapost-postescanada.ca/jfe/form/SV_71iOFlig0vNugpn?Q_CHL=si&Q_CanScreenCapture=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: 1fvlBj.cNsBrC5I7qgVoWcHvcA7Urj8D
last-modified: Wed, 09 Dec 2020 18:40:22 GMT
server: AmazonS3
x-amz-request-id: T2WC9384HDRGTYYB
etag: "8ee6079ddd90cb181a8342211d5d5d30"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
cache-control: public, max-age=718699
date: Wed, 23 Feb 2022 15:43:43 GMT
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 148405
x-amz-id-2: 6eZEHdXs2sH2JN5ouv9mLysBO9jAiliFpz0SQD4nNwki+a9peVucYy5KqRZwIfBl7OwOtL2apfY=

POST
H2 200 / Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 40 B
116 B 171ms
171ms XHR
text/plain 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_Click=1&Q_CID=CR_dha0LmWh6FlJbI9&Q_SIID=SI_8JvATaFmNHboNxj&Q_ASID=AS_77882102&Q_CLIENTVERSION=1.66.1&Q_CLIENTTYPE=web&r=1645631023581

Requested by

Host: www.returned.tracking-ca612056212qb.online
URL: https://www.returned.tracking-ca612056212qb.online/restor/assetss/polyfills.429da8bc2163952ceb85.bundle.js.download

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c276be2725d2e7365a557f7dc562d6106d0d1d0e2dd2952f690280209fb2e736

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.returned.tracking-ca612056212qb.online/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 23 Feb 2022 15:43:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 3
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.returned.tracking-ca612056212qb.online
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
trace-id: 01ab4a841b4cdd18
cf-ray: 6e21924969a6904e-FRA

GET
H2 200 db.0de5ebd22e5fb37bd752.js Show response
evaluation.canadapost-postescanada.ca/jfe/static/dist/c/ Frame 7042 3 KB
948 B 10ms
10ms Script
application/javascript 104.111.224.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://evaluation.canadapost-postescanada.ca/jfe/static/dist/c/db.0de5ebd22e5fb37bd752.js

Requested by

Host: evaluation.canadapost-postescanada.ca
URL: https://evaluation.canadapost-postescanada.ca/jfe/form/SV_71iOFlig0vNugpn?Q_CHL=si&Q_CanScreenCapture=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.224.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-224-53.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

ff2a73d20f7a1e4654944821e3e0b459322b7f5b6a48af8e46ff4ffc4ebdfec3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://evaluation.canadapost-postescanada.ca/jfe/form/SV_71iOFlig0vNugpn?Q_CHL=si&Q_CanScreenCapture=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:43 GMT
content-encoding: gzip
server: nginx
x-edgeconnect-cache-status: 1
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=28434427
x-host-id: 70726f642e73706f6b652e6a6665382d3137322e31372e302e32
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 712

GET
H2 200 mc.62704e92e4244f6ba4a3.js Show response
evaluation.canadapost-postescanada.ca/jfe/static/dist/c/ Frame 7042 38 KB
6 KB 13ms
13ms Script
application/javascript 104.111.224.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://evaluation.canadapost-postescanada.ca/jfe/static/dist/c/mc.62704e92e4244f6ba4a3.js

Requested by

Host: evaluation.canadapost-postescanada.ca
URL: https://evaluation.canadapost-postescanada.ca/jfe/form/SV_71iOFlig0vNugpn?Q_CHL=si&Q_CanScreenCapture=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.224.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-224-53.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

5d375d6faa4bc90694173cca2301d3c74ecdd4b75e66e8f926ee243d096913be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://evaluation.canadapost-postescanada.ca/jfe/form/SV_71iOFlig0vNugpn?Q_CHL=si&Q_CanScreenCapture=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 1540
date: Wed, 23 Feb 2022 15:43:43 GMT
content-encoding: gzip
server: nginx
x-edgeconnect-midmile-rtt: 0
x-edgeconnect-cache-status: 3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=28434212
x-host-id: 70726f642e73706f6b652e6a6665382d3137322e31372e302e32
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 5713

GET
H2 200 meta.ef1a589412bdf82442a2.js Show response
evaluation.canadapost-postescanada.ca/jfe/static/dist/c/ Frame 7042 2 KB
1 KB 17ms
17ms Script
application/javascript 104.111.224.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://evaluation.canadapost-postescanada.ca/jfe/static/dist/c/meta.ef1a589412bdf82442a2.js

Requested by

Host: evaluation.canadapost-postescanada.ca
URL: https://evaluation.canadapost-postescanada.ca/jfe/form/SV_71iOFlig0vNugpn?Q_CHL=si&Q_CanScreenCapture=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.224.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-224-53.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

3f4b388ae92975e16d2c5b5e8107c75466915ccc8dd532f0cc8aa53fbabb2172

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://evaluation.canadapost-postescanada.ca/jfe/form/SV_71iOFlig0vNugpn?Q_CHL=si&Q_CanScreenCapture=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 1549
date: Wed, 23 Feb 2022 15:43:43 GMT
content-encoding: gzip
server: nginx
x-edgeconnect-midmile-rtt: 0
x-edgeconnect-cache-status: 3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=28442748
x-host-id: 70726f642e73706f6b652e6a6665382d3137322e31372e302e32
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 955

GET
H2 200 jsApi.f90ab520a01ef0455322.js Show response
evaluation.canadapost-postescanada.ca/jfe/static/dist/c/ Frame 7042 14 KB
4 KB 10ms
10ms Script
application/javascript 104.111.224.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://evaluation.canadapost-postescanada.ca/jfe/static/dist/c/jsApi.f90ab520a01ef0455322.js

Requested by

Host: evaluation.canadapost-postescanada.ca
URL: https://evaluation.canadapost-postescanada.ca/jfe/form/SV_71iOFlig0vNugpn?Q_CHL=si&Q_CanScreenCapture=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.224.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-224-53.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

5048c6be9fbe930eb06e264147aed24b826724bccafd81278dcf0add561a343c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://evaluation.canadapost-postescanada.ca/jfe/form/SV_71iOFlig0vNugpn?Q_CHL=si&Q_CanScreenCapture=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 1688
date: Wed, 23 Feb 2022 15:43:43 GMT
content-encoding: gzip
server: nginx
x-edgeconnect-midmile-rtt: 0
x-edgeconnect-cache-status: 1
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=28434225
x-host-id: 70726f642e73706f6b652e6a6665322d3137322e31372e302e32
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3838

GET
H2 200 prototype.ad3ea2baf13adce7a7f0.js Show response
evaluation.canadapost-postescanada.ca/jfe/static/dist/c/ Frame 7042 91 KB
28 KB 10ms
9ms Script
application/javascript 104.111.224.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://evaluation.canadapost-postescanada.ca/jfe/static/dist/c/prototype.ad3ea2baf13adce7a7f0.js

Requested by

Host: evaluation.canadapost-postescanada.ca
URL: https://evaluation.canadapost-postescanada.ca/jfe/form/SV_71iOFlig0vNugpn?Q_CHL=si&Q_CanScreenCapture=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.224.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-224-53.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

a1aabc083ff05ff4cd83489fbfd165714717a29b2c83a4b19b52f791064847ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://evaluation.canadapost-postescanada.ca/jfe/form/SV_71iOFlig0vNugpn?Q_CHL=si&Q_CanScreenCapture=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 1477
date: Wed, 23 Feb 2022 15:43:43 GMT
content-encoding: gzip
server: nginx
x-edgeconnect-midmile-rtt: 0
x-edgeconnect-cache-status: 1
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=28434309
x-host-id: 70726f642e73706f6b652e6a6665322d3137322e31372e302e32
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 28661

GET
H2 200 mp.c0e4f496922e36a569e3.js Show response
evaluation.canadapost-postescanada.ca/jfe/static/dist/c/ Frame 7042 5 KB
2 KB 10ms
9ms Script
application/javascript 104.111.224.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://evaluation.canadapost-postescanada.ca/jfe/static/dist/c/mp.c0e4f496922e36a569e3.js

Requested by

Host: evaluation.canadapost-postescanada.ca
URL: https://evaluation.canadapost-postescanada.ca/jfe/form/SV_71iOFlig0vNugpn?Q_CHL=si&Q_CanScreenCapture=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.224.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-224-53.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

04dae6889f8351ed5ffd2feccacb0aa6b1a2c0c6dc8c57d39a3ff54068eb142d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://evaluation.canadapost-postescanada.ca/jfe/form/SV_71iOFlig0vNugpn?Q_CHL=si&Q_CanScreenCapture=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 1871
date: Wed, 23 Feb 2022 15:43:43 GMT
content-encoding: gzip
server: nginx
x-edgeconnect-midmile-rtt: 0
x-edgeconnect-cache-status: 3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=28434117
x-host-id: 70726f642e73706f6b652e6a6665322d3137322e31372e302e32
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1654

GET
H2 200 ScreenCaptureModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 25 KB
7 KB 41ms
41ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/ScreenCaptureModule.js?Q_CLIENTVERSION=1.66.1&Q_CLIENTTYPE=web&Q_BRANDID=canadapostdigital

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/11.f94ae62479d5b3566b98.chunk.js?Q_CLIENTVERSION=1.66.1&Q_CLIENTTYPE=web&Q_BRANDID=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ca27b7ce0a96c6183df98cd355c30e9db59fb4ab7181a3abd9c5687e785622c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 136735
cf-polished: origSize=26691
cf-ray: 6e21924a19f1908e-FRA
edge-control: max-age=604800
x-envoy-upstream-service-time: 4
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 11 Feb 2022 00:35:36 GMT
server: cloudflare
etag: W/"6843-17ee634efc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify

GET
H2 200 building_preview.gif
siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/ 12 KB
12 KB 54ms
54ms Image
image/gif 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/building_preview.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9096646da2177d5db92f79352509450582a376913bb5387557c1efd28d0c377b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:43 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2533737
cf-polished: origSize=16980
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
x-envoy-upstream-service-time: 7
cf-bgj: imgq:85,h2pri
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 10 Jan 2022 17:59:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/gif
cache-control: max-age=315360000, public
trace-id: 6424899091a2dc38
cf-ray: 6e21924a19f5908e-FRA
servershortname
expires: Fri, 23 Jan 2032 07:54:46 GMT

GET
H2 200 remove_screen_capture.png
siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/ 857 B
1 KB 39ms
39ms Image
image/png 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/remove_screen_capture.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37f7e4cae3c3a409193078169c5731a142552e04ca3bbb19c85e87432ce58afb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:43 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2533741
cf-polished: origSize=1110
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
x-envoy-upstream-service-time: 10
cf-bgj: imgq:85,h2pri
vary: Accept-Encoding
content-length: 857
accept-ranges: bytes
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 10 Jan 2022 17:59:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=315360000, public
trace-id: 7849b58f0c4cad6e
cf-ray: 6e21924a19fd908e-FRA
servershortname
expires: Fri, 23 Jan 2032 07:54:42 GMT

GET
H2 200 remove_screen_capture.png
siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/ 857 B
928 B 29ms
29ms Image
image/png 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/remove_screen_capture.png

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.66.1&Q_CLIENTTYPE=web&Q_BRANDID=canadapostdigital

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37f7e4cae3c3a409193078169c5731a142552e04ca3bbb19c85e87432ce58afb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.returned.tracking-ca612056212qb.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 15:43:43 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2533741
cf-polished: origSize=1110
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
x-envoy-upstream-service-time: 10
cf-bgj: imgq:85,h2pri
vary: Accept-Encoding
content-length: 857
accept-ranges: bytes
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 10 Jan 2022 17:59:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=315360000, public
trace-id: 7849b58f0c4cad6e
cf-ray: 6e21924a5a79908e-FRA
servershortname
expires: Fri, 23 Jan 2032 07:54:42 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Domain: b.scorecardresearch.com
URL: http://b.scorecardresearch.com/beacon.js

Domain: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Domain: b.scorecardresearch.com
URL: http://b.scorecardresearch.com/beacon.js

Domain: assetss.adobedtm.com
URL: https://assetss.adobedtm.com/0ccf8b9a711f/6e634e5f652e/7fc36888b1ad/EXb471ab3b98694cd895b87487d7a7c6ec-libraryCode_source.min.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Canada Post (Transportation)

197 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tracking-ca612056212qb.online/	1969-12-31 23:59:59	Name: at_check Value: true
.returned.tracking-ca612056212qb.online/	1970-01-20 01:17:45	Name: s_vnc7 Value: 1646235819400%26vn%3D1
.returned.tracking-ca612056212qb.online/	1970-01-20 01:07:12	Name: s_ivc Value: true
.demdex.net/	1970-01-20 05:26:23	Name: demdex Value: 55636192172885478551983991337108007640
.returned.tracking-ca612056212qb.online/	1969-12-31 23:59:59	Name: AMCVS_0C4E3704533345770A490D44%40AdobeOrg Value: 1
.tracking-ca612056212qb.online/	1970-01-20 03:16:47	Name: _gcl_au Value: 1.1.1331052496.1645631020
.tracking-ca612056212qb.online/	1970-01-20 18:41:15	Name: mbox Value: session#9211a4534fa445d78ceb985f98c085c7#1645632880\|PC#9211a4534fa445d78ceb985f98c085c7.37_0#1708875820
.tracking-ca612056212qb.online/	1970-01-20 01:07:12	Name: s_gpv_url Value: https%3A%2F%2Fwww.returned.tracking-ca612056212qb.online%2Frestor%2Findex.php%3Fid%3D69363191008
.scorecardresearch.com/	1970-01-20 18:23:59	Name: UID Value: 1148e14138daf3dab75dac81645631019
.tracking-ca612056212qb.online/	1970-01-20 01:07:12	Name: gpv_v4 Value: no%20value
.tracking-ca612056212qb.online/	1970-01-20 01:07:12	Name: s_lv_s Value: First%20Visit
.tracking-ca612056212qb.online/	1970-01-20 01:50:23	Name: s_nr Value: 1645631019980-New
.tracking-ca612056212qb.online/	1970-01-21 01:05:44	Name: s_lv Value: 1645631019981
.tracking-ca612056212qb.online/	1969-12-31 23:59:59	Name: s_cc Value: true
.everesttech.net/	1970-01-20 09:52:47	Name: everest_g_v2 Value: g_surferid~YhZWKwAAAF48SwQS
.linkedin.com/	1970-01-20 01:50:23	Name: UserMatchHistory Value: AQIIdhWxsklCqwAAAX8nQJupJA3dk-Acc6asYgO7swsHaaXZug26Z7CUsGLXXONrxzsjA8NNHVieUA
.linkedin.com/	1970-01-20 01:50:23	Name: AnalyticsSyncHistory Value: AQKydsy3q9N1XQAAAX8nQJupfCnHNAl6UtOnE8a2PJZtXmifmVQ_iVBKMCI9F5jv2Y3_VfHVC8O5aaH3PX5Dbg
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 18:39:04	Name: bcookie Value: "v=2&550e381d-c028-4538-8965-6e2fddf014f6"
.linkedin.com/	1970-01-20 01:08:37	Name: lidc Value: "b=VGST08:s=V:r=V:a=V:p=V:g=2225:u=1:x=1:i=1645631019:t=1645717419:v=2:sig=AQEy_B58SieDz9kVG3fx7qw4QGWRBPxD"
.dpm.demdex.net/	1970-01-20 05:26:23	Name: dpm Value: 55636192172885478551983991337108007640
.returned.tracking-ca612056212qb.online/	1970-01-20 18:38:23	Name: AMCV_0C4E3704533345770A490D44%40AdobeOrg Value: -1124106680%7CMCIDTS%7C19047%7CMCMID%7C55657432146818332321981586415102041031%7CMCAAMLH-1646235819%7C6%7CMCAAMB-1646235819%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1645638219s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19054%7CvVersion%7C5.2.0
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 18:39:04	Name: bscookie Value: "v=1&20220223154340df7d1963-a7d9-4509-8766-7f7f9b9c6618AQFyFgTq-1ah7-Z0SucoW3hsl-VeE-aR"
.linkedin.com/	1970-01-20 18:21:37	Name: li_gc Value: MTswOzE2NDU2MzEwMjA7MjswMjFjP+YpfFpAtTZYct5rlA3EHzyU8Jb6gLUPcwx1g3TIsg==
.doubleclick.net/	1970-01-20 10:28:47	Name: IDE Value: AHWqTUks1m0_sPv-bH8gK5wrifwBHbWnf_Oy_8GCRiqf0TsXwniRUs84zoWoodma
www.returned.tracking-ca612056212qb.online/	1969-12-31 23:59:59	Name: QSI_HistorySession Value: https%3A%2F%2Fwww.returned.tracking-ca612056212qb.online%2Frestor%2Findex.php%3Fid%3D69363191008~1645631022579
.www.returned.tracking-ca612056212qb.online/	1970-01-20 09:52:47	Name: LANG Value: e
.tracking-ca612056212qb.online/	1970-01-20 09:52:47	Name: LANG Value: e
.tracking-ca612056212qb.online/	1969-12-31 23:59:59	Name: s_ppvl Value: https%253A%2F%2Fwww.returned.tracking-ca612056212qb.online%2Frestor%2Findex.php%253Fid%253D69363191008%2C80%2C80%2C1200%2C1600%2C1200%2C1600%2C1200%2C1%2CL
.tracking-ca612056212qb.online/	1969-12-31 23:59:59	Name: s_ppv Value: https%253A%2F%2Fwww.returned.tracking-ca612056212qb.online%2Frestor%2Findex.php%253Fid%253D69363191008%2C69%2C69%2C1200%2C1600%2C1200%2C1600%2C1200%2C1%2CL

35 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008 Message: Mixed Content: The page at 'https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008' was loaded over HTTPS, but requested an insecure script 'http://www.googletagservices.com/tag/js/gpt.js'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008 Message: Mixed Content: The page at 'https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008' was loaded over HTTPS, but requested an insecure script 'http://b.scorecardresearch.com/beacon.js'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008 Message: Mixed Content: The page at 'https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008' was loaded over HTTPS, but requested an insecure script 'http://www.googletagservices.com/tag/js/gpt.js'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008 Message: Mixed Content: The page at 'https://www.returned.tracking-ca612056212qb.online/restor/index.php?id=69363191008' was loaded over HTTPS, but requested an insecure script 'http://b.scorecardresearch.com/beacon.js'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://www.returned.tracking-ca612056212qb.online/restor/assetss/11.f94ae62479d5b3566b98.chunk.js.download Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.returned.tracking-ca612056212qb.online/restor/assetss/4.add54fa9a4302d9dcee6.chunk.js.download Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.returned.tracking-ca612056212qb.online/restor/assetss/1.452834941ec50883cf7b.chunk.js.download Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.returned.tracking-ca612056212qb.online/restor/assetss/11.f94ae62479d5b3566b98.chunk.js.download Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.returned.tracking-ca612056212qb.online/restor/assetss/4.add54fa9a4302d9dcee6.chunk.js.download Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.returned.tracking-ca612056212qb.online/restor/assetss/1.452834941ec50883cf7b.chunk.js.download Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://assetss.adobedtm.com/0ccf8b9a711f/6e634e5f652e/7fc36888b1ad/EXb471ab3b98694cd895b87487d7a7c6ec-libraryCode_source.min.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://www.returned.tracking-ca612056212qb.online/restor/assetss/614267586032718 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.returned.tracking-ca612056212qb.online/restor/assetss/fbevents.js.download Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.returned.tracking-ca612056212qb.online/restor/assetss/beacon.js.download Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.returned.tracking-ca612056212qb.online/restor/assetss/0.daa8dafbeac9b9d6931c.chunk.js.download Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.returned.tracking-ca612056212qb.online/restor/assetss/3.34cfdbb2a8d9baa72272.chunk.js.download Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.returned.tracking-ca612056212qb.online/restor/assetss/5.bf3a9a81d85929e6b940.chunk.js.download Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.returned.tracking-ca612056212qb.online/restor/assetss/1.981c59ed3d5af1c8cf92.chunk.js.download Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.returned.tracking-ca612056212qb.online/restor/assetss/2.833008e4dd9d1e198616.chunk.js.download Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.returned.tracking-ca612056212qb.online/restor/assetss/4.68343833f84c30f7c18e.chunk.js.download Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.returned.tracking-ca612056212qb.online/restor/assetss/6.98e7fbef002f8f6dbc7f.chunk.js.download Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.returned.tracking-ca612056212qb.online/restor/assetss/7.1c47863d901fc559ca9e.chunk.js.download Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.returned.tracking-ca612056212qb.online/restor/assetss/8.c0b379cf51ab59cc778e.chunk.js.download Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.returned.tracking-ca612056212qb.online/track-reperage/assetss/images/track2.0/common/track-icon-desktop.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.returned.tracking-ca612056212qb.online/track-reperage/assetss/images/track2.0/common/white.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.returned.tracking-ca612056212qb.online/track-reperage/assetss/images/track2.0/common/track-banner-chevron-desktop.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.returned.tracking-ca612056212qb.online/track-reperage/assetss/images/track2.0/common/track-banner-bg-desktop.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.returned.tracking-ca612056212qb.online/restor/assetss/cwc.js.download Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.returned.tracking-ca612056212qb.online/restor/assetss/adsct Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.returned.tracking-ca612056212qb.online/restor/assetss/cwc.js.download Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.returned.tracking-ca612056212qb.online/restor/assets/i18n/locales.json Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.returned.tracking-ca612056212qb.online/restor/assetss/adsct Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.returned.tracking-ca612056212qb.online/restor/assetss/db.0de5ebd22e5fb37bd752.js.download Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.returned.tracking-ca612056212qb.online/jfe/static/dist/c/db.0de5ebd22e5fb37bd752.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.returned.tracking-ca612056212qb.online/jfe4/restor/assetss/saved_resource.html/resume?rand=171853328&tid=1&t=1645631023189& Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
assetss.adobedtm.com
b.scorecardresearch.com
bid.g.doubleclick.net
canadapost.demdex.net
canadapost.tt.omtrdc.net
cm.everesttech.net
dpm.demdex.net
evaluation.canadapost-postescanada.ca
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
px.ads.linkedin.com
px4.ads.linkedin.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
siteintercept.qualtrics.com
snap.licdn.com
sslstats.canadapost.ca
www.canadapost-postescanada.ca
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.linkedin.com
www.returned.tracking-ca612056212qb.online
zn0xleir6swszany9-canadapostdigital.siteintercept.qualtrics.com
assetss.adobedtm.com
b.scorecardresearch.com
www.googletagservices.com
104.111.224.53
104.17.209.240
108.174.10.24
142.250.181.226
142.250.185.98
143.204.98.86
15.188.95.229
198.20.70.139
2620:1ec:21::14
2620:1ec:22::14
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:812::2003
2a00:1450:4001:812::200a
2a00:1450:4001:813::2002
2a00:1450:4001:828::2008
2a00:1450:4001:82f::2003
2a02:26f0:6c00:28f::1dc5
2a02:26f0:6c00::210:ba0a
2a02:26f0:fb:59e::1e80
34.240.134.29
34.248.44.115
52.31.233.74
52.50.54.3
74.125.133.155
0055b9d0429e9c194b4aa6b5f49cbc2ec31a7220ee7c8c186a9ee951feabd482
02a961f5a95c2888dc48405d9e71405f864c5db6cd6fbc3594bca92d00854b53
04dae6889f8351ed5ffd2feccacb0aa6b1a2c0c6dc8c57d39a3ff54068eb142d
083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966
09d38e6df31e02a66917ed98824da42e0de0770f313880b0a879cdf648a09f94
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
123bf26ccf7cad4cb9c950a263fe5a94a7a82efd355d185c6c9e4843044efb5b
123f24a220dcb3811035d4bfcb3395a7feb51fef5da5532242eca3106c99df72
12636ae94be1b787eea7db3083274d06b856fd802111786428ba732d4c010aeb
20ddb9d1ccea44f0c383ded5fa1c0743ade76898a54e46f57bd757a90f4a79ff
227a5b92f8b3842930cb010753b1acbe0da3833d27220e38c2944f4dd54e3466
2329a6a482f246bc4363b4dcfa4b53594469406e03fe8209ee50740d1bcefa2d
279d83c910b426bd368771e048026e1b7e7481007b7290313f714a729be39c74
28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3
2a7e270e3045a1f2a56a806431eecd13438a5fb40b0ff3c6a52544197383a5c8
2c3ef75ec5c7389ab19835091856419a5e6c220a8446ed5145561705912ac971
2eb73aa64541e6cf0032942c80bcdb5012a45adc6e7c6e78b1a19de0444e3b1b
3228f4cd6fd28ef733c3d98079f3478b1c4cb3338dcd7b95658ba731b817e113
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
3653651e11f0a74c5a2e8925e34730a1fb8da827b51daabcd2d6a705f9999463
37f7e4cae3c3a409193078169c5731a142552e04ca3bbb19c85e87432ce58afb
3f4b388ae92975e16d2c5b5e8107c75466915ccc8dd532f0cc8aa53fbabb2172
479c6bd59d67a7b56e13ac91c313bca8cba3852d7015becdf0131c1bada4f3ea
4c4f6ee77956f38cab82190bc1838688fd2c84f8ca23037c9647629105676cf8
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
4e1bc302a3c17f005a0ff883d30b7da6b3d71b1552a6e5d0722cc7fffd0ac285
5048c6be9fbe930eb06e264147aed24b826724bccafd81278dcf0add561a343c
52044e8d2e2dc085d3cff4cb721560e811200cc7ed7ab45f5ee32467f895df0f
53ec06fc03e9d183baefe6291fe06331908247eed14a775ee805855662b6f48b
57a312c41f55655316b7f662c2f61be3b32e50c9190770004d15620f78c27c72
5d375d6faa4bc90694173cca2301d3c74ecdd4b75e66e8f926ee243d096913be
5f03f83bd7e313c27ac8dd16b5ac8a6eafb8c16a6891d79183a2c9f6d826ab1d
5f495b0356a71a36df0640d33686b4e2122c74ea174bc4b593b7c1d469a00515
5f76040b069b0d9db0e42bc3801d56303e101aa8b7c1a6804b58c378b14dc4cc
61daa5e10d1910c94db36832a3adb3e9bec2c60a0b584b37daea27f634f36fd0
64430f94acefca97eaef4d65042ab77ca35dac0c0c4a57d5c52ffdfd54faacf5
6546d3170b3132fbb068530421ddd689414dfa72e5710aa75dde65249dddab7e
66d78a88ac5fae12289a6a83304523a3721842866c3d75e2617dd3e51d07e186
683769299759a5cea73358caec8e4f92c3615139b1b329d20e387f1bceee31b7
6a0f21f7d7ab82d78d5f71b0f00e8176bcfb4dc36a27896062754e20e5aefda8
6a50626ef34e5da6014662089f0775c6187d23e5c22379da71203848eac50ee3
6d152c946298385ccf2e47f3f068705ea8fccb9f9f8aee4aba6ec2230bca39e5
738fd24a72e6008169e004b6a6b5f74d651953d1d90d645a4decdf28012f7ceb
764b332510d18ffd6cd304877faffc714cfe18bb77699517eaab9fe3720c9757
79ce4e2bbf25c4a4d91458d191d6ef268b4592169ae6586ba52242f412670b5d
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7ee8d6c9a9e632ce12cd03615ec4c59c98f2070797cdea0721edf2c18c483258
80df80639eff50b28f33ab6354c5f7448973e4f47c47fe0c3813c7dea361a7c8
845e32df3520459c7432a3cce5a9f4ef03b71592561d57698be3b7e0bd95d06a
85538c4b32bf157a445df513bf7db467eb55efd76ef24a648f813dd655935773
8608c8e2dcc2a14b5b21503077bf54d62a215a013a4eb7b80b09099d201a445e
8754aadb1e4a2ae34539fa890aef276dcce219c3a22de8f6fa5c7a89e7edc523
8d37960007b92b40c57fde3298c4494f4e0f0f883943a9fa95634ba42cecedb6
8dfc0ae8ecca5b8d31b22274afd2d694f14a18cdaaaeae1808c51fd6f4abe91d
8e2dcb9912e96ad6472e010d4e66d67c647dfc385f09d652c1ff8d4d752baf14
8e4233cf902e370627e859eef38b531751d45a9960f1ea0ad1c9facbc8747894
9096646da2177d5db92f79352509450582a376913bb5387557c1efd28d0c377b
920938a5ba533d0e766b90ef153b190185bdc349fbcffd1535bb52271d4bb371
9533f31233af17cdddf24593ca694f0b884c172505a44f735a695c6ac97c7138
9731613739610ed50bce764c43dc12646c68081e08b9ac08a9251c28a620d0e7
995d5a3e0e3e217d8c2ee892dce1043f4560b3ed5f059410bedd880361ad342a
9a4cf81db2f47b8e6dc55b9d84dd6485e72517354d7a6bceb7b3102880ea0900
9ca27b7ce0a96c6183df98cd355c30e9db59fb4ab7181a3abd9c5687e785622c
9dba6fa92f9dd9c47188a8f3d6122d534cff769729e99da3804563eebff098b0
a010df4e1770a89ac0e537b1a047a962eb31f1d05123ff78f4651d78419753ca
a1aabc083ff05ff4cd83489fbfd165714717a29b2c83a4b19b52f791064847ee
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a592209f7eeb33781bf57dfc696f913a4cae61d0e5af9303ad44ad8b01a3e03c
a6a0dd3d9456d74cda04e3d67a859ee919dd8fd99cd88ac160d969aebfd424f5
aadb712af0292ec48ffed43c37ced41411575f58842de6f9b1587adf6339a6c2
acf56f4833ccd8789f66864deae46f9a6efb8625f15b9e5996a00e5634f094e1
acf8f5ac80909314187583188ea33f8192fcf18db6b20e7b2944472198ac4bc1
aeb6f90d34a12eca52b5bc903c56bb033fb6cb99c255931464b3bdf2212c7356
aef7b3b7839a63c74be3defee1e751b8ac85a2e273a2b7bfec60acdae94fdcf3
af0ff38759324a8313d883ff16f681e2f8ca9cb55831212e3a4a7682d1b93f78
b2cc470ca1f9343ddc3867eeea62bfd919f94df9bc1cf84bb8036542869c1397
b60af31f4402255b9fe3e40e493adfde0b7fdb8a71891151c04c51ca788e79eb
baf7bb0d02adef3079a78ae9bbe9fc6f501c684149a2e629a5e7035f9a073e15
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
c276be2725d2e7365a557f7dc562d6106d0d1d0e2dd2952f690280209fb2e736
c2c81d373c6ef2701c910ddea7d457687d9773bf3a3163ccff1740a3eaca0f3b
c382870f87b6bb3afaae4566273f34a23f18ca840cf5aa868726d4d66c1c145e
ca0874863457f57388d19b6c3c3e999e1c1472a89a8fb29b34a7ba2c4fe9f5e8
cae0ae2d67aac89367108586ebd25e00afc5d0f8110e6eb71b8d274037f7a5d8
cb516c01f0f3f70af3ff7c03be4a172e6ede1a7c3375b737d846128304c83538
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ce46d86e064e6b32f26d759b701c4c858c58cdf6c09f75e13c220ddb3f33ef4b
d15b15ae8fe77aac0010ac0c6ce2891eea9c8a6badd9d1a29be2a079cd7172b6
d45d27ead8c38956d7f640025d9d47a214d8dd5c8782ba91f2ee5802ad7660e9
d53225ddcfc6d2d917cf2b1b8177a5a6c08d394ae73e9d167af90120052a4712
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e444d7b706bfd14ec1c3a5f980a93b0a70af3fa07a2bc94e134987a3b77495d6
e44cc187e08b9307011a0f394146c19e3fcb052a15c3494443943578650a97a9
e467e89a41e68909313eef448847f3446650158fb5d046295fea70fd7d776b87
e4682fab8e097c87b1f7805726c662f67b5b3514f4ba9345ac0398ea36935d46
e62e54914dbabecaaaa6b6ba4b605ec384be240d485555452e7e094a3c5d9b7c
eb53bd4dea7062e9a7eb7b5cc56576ac7d773142684850caa93c6f4ae2104a40
eb7f8cff0e454007855e6b717b4e5de338b8d6dad3cd4f97dcd95634e87317f2
ecf0a124a7b3aa98d268e5de6d592d2e5d9ec1797673eac8138d44b405f7848d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1581dad5fdb0dc5ca66b9f4d58fc40cefcace189fb9837006ca21fc81838d62
f22199bae8b8829f81d8838b76a9a97c5817a477e25105aebe4397d198e89856
f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9
f682c864bef112716681870dfe001f193b6dff8d61438e0b41df4ff808c4007f
f6f011c0b9379c09b5a2fdda17a16749af0e4b207b9e136bedb891cedb2b8cc7
f7f580369ac30ad1c770458e4c255a0c70e111be7c1b4b9ea6410bb0bbfd8f08
f84bb1211171ea4ee915fe46fa04ebcb3c3b602d873da0977d553428a4c6952b
fdf4c25db95cf6328c5802bb3bd40a85d3e8c396d2beb17ce2a1795a1d5f1b97
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3
ff2a73d20f7a1e4654944821e3e0b459322b7f5b6a48af8e46ff4ffc4ebdfec3
ffc2023778c8007c764ffbd2375de234d76d482879531e1910797b6f96c4e60b

www.returned.tracking-ca612056212qb.online Open in urlscan Pro 198.20.70.139 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

217 Requests

95 %HTTPS

48 %IPv6

19 Domains

28 Subdomains

23 IPs

5 Countries

8591 kBTransfer

11694 kBSize

31 Cookies

292 Outgoing links

Page URL History

Redirected requests

217 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.returned.tracking-ca612056212qb.online Open in urlscan Pro
198.20.70.139 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

217
Requests

95 %
HTTPS

48 %
IPv6

19
Domains

28
Subdomains

23
IPs

5
Countries

8591 kB
Transfer

11694 kB
Size

31
Cookies

217 HTTP transactions
0 data transactions