Edit tour

Windows Analysis Report
https://na2.docusign.net/Member/EmailStart.aspx?a=a80ac213-4c4b-4d94-8447-7b8ec8afda1c&r=2c2e6bab-d126-49a4-9fae-66272ce3bf00

Overview

General Information

Sample URL:	https://na2.docusign.net/Member/EmailStart.aspx?a=a80ac213-4c4b-4d94-8447-7b8ec8afda1c&r=2c2e6bab-d126-49a4-9fae-66272ce3bf00
Analysis ID:	1430579
Infos:

Detection

Score:	0
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

No high impact signatures.

Classification

Process Tree

System is w10x64

chrome.exe (PID: 5288 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 5788 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2104 --field-trial-handle=1936,i,16160523055122430416,7819649957933225674,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 6408 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://na2.docusign.net/Member/EmailStart.aspx?a=a80ac213-4c4b-4d94-8447-7b8ec8afda1c&r=2c2e6bab-d126-49a4-9fae-66272ce3bf00" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: unknown	HTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.4:49767 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.4:49772 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 184.31.62.93
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /ds_arya_wrapper.min.js?f=1 HTTP/1.1Host: a.docusign.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://na2.docusign.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /track/?data=eyJldmVudCI6ICJtcF9wYWdlX3ZpZXciLCJwcm9wZXJ0aWVzIjogeyIkb3MiOiAiV2luZG93cyIsIiRicm93c2VyIjogIkNocm9tZSIsIiRzY3JlZW5faGVpZ2h0IjogMTAyNCwiJHNjcmVlbl93aWR0aCI6IDEyODAsIm1wX2xpYiI6ICJ3ZWIiLCJkaXN0aW5jdF9pZCI6ICIxOGYwY2E0YmUyYzExOC0wOTNkMGRiY2RmYWYwNS0yNjAzMWU1MS0xNDAwMDAtMThmMGNhNGJlMmQxNzEiLCIkaW5pdGlhbF9yZWZlcnJpbmdfZG9tYWluIjogIiRkaXJlY3QiLCJtcF9wYWdlIjogIm5hMi5kb2N1c2lnbi5uZXQiLCJtcF9icm93c2VyIjogIkNocm9tZSIsIm1wX3BsYXRmb3JtIjogIldpbmRvd3MiLCJ0b2tlbiI6ICIzMDRjY2JkZTI0ZDNiMTVmZmUyZDVkZTMwYzEwZGFiMiJ9fQ%3D%3D&ip=1&_=1713904074295 HTTP/1.1Host: api.mixpanel.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://na2.docusign.netSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://na2.docusign.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /track/?data=eyJldmVudCI6ICJtcF9wYWdlX3ZpZXciLCJwcm9wZXJ0aWVzIjogeyIkb3MiOiAiV2luZG93cyIsIiRicm93c2VyIjogIkNocm9tZSIsIiRzY3JlZW5faGVpZ2h0IjogMTAyNCwiJHNjcmVlbl93aWR0aCI6IDEyODAsIm1wX2xpYiI6ICJ3ZWIiLCJkaXN0aW5jdF9pZCI6ICIxOGYwY2E0YmUzMWQ3LTBlOWQ0ZDQ0YWY2NzktMjYwMzFlNTEtMTQwMDAwLTE4ZjBjYTRiZTMyMzAyIiwiJGluaXRpYWxfcmVmZXJyaW5nX2RvbWFpbiI6ICIkZGlyZWN0IiwibXBfcGFnZSI6ICJuYTIuZG9jdXNpZ24ubmV0IiwibXBfYnJvd3NlciI6ICJDaHJvbWUiLCJtcF9wbGF0Zm9ybSI6ICJXaW5kb3dzIiwidG9rZW4iOiAiNjI0NGJiOWUzMWRmNmQ4ZGNmOGM0MTM1ZGVmZTY0NjAifX0%3D&ip=1&_=1713904074298 HTTP/1.1Host: api.mixpanel.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://na2.docusign.netSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://na2.docusign.net/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /track/?data=eyJldmVudCI6ICJtcF9wYWdlX3ZpZXciLCJwcm9wZXJ0aWVzIjogeyIkb3MiOiAiV2luZG93cyIsIiRicm93c2VyIjogIkNocm9tZSIsIiRzY3JlZW5faGVpZ2h0IjogMTAyNCwiJHNjcmVlbl93aWR0aCI6IDEyODAsIm1wX2xpYiI6ICJ3ZWIiLCJkaXN0aW5jdF9pZCI6ICIxOGYwY2E0YmUyYzExOC0wOTNkMGRiY2RmYWYwNS0yNjAzMWU1MS0xNDAwMDAtMThmMGNhNGJlMmQxNzEiLCIkaW5pdGlhbF9yZWZlcnJpbmdfZG9tYWluIjogIiRkaXJlY3QiLCJtcF9wYWdlIjogIm5hMi5kb2N1c2lnbi5uZXQiLCJtcF9icm93c2VyIjogIkNocm9tZSIsIm1wX3BsYXRmb3JtIjogIldpbmRvd3MiLCJ0b2tlbiI6ICIzMDRjY2JkZTI0ZDNiMTVmZmUyZDVkZTMwYzEwZGFiMiJ9fQ%3D%3D&ip=1&_=1713904074295 HTTP/1.1Host: api.mixpanel.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /track/?data=eyJldmVudCI6ICJtcF9wYWdlX3ZpZXciLCJwcm9wZXJ0aWVzIjogeyIkb3MiOiAiV2luZG93cyIsIiRicm93c2VyIjogIkNocm9tZSIsIiRzY3JlZW5faGVpZ2h0IjogMTAyNCwiJHNjcmVlbl93aWR0aCI6IDEyODAsIm1wX2xpYiI6ICJ3ZWIiLCJkaXN0aW5jdF9pZCI6ICIxOGYwY2E0YmUzMWQ3LTBlOWQ0ZDQ0YWY2NzktMjYwMzFlNTEtMTQwMDAwLTE4ZjBjYTRiZTMyMzAyIiwiJGluaXRpYWxfcmVmZXJyaW5nX2RvbWFpbiI6ICIkZGlyZWN0IiwibXBfcGFnZSI6ICJuYTIuZG9jdXNpZ24ubmV0IiwibXBfYnJvd3NlciI6ICJDaHJvbWUiLCJtcF9wbGF0Zm9ybSI6ICJXaW5kb3dzIiwidG9rZW4iOiAiNjI0NGJiOWUzMWRmNmQ4ZGNmOGM0MTM1ZGVmZTY0NjAifX0%3D&ip=1&_=1713904074298 HTTP/1.1Host: api.mixpanel.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /track/?data=eyJldmVudCI6ICJDQyBSZWNpcGllbnQgVmlldyBTaWdudXAgRm9ybSIsInByb3BlcnRpZXMiOiB7IiRvcyI6ICJXaW5kb3dzIiwiJGJyb3dzZXIiOiAiQ2hyb21lIiwiJHNjcmVlbl9oZWlnaHQiOiAxMDI0LCIkc2NyZWVuX3dpZHRoIjogMTI4MCwibXBfbGliIjogIndlYiIsImRpc3RpbmN0X2lkIjogIjllZGZiODIzYTZhNWZmZWI4NmZkZDlkN2E3NWI4ZmFkNWJjMjI3OTkiLCIkaW5pdGlhbF9yZWZlcnJpbmdfZG9tYWluIjogIiRkaXJlY3QiLCJQYWdlIjogIlNpZ24gJiBSZXR1cm4gTW9kYWwiLCJIYXNoZWRFbWFpbCI6ICJiYTE4MTQ2ZDhlODAxMmUxOTE0Nzk5ODczMzk3YzIzYyIsIlBvc3QgU2lnbmluZyBEaWFsb2ciOiAiRG9uZSIsIkVudmVsb3BlIElEIjogIjBhYTYwNzdiOGVjOTAzNjAxNGZiYWE4NTU4ZTgxZjI4Mjc1YTUyM2IiLCJSZWNpcGllbnQgSUQiOiAiYmViMzJiMDY1MmZhODYzMzQzY2U1ZTRiMTYwN2JkMmMyMjQ5OGZmYyIsIlNpZ25lciBJRCI6ICI5ZWRmYjgyM2E2YTVmZmViODZmZGQ5ZDdhNzViOGZhZDViYzIyNzk5IiwiQnJvd3NlciBWZXJzaW9uIjogIkNocm9tZSAxMjMuMCIsIkZpZWxkcyBSZWNpcGllbnQiOiAiMiIsIkZpZWxkcyBFbnZlbG9wZSI6ICIyIiwiUmVxdWlyZWQgRmllbGRzIjogIjEiLCJMYW5ndWFnZSI6ICJlbiIsIlNpZ25pbmcgQWNjZXNzIjogIlJlbW90ZSIsIkF1dG9OYXYgUnVsZXMiOiAiRmllbGRzQWxsIiwiUmVjaXBpZW50cyI6ICIxIiwiUmVjaXBpZW50IFR5cGUiOiAiU2lnbmVyIiwiUmVjaXBpZW50cyBXb3JrZmxvdyI6ICIxIiwiU2VuZGVyIEFjY291bnQgSUQiOiAiOWNlZDk4ZmQyMjhlNjg5M2IxMWRjYTdjYjZiYTZkYTA0M2FjZjY4NyIsIkFjY291bnQgSUQiOiAiODkzZTJiNGE5MWFhMDYyNzQyOGRlNzlmMzIxNzkzNmM0MDZlYzEwYSIsIkJyYW5kZWQiOiB0cnVlLCJCcmFuZGVkIExvZ28iOiB0cnVlLCJCcmFuZGVkIENvbG9yIjogdHJ1ZSwiQnJhbmRlZCBGaWxlIjogZmFsc2UsIkNvbmNhdCBNb2RlIjogZmFsc2UsIkF0dGFjaG1lbnQgQWRkZWQiOiBmYWxzZSwiQXR0YWNobWVudCBDb3VudCI6IDAsIkF0dGFjaG1lbnQgTWV0aG9kIjogbnVsbCwiUGFnZXMiOiAiMTEiLCJEb2NzIjogIjMiLCJBdXRoZW50aWNhdGlvbiI6ICJOb25lIiwiTG9nZ2VkIEluIjogZmFsc2UsIkNvbnNlbnQgU2hvd24iOiBmYWxzZSwiQWNjb3VudCBIb2xkZXIiOiBmYWxzZSwiRmllbGQgU2lnbmF0dXJlIjogdHJ1ZSwiRmllbGQgSW5pdGlhbCI6IGZhbHNlLCJGaWVsZCBTdGFtcCI6IGZhbHNlLCJGaWVsZCBEYXRlIjogdHJ1ZSwiRmllbGQgVGV4dCI6IGZhbHNlLCJGaWVsZCBOYW1lIjogZmFsc2UsIkZpZWxkIENvbXBhbnkiOiBmYWxzZSwiRmllbGQgVGl0bGUiOiBmYWxzZSwiRmllbGQgRW1haWwiOiBmYWxzZSwiRmllbGQgQ2hlY2tib3giOiBmYWxzZSwiRmllbGQgUmFkaW8iOiBmYWxzZSwiRmllbGQgRHJvcGRvd24iOiBmYWxzZSwiRmllbGQgQXR0YWNobWVudCI6IGZhbHNlLCJGaWVsZCBOb3RlIjogZmFsc2UsIkZpZWxkIEFwcHJvdmUiOiBmYWxzZSwiRmllbGQgRGVjbGluZSI6IGZhbHNlLCJGaWVsZCBWaWV3IjogZmFsc2UsIkZpZWxkIEZvcm11bGEiOiBmYWxzZSwiVGVtcGxhdGUgVXNlZCI6IGZhbHNlLCJTdXBwbGVtZW50YWwgRG9jdW1lbnQgQ291bnQiOiAxLCJTdXBwbGVtZW50YWwgRG9jdW1lbnQgUmVxdWlyZW1lbnRzIjogIk5vSW50ZXJhY3Rpb24iLCJBdXRvQ29tcGxldGUgRW5hYmxlZCI6IGZhbHNlLCJwcm9kdWN0IGFyZWEiOiAiU2lnbmluZyIsIkRTX0EiOiAiMWQ4MTU3Y2QtZTAxZC00YWEwLTlhZWMtYWQyZGJiNDZmNzYxIiwiRnJlZWZvcm0iOiBmYWxzZSwiU2lnbmluZ0V4dGVuc2lvbnMiOiB0cnVlLCJCcm93c2VyIFdpZHRoIEluaXRpYWwiOiAxMjgwLCJCcm93c2VyIEhlaWdodCBJbml0aWFsIjogOTA3LCJCcm93c2VyIFdpZHRoIjogMTI4MCwiQnJvd3NlciBIZWlnaHQiOiA5MDcsIlNlc3Npb24gQWJvdXQgdG8gRXhwaXJlIENvdW50IjogMCwiVG9wIEZpbmlzaCBIaWRkZW4iOiBmYWxzZSwiUG93ZXJGb3JtIjogZmFsc2UsIkEvQiBUZXN0cyI6ICJpZnJhbWVsZXNzOiBtb2JpbGUiLCJQb3dlcmZvcm0gU2VuZGVyIjogZmFsc2UsIlBsYXRmb3JtIjogIldlYiBBcHAiLCJ0b2tlbiI6ICIzMDRjY2JkZTI0ZDNiMTVmZmUyZDVkZTMwYzEwZGFiMiJ9fQ%3D%3D&ip=1&_=1713904082133 HTTP/1.1Host: api.mixpanel.comConnection: keep-alivesec-ch-ua:
Source: global traffic	HTTP traffic detected: GET /track/?data=eyJldmVudCI6ICJDQyBSZWNpcGllbnQgVmlldyBTaWdudXAgRm9ybSIsInByb3BlcnRpZXMiOiB7IiRvcyI6ICJXaW5kb3dzIiwiJGJyb3dzZXIiOiAiQ2hyb21lIiwiJHNjcmVlbl9oZWlnaHQiOiAxMDI0LCIkc2NyZWVuX3dpZHRoIjogMTI4MCwibXBfbGliIjogIndlYiIsImRpc3RpbmN0X2lkIjogIjllZGZiODIzYTZhNWZmZWI4NmZkZDlkN2E3NWI4ZmFkNWJjMjI3OTkiLCIkaW5pdGlhbF9yZWZlcnJpbmdfZG9tYWluIjogIiRkaXJlY3QiLCJQYWdlIjogIlNpZ24gJiBSZXR1cm4gTW9kYWwiLCJIYXNoZWRFbWFpbCI6ICJiYTE4MTQ2ZDhlODAxMmUxOTE0Nzk5ODczMzk3YzIzYyIsIlBvc3QgU2lnbmluZyBEaWFsb2ciOiAiRG9uZSIsIkVudmVsb3BlIElEIjogIjBhYTYwNzdiOGVjOTAzNjAxNGZiYWE4NTU4ZTgxZjI4Mjc1YTUyM2IiLCJSZWNpcGllbnQgSUQiOiAiYmViMzJiMDY1MmZhODYzMzQzY2U1ZTRiMTYwN2JkMmMyMjQ5OGZmYyIsIlNpZ25lciBJRCI6ICI5ZWRmYjgyM2E2YTVmZmViODZmZGQ5ZDdhNzViOGZhZDViYzIyNzk5IiwiQnJvd3NlciBWZXJzaW9uIjogIkNocm9tZSAxMjMuMCIsIkZpZWxkcyBSZWNpcGllbnQiOiAiMiIsIkZpZWxkcyBFbnZlbG9wZSI6ICIyIiwiUmVxdWlyZWQgRmllbGRzIjogIjEiLCJMYW5ndWFnZSI6ICJlbiIsIlNpZ25pbmcgQWNjZXNzIjogIlJlbW90ZSIsIkF1dG9OYXYgUnVsZXMiOiAiRmllbGRzQWxsIiwiUmVjaXBpZW50cyI6ICIxIiwiUmVjaXBpZW50IFR5cGUiOiAiU2lnbmVyIiwiUmVjaXBpZW50cyBXb3JrZmxvdyI6ICIxIiwiU2VuZGVyIEFjY291bnQgSUQiOiAiOWNlZDk4ZmQyMjhlNjg5M2IxMWRjYTdjYjZiYTZkYTA0M2FjZjY4NyIsIkFjY291bnQgSUQiOiAiODkzZTJiNGE5MWFhMDYyNzQyOGRlNzlmMzIxNzkzNmM0MDZlYzEwYSIsIkJyYW5kZWQiOiB0cnVlLCJCcmFuZGVkIExvZ28iOiB0cnVlLCJCcmFuZGVkIENvbG9yIjogdHJ1ZSwiQnJhbmRlZCBGaWxlIjogZmFsc2UsIkNvbmNhdCBNb2RlIjogZmFsc2UsIkF0dGFjaG1lbnQgQWRkZWQiOiBmYWxzZSwiQXR0YWNobWVudCBDb3VudCI6IDAsIkF0dGFjaG1lbnQgTWV0aG9kIjogbnVsbCwiUGFnZXMiOiAiMTEiLCJEb2NzIjogIjMiLCJBdXRoZW50aWNhdGlvbiI6ICJOb25lIiwiTG9nZ2VkIEluIjogZmFsc2UsIkNvbnNlbnQgU2hvd24iOiBmYWxzZSwiQWNjb3VudCBIb2xkZXIiOiBmYWxzZSwiRmllbGQgU2lnbmF0dXJlIjogdHJ1ZSwiRmllbGQgSW5pdGlhbCI6IGZhbHNlLCJGaWVsZCBTdGFtcCI6IGZhbHNlLCJGaWVsZCBEYXRlIjogdHJ1ZSwiRmllbGQgVGV4dCI6IGZhbHNlLCJGaWVsZCBOYW1lIjogZmFsc2UsIkZpZWxkIENvbXBhbnkiOiBmYWxzZSwiRmllbGQgVGl0bGUiOiBmYWxzZSwiRmllbGQgRW1haWwiOiBmYWxzZSwiRmllbGQgQ2hlY2tib3giOiBmYWxzZSwiRmllbGQgUmFkaW8iOiBmYWxzZSwiRmllbGQgRHJvcGRvd24iOiBmYWxzZSwiRmllbGQgQXR0YWNobWVudCI6IGZhbHNlLCJGaWVsZCBOb3RlIjogZmFsc2UsIkZpZWxkIEFwcHJvdmUiOiBmYWxzZSwiRmllbGQgRGVjbGluZSI6IGZhbHNlLCJGaWVsZCBWaWV3IjogZmFsc2UsIkZpZWxkIEZvcm11bGEiOiBmYWxzZSwiVGVtcGxhdGUgVXNlZCI6IGZhbHNlLCJTdXBwbGVtZW50YWwgRG9jdW1lbnQgQ291bnQiOiAxLCJTdXBwbGVtZW50YWwgRG9jdW1lbnQgUmVxdWlyZW1lbnRzIjogIk5vSW50ZXJhY3Rpb24iLCJBdXRvQ29tcGxldGUgRW5hYmxlZCI6IGZhbHNlLCJwcm9kdWN0IGFyZWEiOiAiU2lnbmluZyIsIkRTX0EiOiAiMWQ4MTU3Y2QtZTAxZC00YWEwLTlhZWMtYWQyZGJiNDZmNzYxIiwiRnJlZWZvcm0iOiBmYWxzZSwiU2lnbmluZ0V4dGVuc2lvbnMiOiB0cnVlLCJCcm93c2VyIFdpZHRoIEluaXRpYWwiOiAxMjgwLCJCcm93c2VyIEhlaWdodCBJbml0aWFsIjogOTA3LCJCcm93c2VyIFdpZHRoIjogMTI4MCwiQnJvd3NlciBIZWlnaHQiOiA5MDcsIlNlc3Npb24gQWJvdXQgdG8gRXhwaXJlIENvdW50IjogMCwiVG9wIEZpbmlzaCBIaWRkZW4iOiBmYWxzZSwiUG93ZXJGb3JtIjogZmFsc2UsIkEvQiBUZXN0cyI6ICJpZnJhbWVsZXNzOiBtb2JpbGUiLCJQb3dlcmZvcm0gU2VuZGVyIjogZmFsc2UsIlBsYXRmb3JtIjogIldlYiBBcHAiLCJ0b2tlbiI6ICIzMDRjY2JkZTI0ZDNiMTVmZmUyZDVkZTMwYzEwZGFiMiJ9fQ%3D%3D&ip=1&_=1713904082133 HTTP/1.1Host: api.mixpanel.comConnection: keep-aliveUser-Agent:
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.osler.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /en/home HTTP/1.1Host: www.osler.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CMSPreferredCulture=en-CA; lang=en-ca; ARRAffinity=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ARRAffinitySameSite=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ASLBSA=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASLBSACORS=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c
Source: global traffic	HTTP traffic detected: GET /Osler/fonts/font-awesome/css/font-awesome.min.css HTTP/1.1Host: www.osler.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.osler.com/en/homeAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CMSPreferredCulture=en-CA; lang=en-ca; ARRAffinity=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ARRAffinitySameSite=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ASLBSA=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASLBSACORS=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASP.NET_SessionId=wxt4gdhqkvddfgmpog4lnvg3
Source: global traffic	HTTP traffic detected: GET /Osler/css/bootstrap-accessibility-plugin.min.css HTTP/1.1Host: www.osler.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.osler.com/en/homeAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CMSPreferredCulture=en-CA; lang=en-ca; ARRAffinity=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ARRAffinitySameSite=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ASLBSA=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASLBSACORS=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASP.NET_SessionId=wxt4gdhqkvddfgmpog4lnvg3
Source: global traffic	HTTP traffic detected: GET /Osler/css/styles.min.css?v=11.0.4 HTTP/1.1Host: www.osler.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.osler.com/en/homeAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CMSPreferredCulture=en-CA; lang=en-ca; ARRAffinity=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ARRAffinitySameSite=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ASLBSA=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASLBSACORS=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASP.NET_SessionId=wxt4gdhqkvddfgmpog4lnvg3
Source: global traffic	HTTP traffic detected: GET /scripttemplates/otSDKStub.js HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.osler.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Osler/js/bower_components/modernizr/modernizr.js HTTP/1.1Host: www.osler.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.osler.com/en/homeAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CMSPreferredCulture=en-CA; lang=en-ca; ARRAffinity=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ARRAffinitySameSite=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ASLBSA=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASLBSACORS=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASP.NET_SessionId=wxt4gdhqkvddfgmpog4lnvg3
Source: global traffic	HTTP traffic detected: GET /WebResource.axd?d=pynGkmcFUV13He1Qd6_TZMakmllNIbNVJUHTDPpvzmJhtQwH6GTOa46RoBltd7k6KymeJGxkWxehYM52nU-nmQ2&t=638399175142847209 HTTP/1.1Host: www.osler.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.osler.com/en/homeAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CMSPreferredCulture=en-CA; lang=en-ca; ARRAffinity=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ARRAffinitySameSite=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ASLBSA=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASLBSACORS=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASP.NET_SessionId=wxt4gdhqkvddfgmpog4lnvg3
Source: global traffic	HTTP traffic detected: GET /CMSPages/GetResource.ashx?scriptfile=%7e%2fCMSScripts%2fWebServiceCall.js HTTP/1.1Host: www.osler.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.osler.com/en/homeAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CMSPreferredCulture=en-CA; lang=en-ca; ARRAffinity=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ARRAffinitySameSite=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ASLBSA=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASLBSACORS=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASP.NET_SessionId=wxt4gdhqkvddfgmpog4lnvg3
Source: global traffic	HTTP traffic detected: GET /consent/25c02da3-4d83-47e6-b080-f533c2d99f75/25c02da3-4d83-47e6-b080-f533c2d99f75.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.osler.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.osler.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=uHIkleVeDJf4xS50Krz-yND2uNShhTUBAP5n7Xu_4VEl-p2v7XApT3Wzf25zNj8jfHNT4wEsGAA2Kw1gCxln6iOKKZKXd_VfM8hBCSVnU9G4mkKk8MEcUDtNc08T0CzJigFOUXvGgrseIpqSzLM-sUZdqwGIcIt8aEKbHu1vqV81&t=722fe453 HTTP/1.1Host: www.osler.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.osler.com/en/homeAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CMSPreferredCulture=en-CA; lang=en-ca; ARRAffinity=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ARRAffinitySameSite=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ASLBSA=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASLBSACORS=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASP.NET_SessionId=wxt4gdhqkvddfgmpog4lnvg3
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=Jw6tUGWnA15YEa3ai3FadJaKr3VMEUCzTcVUg3yR_61yWBgJoleXt-5Wzlb_DbMqUsLvg1hc9B9Cbq075jVgMxR2b_4e3El0QfSbhYiSO0Zck-SkUtK5a0ahJ4I80fD0ivUmZ29GXEQmkrFUXLiggKgpiZLo68rZ0QbCQ6QY_s81&t=722fe453 HTTP/1.1Host: www.osler.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.osler.com/en/homeAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CMSPreferredCulture=en-CA; lang=en-ca; ARRAffinity=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ARRAffinitySameSite=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ASLBSA=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASLBSACORS=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASP.NET_SessionId=wxt4gdhqkvddfgmpog4lnvg3
Source: global traffic	HTTP traffic detected: GET /Osler/images/logos/logo.png HTTP/1.1Host: www.osler.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.osler.com/en/homeAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CMSPreferredCulture=en-CA; lang=en-ca; ARRAffinity=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ARRAffinitySameSite=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ASLBSA=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASLBSACORS=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASP.NET_SessionId=wxt4gdhqkvddfgmpog4lnvg3
Source: global traffic	HTTP traffic detected: GET /osler/media/Osler/Content/Images/Tile-700x350/Federal-Budget-2024-700x350.jpg?ext=.jpg HTTP/1.1Host: www.osler.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.osler.com/en/homeAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CMSPreferredCulture=en-CA; lang=en-ca; ARRAffinity=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ARRAffinitySameSite=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ASLBSA=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASLBSACORS=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASP.NET_SessionId=wxt4gdhqkvddfgmpog4lnvg3
Source: global traffic	HTTP traffic detected: GET /consent/25c02da3-4d83-47e6-b080-f533c2d99f75/25c02da3-4d83-47e6-b080-f533c2d99f75.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cookieconsentpub/v1/geo/location HTTP/1.1Host: geolocation.onetrust.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"accept: application/jsonsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://www.osler.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.osler.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Osler/fonts/celeste-sans/CelesteSansWeb.woff HTTP/1.1Host: www.osler.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.osler.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.osler.com/Osler/css/styles.min.css?v=11.0.4Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CMSPreferredCulture=en-CA; lang=en-ca; ARRAffinity=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ARRAffinitySameSite=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ASLBSA=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASLBSACORS=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASP.NET_SessionId=wxt4gdhqkvddfgmpog4lnvg3
Source: global traffic	HTTP traffic detected: GET /osler/media/Osler/Content/Images/Tile-300x300/300x300-Elizabeth-Sale.png?ext=.png HTTP/1.1Host: www.osler.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.osler.com/en/homeAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CMSPreferredCulture=en-CA; lang=en-ca; ARRAffinity=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ARRAffinitySameSite=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ASLBSA=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASLBSACORS=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASP.NET_SessionId=wxt4gdhqkvddfgmpog4lnvg3
Source: global traffic	HTTP traffic detected: GET /Osler/fonts/font-awesome/fonts/fontawesome-webfont.woff?v=4.2.0 HTTP/1.1Host: www.osler.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.osler.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.osler.com/Osler/fonts/font-awesome/css/font-awesome.min.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CMSPreferredCulture=en-CA; lang=en-ca; ARRAffinity=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ARRAffinitySameSite=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ASLBSA=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASLBSACORS=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASP.NET_SessionId=wxt4gdhqkvddfgmpog4lnvg3
Source: global traffic	HTTP traffic detected: GET /Osler/fonts/celeste/CelesteWeb.woff? HTTP/1.1Host: www.osler.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.osler.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.osler.com/Osler/css/styles.min.css?v=11.0.4Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CMSPreferredCulture=en-CA; lang=en-ca; ARRAffinity=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ARRAffinitySameSite=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ASLBSA=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASLBSACORS=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASP.NET_SessionId=wxt4gdhqkvddfgmpog4lnvg3
Source: global traffic	HTTP traffic detected: GET /scripttemplates/202308.1.0/otBannerSdk.js HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.osler.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Osler/images/logos/logo.png HTTP/1.1Host: www.osler.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CMSPreferredCulture=en-CA; lang=en-ca; ARRAffinity=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ARRAffinitySameSite=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ASLBSA=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASLBSACORS=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASP.NET_SessionId=wxt4gdhqkvddfgmpog4lnvg3
Source: global traffic	HTTP traffic detected: GET /Osler/fonts/celeste-sans/bold/celestesanscomp-bold-webfont.woff2 HTTP/1.1Host: www.osler.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://www.osler.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.osler.com/Osler/css/styles.min.css?v=11.0.4Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CMSPreferredCulture=en-CA; lang=en-ca; ARRAffinity=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ARRAffinitySameSite=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ASLBSA=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASLBSACORS=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASP.NET_SessionId=wxt4gdhqkvddfgmpog4lnvg3
Source: global traffic	HTTP traffic detected: GET /cookieconsentpub/v1/geo/location HTTP/1.1Host: geolocation.onetrust.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /osler/media/Osler/Content/Images/Tile-300x300/ESG-Podcast-300x300.jpg?ext=.jpg HTTP/1.1Host: www.osler.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.osler.com/en/homeAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CMSPreferredCulture=en-CA; lang=en-ca; ARRAffinity=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ARRAffinitySameSite=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ASLBSA=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASLBSACORS=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASP.NET_SessionId=wxt4gdhqkvddfgmpog4lnvg3
Source: global traffic	HTTP traffic detected: GET /osler/media/Osler/Content/Images/Tile-700x350/700x350-dealpoints-2024.png?ext=.png HTTP/1.1Host: www.osler.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.osler.com/en/homeAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CMSPreferredCulture=en-CA; lang=en-ca; ARRAffinity=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ARRAffinitySameSite=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ASLBSA=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASLBSACORS=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASP.NET_SessionId=wxt4gdhqkvddfgmpog4lnvg3
Source: global traffic	HTTP traffic detected: GET /osler/media/Osler/Content/Images/Tile-700x350/Federal-Budget-2024-700x350.jpg?ext=.jpg HTTP/1.1Host: www.osler.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CMSPreferredCulture=en-CA; lang=en-ca; ARRAffinity=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ARRAffinitySameSite=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ASLBSA=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASLBSACORS=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASP.NET_SessionId=wxt4gdhqkvddfgmpog4lnvg3
Source: global traffic	HTTP traffic detected: GET /Osler/js/dist/rem.min.js HTTP/1.1Host: www.osler.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.osler.com/en/homeAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CMSPreferredCulture=en-CA; lang=en-ca; ARRAffinity=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ARRAffinitySameSite=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ASLBSA=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASLBSACORS=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASP.NET_SessionId=wxt4gdhqkvddfgmpog4lnvg3
Source: global traffic	HTTP traffic detected: GET /osler/media/Osler/Content/Images/Tile-300x300/300x300-Elizabeth-Sale.png?ext=.png HTTP/1.1Host: www.osler.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CMSPreferredCulture=en-CA; lang=en-ca; ARRAffinity=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ARRAffinitySameSite=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ASLBSA=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASLBSACORS=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASP.NET_SessionId=wxt4gdhqkvddfgmpog4lnvg3
Source: global traffic	HTTP traffic detected: GET /Osler/js/dist/Osler.min.js HTTP/1.1Host: www.osler.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.osler.com/en/homeAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CMSPreferredCulture=en-CA; lang=en-ca; ARRAffinity=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ARRAffinitySameSite=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ASLBSA=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASLBSACORS=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASP.NET_SessionId=wxt4gdhqkvddfgmpog4lnvg3; _gcl_au=1.1.1586521870.1713904103
Source: global traffic	HTTP traffic detected: GET /c/hotjar-139501.js?sv=7 HTTP/1.1Host: static.hotjar.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.osler.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_/ad/1d539869a4ba46ddbd0c2051a332bce8/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fwww.osler.com%2Fen%2Fhome HTTP/1.1Host: q.quora.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.osler.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /consent/25c02da3-4d83-47e6-b080-f533c2d99f75/25cdfee2-024b-4a52-a054-a6e05347c926/en.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.osler.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.osler.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /osler/media/Osler/Content/Email/Email-Icon.svg HTTP/1.1Host: www.osler.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.osler.com/en/homeAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CMSPreferredCulture=en-CA; lang=en-ca; ARRAffinity=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ARRAffinitySameSite=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ASLBSA=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASLBSACORS=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASP.NET_SessionId=wxt4gdhqkvddfgmpog4lnvg3; _gcl_au=1.1.1586521870.1713904103
Source: global traffic	HTTP traffic detected: GET /Osler/images/logos/white-logo.png HTTP/1.1Host: www.osler.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.osler.com/en/homeAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CMSPreferredCulture=en-CA; lang=en-ca; ARRAffinity=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ARRAffinitySameSite=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ASLBSA=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASLBSACORS=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASP.NET_SessionId=wxt4gdhqkvddfgmpog4lnvg3; _gcl_au=1.1.1586521870.1713904103
Source: global traffic	HTTP traffic detected: GET /osler/media/Osler/Content/Images/Tile-300x300/ESG-Podcast-300x300.jpg?ext=.jpg HTTP/1.1Host: www.osler.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CMSPreferredCulture=en-CA; lang=en-ca; ARRAffinity=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ARRAffinitySameSite=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ASLBSA=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASLBSACORS=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASP.NET_SessionId=wxt4gdhqkvddfgmpog4lnvg3; _gcl_au=1.1.1586521870.1713904103
Source: global traffic	HTTP traffic detected: GET /consent/25c02da3-4d83-47e6-b080-f533c2d99f75/25cdfee2-024b-4a52-a054-a6e05347c926/en.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /osler/media/Osler/Content/Images/Tile-700x350/700x350-dealpoints-2024.png?ext=.png HTTP/1.1Host: www.osler.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CMSPreferredCulture=en-CA; lang=en-ca; ARRAffinity=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ARRAffinitySameSite=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ASLBSA=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASLBSACORS=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASP.NET_SessionId=wxt4gdhqkvddfgmpog4lnvg3; _gcl_au=1.1.1586521870.1713904103
Source: global traffic	HTTP traffic detected: GET /scripttemplates/202308.1.0/assets/otFloatingRounded.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.osler.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.osler.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripttemplates/202308.1.0/assets/v2/otPcCenter.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.osler.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.osler.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripttemplates/202308.1.0/assets/otCookieSettingsButton.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.osler.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.osler.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripttemplates/202308.1.0/assets/otCommonStyles.css HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.osler.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.osler.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_/ad/1d539869a4ba46ddbd0c2051a332bce8/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fwww.osler.com%2Fen%2Fhome HTTP/1.1Host: q.quora.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /modules.588629dd3c10b20ab52d.js HTTP/1.1Host: script.hotjar.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.osler.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /osler/media/Osler/Content/Email/Email-Icon.svg HTTP/1.1Host: www.osler.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CMSPreferredCulture=en-CA; lang=en-ca; ARRAffinity=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ARRAffinitySameSite=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ASLBSA=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASLBSACORS=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASP.NET_SessionId=wxt4gdhqkvddfgmpog4lnvg3; _gcl_au=1.1.1586521870.1713904103; _ga=GA1.2.1593841297.1713904103; _gid=GA1.2.51695240.1713904103; _gat_UA-44058441-1=1; OptanonConsent=isGpcEnabled=0&datestamp=Tue+Apr+23+2024+22%3A28%3A23+GMT%2B0200+(Central+European+Summer+Time)&version=202308.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Fwww.osler.com%2Fen%2Fhome
Source: global traffic	HTTP traffic detected: GET /Osler/images/logos/white-logo.png HTTP/1.1Host: www.osler.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CMSPreferredCulture=en-CA; lang=en-ca; ARRAffinity=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ARRAffinitySameSite=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ASLBSA=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASLBSACORS=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASP.NET_SessionId=wxt4gdhqkvddfgmpog4lnvg3; _gcl_au=1.1.1586521870.1713904103; _ga=GA1.2.1593841297.1713904103; _gid=GA1.2.51695240.1713904103; _gat_UA-44058441-1=1; OptanonConsent=isGpcEnabled=0&datestamp=Tue+Apr+23+2024+22%3A28%3A23+GMT%2B0200+(Central+European+Summer+Time)&version=202308.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Fwww.osler.com%2Fen%2Fhome; _ga_2XYX2S797K=deleted
Source: global traffic	HTTP traffic detected: GET /td/ga/rul?tid=G-2XYX2S797K&gacid=1593841297.1713904103&gtm=45je44h0v898263613z8898501896za200&dma=0&gcd=13l3l3l3l1&npa=0&pscdl=noapi&aip=1&fledge=1&z=701014799 HTTP/1.1Host: td.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.osler.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tag/uet/134024834 HTTP/1.1Host: www.clarity.msConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.osler.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripttemplates/202308.1.0/assets/otCookieSettingsButton.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripttemplates/202308.1.0/assets/otFloatingRounded.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripttemplates/202308.1.0/assets/otCommonStyles.css HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /logos/static/ot_close.svg HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.osler.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripttemplates/202308.1.0/assets/v2/otPcCenter.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /logos/38631fdf-9644-4fbd-9d51-548bf27f58b4/d3be8f9e-1328-4432-981a-700d22c98729/af8b8ffa-721b-4a44-b983-b8844991da31/logo-small.png HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.osler.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /logos/38631fdf-9644-4fbd-9d51-548bf27f58b4/766c27fe-9d62-4742-8d14-c7025e4ea83d/b6e90325-7b68-4e30-bbe6-25167c632d2c/logo.png HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.osler.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /logos/static/powered_by_logo.svg HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.osler.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /logos/static/ot_guard_logo.svg HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://www.osler.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.osler.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /s/0.7.32/clarity.js HTTP/1.1Host: www.clarity.msConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.osler.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CLID=f6d1e9bb216b487b8202329181413844.20240423.20250423
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: www.osler.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.osler.com/en/homeAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CMSPreferredCulture=en-CA; lang=en-ca; ARRAffinity=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ARRAffinitySameSite=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ASLBSA=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASLBSACORS=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASP.NET_SessionId=wxt4gdhqkvddfgmpog4lnvg3; _gcl_au=1.1.1586521870.1713904103; _gid=GA1.2.51695240.1713904103; _gat_UA-44058441-1=1; _uetsid=084a5ee001b011ef88b71f1374bb47ad; _uetvid=084aa1a001b011efb9fcf5db7f6b2865; __utma=48214201.1593841297.1713904103.1713904103.1713904103.1; __utmc=48214201; __utmz=48214201.1713904103.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt_UA-3837444-1=1; __utmb=48214201.1.10.1713904103; OptanonConsent=isGpcEnabled=0&datestamp=Tue+Apr+23+2024+22%3A28%3A24+GMT%2B0200+(Central+European+Summer+Time)&version=202308.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Fwww.osler.com%2Fen%2Fhome&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0; CurrentContact=37ec3b9a-1c25-4aee-af98-a7ec528e2a11; VisitorStatus=11064158108; CMSUserPage={"TimeStamp":"2024-04-23T16:28:24.7137934-04:00","LastPageDocumentID":3,"LastPageNodeID":3,"Identifier":"08c5726e-213b-4603-94b0-d470fe6d082b"}; CMSLandingPageLoaded=true; _hjSessionUser_139501=eyJpZCI6IjYwYzM0YWZlLWQ2ZDItNWJmMC1iOTZjLTY5ZTg0Y2JmYjM0YSIsImNyZWF0ZWQiOjE3MTM5MDQxMDQ0OTgsImV4aXN0aW5nIjpmYWxzZX0=; _hjSession_139501=eyJpZCI6ImMzNWIwMTJjLTc0YmItNDI5Mi1hZjliLTYyZDFlYzFlODFmNSIsImMiOjE3MTM5MDQxMDQ1MDQsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; _clck=upmekr%7C2%7Cfl6%7C0%7C1574; _ga=GA1.2.1593841297.1713904103; _ga_2XYX2S797K=GS1.1.1713904103.1.0.1713904105.58.0.0
Source: global traffic	HTTP traffic detected: GET /logos/static/ot_close.svg HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /logos/38631fdf-9644-4fbd-9d51-548bf27f58b4/d3be8f9e-1328-4432-981a-700d22c98729/af8b8ffa-721b-4a44-b983-b8844991da31/logo-small.png HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /logos/38631fdf-9644-4fbd-9d51-548bf27f58b4/766c27fe-9d62-4742-8d14-c7025e4ea83d/b6e90325-7b68-4e30-bbe6-25167c632d2c/logo.png HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /logos/static/powered_by_logo.svg HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /logos/static/ot_guard_logo.svg HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cmsapi/webanalytics/LogHit HTTP/1.1Host: www.osler.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CMSPreferredCulture=en-CA; lang=en-ca; ARRAffinity=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ARRAffinitySameSite=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ASLBSA=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASLBSACORS=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASP.NET_SessionId=wxt4gdhqkvddfgmpog4lnvg3; _gcl_au=1.1.1586521870.1713904103; _gid=GA1.2.51695240.1713904103; _gat_UA-44058441-1=1; _uetsid=084a5ee001b011ef88b71f1374bb47ad; _uetvid=084aa1a001b011efb9fcf5db7f6b2865; __utma=48214201.1593841297.1713904103.1713904103.1713904103.1; __utmc=48214201; __utmz=48214201.1713904103.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt_UA-3837444-1=1; __utmb=48214201.1.10.1713904103; OptanonConsent=isGpcEnabled=0&datestamp=Tue+Apr+23+2024+22%3A28%3A24+GMT%2B0200+(Central+European+Summer+Time)&version=202308.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Fwww.osler.com%2Fen%2Fhome&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0; CurrentContact=37ec3b9a-1c25-4aee-af98-a7ec528e2a11; VisitorStatus=11064158108; CMSUserPage={"TimeStamp":"2024-04-23T16:28:24.7137934-04:00","LastPageDocumentID":3,"LastPageNodeID":3,"Identifier":"08c5726e-213b-4603-94b0-d470fe6d082b"}; CMSLandingPageLoaded=true; _hjSessionUser_139501=eyJpZCI6IjYwYzM0YWZlLWQ2ZDItNWJmMC1iOTZjLTY5ZTg0Y2JmYjM0YSIsImNyZWF0ZWQiOjE3MTM5MDQxMDQ0OTgsImV4aXN0aW5nIjpmYWxzZX0=; _hjSession_139501=eyJpZCI6ImMzNWIwMTJjLTc0YmItNDI5Mi1hZjliLTYyZDFlYzFlODFmNSIsImMiOjE3MTM5MDQxMDQ1MDQsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; _clck=upmekr%7C2%7Cfl6%7C0%7C1574; _ga=GA1.2.1593841297.1713904103; _ga_2XYX2S797K=GS1.1.1713904103.1.0.1713904105.58.0.0
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: www.osler.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CMSPreferredCulture=en-CA; lang=en-ca; ARRAffinity=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ARRAffinitySameSite=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ASLBSA=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASLBSACORS=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASP.NET_SessionId=wxt4gdhqkvddfgmpog4lnvg3; _gcl_au=1.1.1586521870.1713904103; _gid=GA1.2.51695240.1713904103; _gat_UA-44058441-1=1; _uetsid=084a5ee001b011ef88b71f1374bb47ad; _uetvid=084aa1a001b011efb9fcf5db7f6b2865; __utma=48214201.1593841297.1713904103.1713904103.1713904103.1; __utmc=48214201; __utmz=48214201.1713904103.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt_UA-3837444-1=1; __utmb=48214201.1.10.1713904103; OptanonConsent=isGpcEnabled=0&datestamp=Tue+Apr+23+2024+22%3A28%3A24+GMT%2B0200+(Central+European+Summer+Time)&version=202308.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Fwww.osler.com%2Fen%2Fhome&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0; CurrentContact=37ec3b9a-1c25-4aee-af98-a7ec528e2a11; VisitorStatus=11064158108; CMSUserPage={"TimeStamp":"2024-04-23T16:28:24.7137934-04:00","LastPageDocumentID":3,"LastPageNodeID":3,"Identifier":"08c5726e-213b-4603-94b0-d470fe6d082b"}; CMSLandingPageLoaded=true; _hjSessionUser_139501=eyJpZCI6IjYwYzM0YWZlLWQ2ZDItNWJmMC1iOTZjLTY5ZTg0Y2JmYjM0YSIsImNyZWF0ZWQiOjE3MTM5MDQxMDQ0OTgsImV4aXN0aW5nIjpmYWxzZX0=; _hjSession_139501=eyJpZCI6ImMzNWIwMTJjLTc0YmItNDI5Mi1hZjliLTYyZDFlYzFlODFmNSIsImMiOjE3MTM5MDQxMDQ1MDQsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; _clck=upmekr%7C2%7Cfl6%7C0%7C1574; _ga=GA1.2.1593841297.1713904103; _ga_2XYX2S797K=GS1.1.1713904103.1.0.1713904105.58.0.0
Source: global traffic	HTTP traffic detected: GET /en/home HTTP/1.1Host: www.osler.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CMSPreferredCulture=en-CA; lang=en-ca; ARRAffinity=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ARRAffinitySameSite=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ASLBSA=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASLBSACORS=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASP.NET_SessionId=wxt4gdhqkvddfgmpog4lnvg3; _gcl_au=1.1.1586521870.1713904103; _gid=GA1.2.51695240.1713904103; _gat_UA-44058441-1=1; _uetsid=084a5ee001b011ef88b71f1374bb47ad; _uetvid=084aa1a001b011efb9fcf5db7f6b2865; __utma=48214201.1593841297.1713904103.1713904103.1713904103.1; __utmc=48214201; __utmz=48214201.1713904103.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt_UA-3837444-1=1; __utmb=48214201.1.10.1713904103; OptanonConsent=isGpcEnabled=0&datestamp=Tue+Apr+23+2024+22%3A28%3A24+GMT%2B0200+(Central+European+Summer+Time)&version=202308.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Fwww.osler.com%2Fen%2Fhome&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0; CurrentContact=37ec3b9a-1c25-4aee-af98-a7ec528e2a11; VisitorStatus=11064158108; CMSUserPage={"TimeStamp":"2024-04-23T16:28:24.7137934-04:00","LastPageDocumentID":3,"LastPageNodeID":3,"Identifier":"08c5726e-213b-4603-94b0-d470fe6d082b"}; CMSLandingPageLoaded=true; _hjSessionUser_139501=eyJpZCI6IjYwYzM0YWZlLWQ2ZDItNWJmMC1iOTZjLTY5ZTg0Y2JmYjM0YSIsImNyZWF0ZWQiOjE3MTM5MDQxMDQ0OTgsImV4aXN0aW5nIjpmYWxzZX0=; _hjSession_139501=eyJpZCI6ImMzNWIwMTJjLTc0YmItNDI5Mi1hZjliLTYyZDFlYzFlODFmNSIsImMiOjE3MTM5MDQxMDQ1MDQsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; _clck=upmekr%7C2%7Cfl6%7C0%7C1574; _ga=GA1.2.1593841297.1713904103; _ga_2XYX2S797K=GS1.1.1713904103.1.0.1713904105.58.0.0; _clsk=1me437r%7C1713904107231%7C1%7C1%7Cn.clarity.ms%2Fcollect
Source: global traffic	HTTP traffic detected: GET /_/ad/1d539869a4ba46ddbd0c2051a332bce8/pixel?j=1&u=https%3A%2F%2Fwww.osler.com%2Fen%2Fhome&tag=DwellTime&ts=1713904115967&i=gtm&dwt=10239&ive=blur HTTP/1.1Host: q.quora.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.osler.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_/ad/1d539869a4ba46ddbd0c2051a332bce8/pixel?j=1&u=https%3A%2F%2Fwww.osler.com%2Fen%2Fhome&tag=DwellTime&ts=1713904115967&i=gtm&dwt=10239&ive=blur HTTP/1.1Host: q.quora.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cookieconsentpub/v1/geo/location HTTP/1.1Host: geolocation.onetrust.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"accept: application/jsonsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://www.osler.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.osler.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_/ad/1d539869a4ba46ddbd0c2051a332bce8/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fwww.osler.com%2Fen%2Fhome%23main HTTP/1.1Host: q.quora.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.osler.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tag/uet/134024834 HTTP/1.1Host: www.clarity.msConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.osler.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CLID=f6d1e9bb216b487b8202329181413844.20240423.20250423; MUID=375E6F2E0D8F6B9C2CEB7C8E098F6DFE
Source: global traffic	HTTP traffic detected: GET /s/0.7.31/clarity.js HTTP/1.1Host: www.clarity.msConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.osler.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CLID=f6d1e9bb216b487b8202329181413844.20240423.20250423; MUID=375E6F2E0D8F6B9C2CEB7C8E098F6DFE
Source: global traffic	HTTP traffic detected: GET /cookieconsentpub/v1/geo/location HTTP/1.1Host: geolocation.onetrust.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_/ad/1d539869a4ba46ddbd0c2051a332bce8/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fwww.osler.com%2Fen%2Fhome%23main HTTP/1.1Host: q.quora.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cmsapi/webanalytics/LogHit HTTP/1.1Host: www.osler.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CMSPreferredCulture=en-CA; lang=en-ca; ARRAffinity=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ARRAffinitySameSite=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ASLBSA=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASLBSACORS=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASP.NET_SessionId=wxt4gdhqkvddfgmpog4lnvg3; _gcl_au=1.1.1586521870.1713904103; _gid=GA1.2.51695240.1713904103; _gat_UA-44058441-1=1; __utma=48214201.1593841297.1713904103.1713904103.1713904103.1; __utmc=48214201; __utmz=48214201.1713904103.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt_UA-3837444-1=1; CurrentContact=37ec3b9a-1c25-4aee-af98-a7ec528e2a11; VisitorStatus=11064158108; CMSLandingPageLoaded=true; _hjSession_139501=eyJpZCI6ImMzNWIwMTJjLTc0YmItNDI5Mi1hZjliLTYyZDFlYzFlODFmNSIsImMiOjE3MTM5MDQxMDQ1MDQsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; _clck=upmekr%7C2%7Cfl6%7C0%7C1574; _clsk=1me437r%7C1713904107231%7C1%7C1%7Cn.clarity.ms%2Fcollect; CMSUserPage={"TimeStamp":"2024-04-23T16:28:38.7419531-04:00","LastPageDocumentID":3,"LastPageNodeID":3,"Identifier":"08c5726e-213b-4603-94b0-d470fe6d082b"}; _uetsid=084a5ee001b011ef88b71f1374bb47ad; _uetvid=084aa1a001b011efb9fcf5db7f6b2865; __utmb=48214201.2.10.1713904103; _ga_2XYX2S797K=GS1.1.1713904103.1.1.1713904118.45.0.0; _ga=GA1.1.1593841297.1713904103; _hjSessionUser_139501=eyJpZCI6IjYwYzM0YWZlLWQ2ZDItNWJmMC1iOTZjLTY5ZTg0Y2JmYjM0YSIsImNyZWF0ZWQiOjE3MTM5MDQxMDQ0OTgsImV4aXN0aW5nIjp0cnVlfQ==; OptanonConsent=isGpcEnabled=0&datestamp=Tue+Apr+23+2024+22%3A28%3A39+GMT%2B0200+(Central+European+Summer+Time)&version=202308.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&landingPath=NotLandingPage&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0&AwaitingReconsent=false
Source: global traffic	HTTP traffic detected: GET /_/ad/1d539869a4ba46ddbd0c2051a332bce8/pixel?j=1&u=https%3A%2F%2Fwww.osler.com%2Fen%2Fhome%23main&tag=DwellTime&ts=1713904122825&i=gtm&dwt=1928&ive=blur HTTP/1.1Host: q.quora.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.osler.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /en/about-us HTTP/1.1Host: www.osler.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CMSPreferredCulture=en-CA; lang=en-ca; ARRAffinity=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ARRAffinitySameSite=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ASLBSA=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASLBSACORS=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASP.NET_SessionId=wxt4gdhqkvddfgmpog4lnvg3; _gcl_au=1.1.1586521870.1713904103; _gid=GA1.2.51695240.1713904103; _gat_UA-44058441-1=1; __utma=48214201.1593841297.1713904103.1713904103.1713904103.1; __utmc=48214201; __utmz=48214201.1713904103.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt_UA-3837444-1=1; CurrentContact=37ec3b9a-1c25-4aee-af98-a7ec528e2a11; VisitorStatus=11064158108; CMSLandingPageLoaded=true; _hjSession_139501=eyJpZCI6ImMzNWIwMTJjLTc0YmItNDI5Mi1hZjliLTYyZDFlYzFlODFmNSIsImMiOjE3MTM5MDQxMDQ1MDQsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; _clck=upmekr%7C2%7Cfl6%7C0%7C1574; CMSUserPage={"TimeStamp":"2024-04-23T16:28:38.7419531-04:00","LastPageDocumentID":3,"LastPageNodeID":3,"Identifier":"08c5726e-213b-4603-94b0-d470fe6d082b"}; _uetsid=084a5ee001b011ef88b71f1374bb47ad; _uetvid=084aa1a001b011efb9fcf5db7f6b2865; __utmb=48214201.2.10.1713904103; _hjSessionUser_139501=eyJpZCI6IjYwYzM0YWZlLWQ2ZDItNWJmMC1iOTZjLTY5ZTg0Y2JmYjM0YSIsImNyZWF0ZWQiOjE3MTM5MDQxMDQ0OTgsImV4aXN0aW5nIjp0cnVlfQ==; OptanonConsent=isGpcEnabled=0&datestamp=Tue+Apr+23+2024+22%3A28%3A39+GMT%2B0200+(Central+European+Summer+Time)&version=202308.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&landingPath=NotLandingPage&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0&AwaitingReconsent=false; _ga=GA1.2.1593841297.1713904103; _ga_2XYX2S797K=GS1.1.1713904103.1.1.1713904121.42.0.0; _clsk=1me437r%7C1713904121758%7C2%7C1%7Cn.clarity.ms%2Fcollect
Source: global traffic	HTTP traffic detected: GET /_/ad/1d539869a4ba46ddbd0c2051a332bce8/pixel?j=1&u=https%3A%2F%2Fwww.osler.com%2Fen%2Fhome%23main&tag=DwellTime&ts=1713904122825&i=gtm&dwt=1928&ive=blur HTTP/1.1Host: q.quora.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=NJmAwtEo3Ipnlaxl6CMhvug_UjKcAMuKcGN8K2MSXvgT8udzBVsAGOX4k6Oho8RiVMLgg2hTvzAoKKNsGU3y41Pm0SAg0I5SZXrYqLVEQaekg7Cme_6oN-lmYvn2GmxCA-qA1Y07nny7f5N0qGzmfL9ohu_66SpKXL72MfWHq8I1&t=722fe453 HTTP/1.1Host: www.osler.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.osler.com/en/about-usAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CMSPreferredCulture=en-CA; lang=en-ca; ARRAffinity=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ARRAffinitySameSite=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ASLBSA=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASLBSACORS=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASP.NET_SessionId=wxt4gdhqkvddfgmpog4lnvg3; _gcl_au=1.1.1586521870.1713904103; _gid=GA1.2.51695240.1713904103; _gat_UA-44058441-1=1; __utma=48214201.1593841297.1713904103.1713904103.1713904103.1; __utmc=48214201; __utmz=48214201.1713904103.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt_UA-3837444-1=1; CurrentContact=37ec3b9a-1c25-4aee-af98-a7ec528e2a11; VisitorStatus=11064158108; CMSLandingPageLoaded=true; _hjSession_139501=eyJpZCI6ImMzNWIwMTJjLTc0YmItNDI5Mi1hZjliLTYyZDFlYzFlODFmNSIsImMiOjE3MTM5MDQxMDQ1MDQsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; _clck=upmekr%7C2%7Cfl6%7C0%7C1574; CMSUserPage={"TimeStamp":"2024-04-23T16:28:38.7419531-04:00","LastPageDocumentID":3,"LastPageNodeID":3,"Identifier":"08c5726e-213b-4603-94b0-d470fe6d082b"}; _uetsid=084a5ee001b011ef88b71f1374bb47ad; _uetvid=084aa1a001b011efb9fcf5db7f6b2865; __utmb=48214201.2.10.1713904103; _hjSessionUser_139501=eyJpZCI6IjYwYzM0YWZlLWQ2ZDItNWJmMC1iOTZjLTY5ZTg0Y2JmYjM0YSIsImNyZWF0ZWQiOjE3MTM5MDQxMDQ0OTgsImV4aXN0aW5nIjp0cnVlfQ==; OptanonConsent=isGpcEnabled=0&datestamp=Tue+Apr+23+2024+22%3A28%3A39+GMT%2B0200+(Central+European+Summer+Time)&version=202308.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&landingPath=NotLandingPage&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0&AwaitingReconsent=false; _ga=GA1.2.1593841297.1713904103; _ga_2XYX2S797K=GS1.1.1713904103.1.1.1713904121.42.0.0; _clsk=1me437r%7C1713904121758%7C2%7C1%7Cn.clarity.ms%2Fcollect
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=dwY9oWetJoJoVpgL6Zq8OIraOhbH8dYmWuMx72NLg2J7X3NEA8pv5VQtFEWqTHEExepx7TUwZUeh0E-QDGbdH3gkHL4W7gJp3pm-xvAmoJCGu3YZyrY-30LLifE0byyBTuPNqmgSURntMKtPYO44DzjA-DbwqKN9rbzZh4zDZLA1&t=722fe453 HTTP/1.1Host: www.osler.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.osler.com/en/about-usAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CMSPreferredCulture=en-CA; lang=en-ca; ARRAffinity=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ARRAffinitySameSite=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ASLBSA=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASLBSACORS=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASP.NET_SessionId=wxt4gdhqkvddfgmpog4lnvg3; _gcl_au=1.1.1586521870.1713904103; _gid=GA1.2.51695240.1713904103; _gat_UA-44058441-1=1; __utma=48214201.1593841297.1713904103.1713904103.1713904103.1; __utmc=48214201; __utmz=48214201.1713904103.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt_UA-3837444-1=1; CurrentContact=37ec3b9a-1c25-4aee-af98-a7ec528e2a11; VisitorStatus=11064158108; CMSLandingPageLoaded=true; _hjSession_139501=eyJpZCI6ImMzNWIwMTJjLTc0YmItNDI5Mi1hZjliLTYyZDFlYzFlODFmNSIsImMiOjE3MTM5MDQxMDQ1MDQsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; _clck=upmekr%7C2%7Cfl6%7C0%7C1574; CMSUserPage={"TimeStamp":"2024-04-23T16:28:38.7419531-04:00","LastPageDocumentID":3,"LastPageNodeID":3,"Identifier":"08c5726e-213b-4603-94b0-d470fe6d082b"}; _uetsid=084a5ee001b011ef88b71f1374bb47ad; _uetvid=084aa1a001b011efb9fcf5db7f6b2865; __utmb=48214201.2.10.1713904103; _hjSessionUser_139501=eyJpZCI6IjYwYzM0YWZlLWQ2ZDItNWJmMC1iOTZjLTY5ZTg0Y2JmYjM0YSIsImNyZWF0ZWQiOjE3MTM5MDQxMDQ0OTgsImV4aXN0aW5nIjp0cnVlfQ==; OptanonConsent=isGpcEnabled=0&datestamp=Tue+Apr+23+2024+22%3A28%3A39+GMT%2B0200+(Central+European+Summer+Time)&version=202308.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&landingPath=NotLandingPage&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0&AwaitingReconsent=false; _ga=GA1.2.1593841297.1713904103; _ga_2XYX2S797K=GS1.1.1713904103.1.1.1713904121.42.0.0; _clsk=1me437r%7C1713904121758%7C2%7C1%7Cn.clarity.ms%2Fcollect
Source: global traffic	HTTP traffic detected: GET /osler/media/Osler/Content/Images/Tile-400x350/GettyImages-917750358-400x350px-lights.jpg?ext=.jpg HTTP/1.1Host: www.osler.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.osler.com/en/about-usAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CMSPreferredCulture=en-CA; lang=en-ca; ARRAffinity=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ARRAffinitySameSite=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ASLBSA=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASLBSACORS=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASP.NET_SessionId=wxt4gdhqkvddfgmpog4lnvg3; _gcl_au=1.1.1586521870.1713904103; _gid=GA1.2.51695240.1713904103; _gat_UA-44058441-1=1; __utma=48214201.1593841297.1713904103.1713904103.1713904103.1; __utmc=48214201; __utmz=48214201.1713904103.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt_UA-3837444-1=1; CurrentContact=37ec3b9a-1c25-4aee-af98-a7ec528e2a11; VisitorStatus=11064158108; CMSLandingPageLoaded=true; _hjSession_139501=eyJpZCI6ImMzNWIwMTJjLTc0YmItNDI5Mi1hZjliLTYyZDFlYzFlODFmNSIsImMiOjE3MTM5MDQxMDQ1MDQsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; _clck=upmekr%7C2%7Cfl6%7C0%7C1574; CMSUserPage={"TimeStamp":"2024-04-23T16:28:38.7419531-04:00","LastPageDocumentID":3,"LastPageNodeID":3,"Identifier":"08c5726e-213b-4603-94b0-d470fe6d082b"}; _uetsid=084a5ee001b011ef88b71f1374bb47ad; _uetvid=084aa1a001b011efb9fcf5db7f6b2865; __utmb=48214201.2.10.1713904103; _hjSessionUser_139501=eyJpZCI6IjYwYzM0YWZlLWQ2ZDItNWJmMC1iOTZjLTY5ZTg0Y2JmYjM0YSIsImNyZWF0ZWQiOjE3MTM5MDQxMDQ0OTgsImV4aXN0aW5nIjp0cnVlfQ==; OptanonConsent=isGpcEnabled=0&datestamp=Tue+Apr+23+2024+22%3A28%3A39+GMT%2B0200+(Central+European+Summer+Time)&version=202308.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&landingPath=NotLandingPage&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0&AwaitingReconsent=false; _ga=GA1.2.1593841297.1713904103; _ga_2XYX2S797K=GS1.1.1713904103.1.1.1713904121.42.0.0; _clsk=1me437r%7C1713904121758%7C2%7C1%7Cn.clarity.ms%2Fcollect
Source: global traffic	HTTP traffic detected: GET /cookieconsentpub/v1/geo/location HTTP/1.1Host: geolocation.onetrust.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"accept: application/jsonsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://www.osler.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.osler.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /osler/media/Osler/Content/Images/Tile-400x350/400x350-red-blue-Optical-Fibers.jpg?ext=.jpg HTTP/1.1Host: www.osler.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.osler.com/en/about-usAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CMSPreferredCulture=en-CA; lang=en-ca; ARRAffinity=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ARRAffinitySameSite=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ASLBSA=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASLBSACORS=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASP.NET_SessionId=wxt4gdhqkvddfgmpog4lnvg3; _gcl_au=1.1.1586521870.1713904103; _gid=GA1.2.51695240.1713904103; _gat_UA-44058441-1=1; __utma=48214201.1593841297.1713904103.1713904103.1713904103.1; __utmc=48214201; __utmz=48214201.1713904103.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt_UA-3837444-1=1; CurrentContact=37ec3b9a-1c25-4aee-af98-a7ec528e2a11; VisitorStatus=11064158108; CMSLandingPageLoaded=true; _hjSession_139501=eyJpZCI6ImMzNWIwMTJjLTc0YmItNDI5Mi1hZjliLTYyZDFlYzFlODFmNSIsImMiOjE3MTM5MDQxMDQ1MDQsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; _clck=upmekr%7C2%7Cfl6%7C0%7C1574; CMSUserPage={"TimeStamp":"2024-04-23T16:28:38.7419531-04:00","LastPageDocumentID":3,"LastPageNodeID":3,"Identifier":"08c5726e-213b-4603-94b0-d470fe6d082b"}; _uetsid=084a5ee001b011ef88b71f1374bb47ad; _uetvid=084aa1a001b011efb9fcf5db7f6b2865; __utmb=48214201.2.10.1713904103; _hjSessionUser_139501=eyJpZCI6IjYwYzM0YWZlLWQ2ZDItNWJmMC1iOTZjLTY5ZTg0Y2JmYjM0YSIsImNyZWF0ZWQiOjE3MTM5MDQxMDQ0OTgsImV4aXN0aW5nIjp0cnVlfQ==; OptanonConsent=isGpcEnabled=0&datestamp=Tue+Apr+23+2024+22%3A28%3A39+GMT%2B0200+(Central+European+Summer+Time)&version=202308.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&landingPath=NotLandingPage&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0&AwaitingReconsent=false; _ga=GA1.2.1593841297.1713904103; _ga_2XYX2S797K=GS1.1.1713904103.1.1.1713904121.42.0.0; _clsk=1me437r%7C1713904121758%7C2%7C1%7Cn.clarity.ms%2Fcollect
Source: global traffic	HTTP traffic detected: GET /osler/media/Osler/Content/Images/Tile-400x350/400x350-abstract-lines-blue-yellow.jpg?ext=.jpg HTTP/1.1Host: www.osler.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.osler.com/en/about-usAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CMSPreferredCulture=en-CA; lang=en-ca; ARRAffinity=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ARRAffinitySameSite=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ASLBSA=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASLBSACORS=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASP.NET_SessionId=wxt4gdhqkvddfgmpog4lnvg3; _gcl_au=1.1.1586521870.1713904103; _gid=GA1.2.51695240.1713904103; _gat_UA-44058441-1=1; __utma=48214201.1593841297.1713904103.1713904103.1713904103.1; __utmc=48214201; __utmz=48214201.1713904103.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt_UA-3837444-1=1; CurrentContact=37ec3b9a-1c25-4aee-af98-a7ec528e2a11; VisitorStatus=11064158108; CMSLandingPageLoaded=true; _hjSession_139501=eyJpZCI6ImMzNWIwMTJjLTc0YmItNDI5Mi1hZjliLTYyZDFlYzFlODFmNSIsImMiOjE3MTM5MDQxMDQ1MDQsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; _clck=upmekr%7C2%7Cfl6%7C0%7C1574; CMSUserPage={"TimeStamp":"2024-04-23T16:28:38.7419531-04:00","LastPageDocumentID":3,"LastPageNodeID":3,"Identifier":"08c5726e-213b-4603-94b0-d470fe6d082b"}; _uetsid=084a5ee001b011ef88b71f1374bb47ad; _uetvid=084aa1a001b011efb9fcf5db7f6b2865; __utmb=48214201.2.10.1713904103; _hjSessionUser_139501=eyJpZCI6IjYwYzM0YWZlLWQ2ZDItNWJmMC1iOTZjLTY5ZTg0Y2JmYjM0YSIsImNyZWF0ZWQiOjE3MTM5MDQxMDQ0OTgsImV4aXN0aW5nIjp0cnVlfQ==; OptanonConsent=isGpcEnabled=0&datestamp=Tue+Apr+23+2024+22%3A28%3A39+GMT%2B0200+(Central+European+Summer+Time)&version=202308.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&landingPath=NotLandingPage&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0&AwaitingReconsent=false; _ga=GA1.2.1593841297.1713904103; _ga_2XYX2S797K=GS1.1.1713904103.1.1.1713904121.42.0.0; _clsk=1me437r%7C1713904121758%7C2%7C1%7Cn.clarity.ms%2Fcollect
Source: global traffic	HTTP traffic detected: GET /osler/media/Osler/Content/Images/Tile-400x350/GettyImages-917750358-400x350px-lights.jpg?ext=.jpg HTTP/1.1Host: www.osler.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CMSPreferredCulture=en-CA; lang=en-ca; ARRAffinity=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ARRAffinitySameSite=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ASLBSA=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASLBSACORS=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASP.NET_SessionId=wxt4gdhqkvddfgmpog4lnvg3; _gcl_au=1.1.1586521870.1713904103; _gid=GA1.2.51695240.1713904103; _gat_UA-44058441-1=1; __utma=48214201.1593841297.1713904103.1713904103.1713904103.1; __utmc=48214201; __utmz=48214201.1713904103.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt_UA-3837444-1=1; CurrentContact=37ec3b9a-1c25-4aee-af98-a7ec528e2a11; VisitorStatus=11064158108; CMSLandingPageLoaded=true; _hjSession_139501=eyJpZCI6ImMzNWIwMTJjLTc0YmItNDI5Mi1hZjliLTYyZDFlYzFlODFmNSIsImMiOjE3MTM5MDQxMDQ1MDQsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; _clck=upmekr%7C2%7Cfl6%7C0%7C1574; CMSUserPage={"TimeStamp":"2024-04-23T16:28:38.7419531-04:00","LastPageDocumentID":3,"LastPageNodeID":3,"Identifier":"08c5726e-213b-4603-94b0-d470fe6d082b"}; _uetsid=084a5ee001b011ef88b71f1374bb47ad; _uetvid=084aa1a001b011efb9fcf5db7f6b2865; __utmb=48214201.2.10.1713904103; _hjSessionUser_139501=eyJpZCI6IjYwYzM0YWZlLWQ2ZDItNWJmMC1iOTZjLTY5ZTg0Y2JmYjM0YSIsImNyZWF0ZWQiOjE3MTM5MDQxMDQ0OTgsImV4aXN0aW5nIjp0cnVlfQ==; OptanonConsent=isGpcEnabled=0&datestamp=Tue+Apr+23+2024+22%3A28%3A39+GMT%2B0200+(Central+European+Summer+Time)&version=202308.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&landingPath=NotLandingPage&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0&AwaitingReconsent=false; _ga=GA1.2.1593841297.1713904103; _ga_2XYX2S797K=GS1.1.1713904103.1.1.1713904121.42.0.0; _clsk=1me437r%7C1713904121758%7C2%7C1%7Cn.clarity.ms%2Fcollect
Source: global traffic	HTTP traffic detected: GET /cookieconsentpub/v1/geo/location HTTP/1.1Host: geolocation.onetrust.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_/ad/1d539869a4ba46ddbd0c2051a332bce8/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fwww.osler.com%2Fen%2Fabout-us HTTP/1.1Host: q.quora.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.osler.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /osler/media/Osler/Content/Images/Tile-400x350/400x350-red-blue-Optical-Fibers.jpg?ext=.jpg HTTP/1.1Host: www.osler.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CMSPreferredCulture=en-CA; lang=en-ca; ARRAffinity=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ARRAffinitySameSite=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ASLBSA=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASLBSACORS=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASP.NET_SessionId=wxt4gdhqkvddfgmpog4lnvg3; _gcl_au=1.1.1586521870.1713904103; _gid=GA1.2.51695240.1713904103; _gat_UA-44058441-1=1; __utma=48214201.1593841297.1713904103.1713904103.1713904103.1; __utmc=48214201; __utmz=48214201.1713904103.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt_UA-3837444-1=1; CurrentContact=37ec3b9a-1c25-4aee-af98-a7ec528e2a11; VisitorStatus=11064158108; CMSLandingPageLoaded=true; _hjSession_139501=eyJpZCI6ImMzNWIwMTJjLTc0YmItNDI5Mi1hZjliLTYyZDFlYzFlODFmNSIsImMiOjE3MTM5MDQxMDQ1MDQsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; _clck=upmekr%7C2%7Cfl6%7C0%7C1574; CMSUserPage={"TimeStamp":"2024-04-23T16:28:38.7419531-04:00","LastPageDocumentID":3,"LastPageNodeID":3,"Identifier":"08c5726e-213b-4603-94b0-d470fe6d082b"}; _uetsid=084a5ee001b011ef88b71f1374bb47ad; _uetvid=084aa1a001b011efb9fcf5db7f6b2865; __utmb=48214201.2.10.1713904103; _hjSessionUser_139501=eyJpZCI6IjYwYzM0YWZlLWQ2ZDItNWJmMC1iOTZjLTY5ZTg0Y2JmYjM0YSIsImNyZWF0ZWQiOjE3MTM5MDQxMDQ0OTgsImV4aXN0aW5nIjp0cnVlfQ==; _ga=GA1.2.1593841297.1713904103; _ga_2XYX2S797K=GS1.1.1713904103.1.1.1713904121.42.0.0; _clsk=1me437r%7C1713904121758%7C2%7C1%7Cn.clarity.ms%2Fcollect; OptanonConsent=isGpcEnabled=0&datestamp=Tue+Apr+23+2024+22%3A28%3A44+GMT%2B0200+(Central+European+Summer+Time)&version=202308.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&landingPath=NotLandingPage&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0&AwaitingReconsent=false
Source: global traffic	HTTP traffic detected: GET /_/ad/1d539869a4ba46ddbd0c2051a332bce8/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fwww.osler.com%2Fen%2Fabout-us HTTP/1.1Host: q.quora.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tag/uet/134024834 HTTP/1.1Host: www.clarity.msConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.osler.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CLID=f6d1e9bb216b487b8202329181413844.20240423.20250423; MUID=375E6F2E0D8F6B9C2CEB7C8E098F6DFE
Source: global traffic	HTTP traffic detected: GET /osler/media/Osler/Content/Images/Tile-400x350/400x350-abstract-lines-blue-yellow.jpg?ext=.jpg HTTP/1.1Host: www.osler.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CMSPreferredCulture=en-CA; lang=en-ca; ARRAffinity=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ARRAffinitySameSite=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ASLBSA=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASLBSACORS=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASP.NET_SessionId=wxt4gdhqkvddfgmpog4lnvg3; _gcl_au=1.1.1586521870.1713904103; _gid=GA1.2.51695240.1713904103; _gat_UA-44058441-1=1; __utma=48214201.1593841297.1713904103.1713904103.1713904103.1; __utmc=48214201; __utmz=48214201.1713904103.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt_UA-3837444-1=1; CurrentContact=37ec3b9a-1c25-4aee-af98-a7ec528e2a11; VisitorStatus=11064158108; CMSLandingPageLoaded=true; _hjSession_139501=eyJpZCI6ImMzNWIwMTJjLTc0YmItNDI5Mi1hZjliLTYyZDFlYzFlODFmNSIsImMiOjE3MTM5MDQxMDQ1MDQsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; _clck=upmekr%7C2%7Cfl6%7C0%7C1574; CMSUserPage={"TimeStamp":"2024-04-23T16:28:38.7419531-04:00","LastPageDocumentID":3,"LastPageNodeID":3,"Identifier":"08c5726e-213b-4603-94b0-d470fe6d082b"}; _uetsid=084a5ee001b011ef88b71f1374bb47ad; _uetvid=084aa1a001b011efb9fcf5db7f6b2865; _hjSessionUser_139501=eyJpZCI6IjYwYzM0YWZlLWQ2ZDItNWJmMC1iOTZjLTY5ZTg0Y2JmYjM0YSIsImNyZWF0ZWQiOjE3MTM5MDQxMDQ0OTgsImV4aXN0aW5nIjp0cnVlfQ==; _clsk=1me437r%7C1713904121758%7C2%7C1%7Cn.clarity.ms%2Fcollect; OptanonConsent=isGpcEnabled=0&datestamp=Tue+Apr+23+2024+22%3A28%3A44+GMT%2B0200+(Central+European+Summer+Time)&version=202308.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&landingPath=NotLandingPage&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0&AwaitingReconsent=false; __utmb=48214201.3.10.1713904103; _ga_2XYX2S797K=GS1.1.1713904103.1.1.1713904125.38.0.0; _ga=GA1.1.1593841297.1713904103
Source: global traffic	HTTP traffic detected: GET /_/ad/1d539869a4ba46ddbd0c2051a332bce8/pixel?j=1&u=https%3A%2F%2Fwww.osler.com%2Fen%2Fabout-us&tag=DwellTime&ts=1713904125971&i=gtm&dwt=5&ive=webkitHidden HTTP/1.1Host: q.quora.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.osler.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_/ad/1d539869a4ba46ddbd0c2051a332bce8/pixel?j=1&u=https%3A%2F%2Fwww.osler.com%2Fen%2Fhome%23main&tag=DwellTime&ts=1713904125990&i=gtm&dwt=4&ive=blur HTTP/1.1Host: q.quora.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.osler.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_/ad/1d539869a4ba46ddbd0c2051a332bce8/pixel?j=1&u=https%3A%2F%2Fwww.osler.com%2Fen%2Fabout-us&tag=DwellTime&ts=1713904125971&i=gtm&dwt=5&ive=webkitHidden HTTP/1.1Host: q.quora.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_/ad/1d539869a4ba46ddbd0c2051a332bce8/pixel?j=1&u=https%3A%2F%2Fwww.osler.com%2Fen%2Fhome%23main&tag=DwellTime&ts=1713904125990&i=gtm&dwt=4&ive=blur HTTP/1.1Host: q.quora.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cmsapi/webanalytics/LogHit HTTP/1.1Host: www.osler.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CMSPreferredCulture=en-CA; lang=en-ca; ARRAffinity=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ARRAffinitySameSite=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ASLBSA=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASLBSACORS=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASP.NET_SessionId=wxt4gdhqkvddfgmpog4lnvg3; _gcl_au=1.1.1586521870.1713904103; _gid=GA1.2.51695240.1713904103; _gat_UA-44058441-1=1; __utma=48214201.1593841297.1713904103.1713904103.1713904103.1; __utmc=48214201; __utmz=48214201.1713904103.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt_UA-3837444-1=1; CurrentContact=37ec3b9a-1c25-4aee-af98-a7ec528e2a11; VisitorStatus=11064158108; CMSLandingPageLoaded=true; _hjSession_139501=eyJpZCI6ImMzNWIwMTJjLTc0YmItNDI5Mi1hZjliLTYyZDFlYzFlODFmNSIsImMiOjE3MTM5MDQxMDQ1MDQsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; _clck=upmekr%7C2%7Cfl6%7C0%7C1574; _hjSessionUser_139501=eyJpZCI6IjYwYzM0YWZlLWQ2ZDItNWJmMC1iOTZjLTY5ZTg0Y2JmYjM0YSIsImNyZWF0ZWQiOjE3MTM5MDQxMDQ0OTgsImV4aXN0aW5nIjp0cnVlfQ==; __utmb=48214201.3.10.1713904103; _ga_2XYX2S797K=GS1.1.1713904103.1.1.1713904125.38.0.0; _ga=GA1.1.1593841297.1713904103; OptanonConsent=isGpcEnabled=0&datestamp=Tue+Apr+23+2024+22%3A28%3A46+GMT%2B0200+(Central+European+Summer+Time)&version=202308.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&landingPath=NotLandingPage&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0&AwaitingReconsent=false; _uetsid=084a5ee001b011ef88b71f1374bb47ad; _uetvid=084aa1a001b011efb9fcf5db7f6b2865; _clsk=1me437r%7C1713904126621%7C3%7C1%7Cn.clarity.ms%2Fcollect; CMSUserPage={"TimeStamp":"2024-04-23T16:28:47.2397139-04:00","LastPageDocumentID":1181,"LastPageNodeID":1109,"Identifier":"08c5726e-213b-4603-94b0-d470fe6d082b"}
Source: global traffic	HTTP traffic detected: GET /_/ad/1d539869a4ba46ddbd0c2051a332bce8/pixel?j=1&u=https%3A%2F%2Fwww.osler.com%2Fen%2Fabout-us&tag=DwellTime&ts=1713904128765&i=gtm&dwt=2792&ive=blur HTTP/1.1Host: q.quora.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.osler.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /en/contact-us HTTP/1.1Host: www.osler.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CMSPreferredCulture=en-CA; lang=en-ca; ARRAffinity=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ARRAffinitySameSite=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ASLBSA=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASLBSACORS=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASP.NET_SessionId=wxt4gdhqkvddfgmpog4lnvg3; _gcl_au=1.1.1586521870.1713904103; _gid=GA1.2.51695240.1713904103; _gat_UA-44058441-1=1; __utma=48214201.1593841297.1713904103.1713904103.1713904103.1; __utmc=48214201; __utmz=48214201.1713904103.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt_UA-3837444-1=1; CurrentContact=37ec3b9a-1c25-4aee-af98-a7ec528e2a11; VisitorStatus=11064158108; CMSLandingPageLoaded=true; _hjSession_139501=eyJpZCI6ImMzNWIwMTJjLTc0YmItNDI5Mi1hZjliLTYyZDFlYzFlODFmNSIsImMiOjE3MTM5MDQxMDQ1MDQsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; _clck=upmekr%7C2%7Cfl6%7C0%7C1574; _hjSessionUser_139501=eyJpZCI6IjYwYzM0YWZlLWQ2ZDItNWJmMC1iOTZjLTY5ZTg0Y2JmYjM0YSIsImNyZWF0ZWQiOjE3MTM5MDQxMDQ0OTgsImV4aXN0aW5nIjp0cnVlfQ==; __utmb=48214201.3.10.1713904103; OptanonConsent=isGpcEnabled=0&datestamp=Tue+Apr+23+2024+22%3A28%3A46+GMT%2B0200+(Central+European+Summer+Time)&version=202308.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&landingPath=NotLandingPage&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0&AwaitingReconsent=false; _uetsid=084a5ee001b011ef88b71f1374bb47ad; _uetvid=084aa1a001b011efb9fcf5db7f6b2865; _clsk=1me437r%7C1713904126621%7C3%7C1%7Cn.clarity.ms%2Fcollect; CMSUserPage={"TimeStamp":"2024-04-23T16:28:47.2397139-04:00","LastPageDocumentID":1181,"LastPageNodeID":1109,"Identifier":"08c5726e-213b-4603-94b0-d470fe6d082b"}; _ga=GA1.2.1593841297.1713904103; _ga_2XYX2S797K=GS1.1.1713904103.1.1.1713904126.37.0.0
Source: global traffic	HTTP traffic detected: GET /_/ad/1d539869a4ba46ddbd0c2051a332bce8/pixel?j=1&u=https%3A%2F%2Fwww.osler.com%2Fen%2Fabout-us&tag=DwellTime&ts=1713904128765&i=gtm&dwt=2792&ive=blur HTTP/1.1Host: q.quora.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Osler/js/dist/datepicker/wet/css/event-cal-style.css HTTP/1.1Host: www.osler.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.osler.com/en/contact-usAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CMSPreferredCulture=en-CA; lang=en-ca; ARRAffinity=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ARRAffinitySameSite=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ASLBSA=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASLBSACORS=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASP.NET_SessionId=wxt4gdhqkvddfgmpog4lnvg3; _gcl_au=1.1.1586521870.1713904103; _gid=GA1.2.51695240.1713904103; _gat_UA-44058441-1=1; __utma=48214201.1593841297.1713904103.1713904103.1713904103.1; __utmc=48214201; __utmz=48214201.1713904103.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt_UA-3837444-1=1; CurrentContact=37ec3b9a-1c25-4aee-af98-a7ec528e2a11; VisitorStatus=11064158108; CMSLandingPageLoaded=true; _hjSession_139501=eyJpZCI6ImMzNWIwMTJjLTc0YmItNDI5Mi1hZjliLTYyZDFlYzFlODFmNSIsImMiOjE3MTM5MDQxMDQ1MDQsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; _clck=upmekr%7C2%7Cfl6%7C0%7C1574; _hjSessionUser_139501=eyJpZCI6IjYwYzM0YWZlLWQ2ZDItNWJmMC1iOTZjLTY5ZTg0Y2JmYjM0YSIsImNyZWF0ZWQiOjE3MTM5MDQxMDQ0OTgsImV4aXN0aW5nIjp0cnVlfQ==; __utmb=48214201.3.10.1713904103; OptanonConsent=isGpcEnabled=0&datestamp=Tue+Apr+23+2024+22%3A28%3A46+GMT%2B0200+(Central+European+Summer+Time)&version=202308.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&landingPath=NotLandingPage&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0&AwaitingReconsent=false; _uetsid=084a5ee001b011ef88b71f1374bb47ad; _uetvid=084aa1a001b011efb9fcf5db7f6b2865; _clsk=1me437r%7C1713904126621%7C3%7C1%7Cn.clarity.ms%2Fcollect; CMSUserPage={"TimeStamp":"2024-04-23T16:28:47.2397139-04:00","LastPageDocumentID":1181,"LastPageNodeID":1109,"Identifier":"08c5726e-213b-4603-94b0-d470fe6d082b"}; _ga=GA1.2.1593841297.1713904103; _ga_2XYX2S797K=GS1.1.1713904103.1.1.1713904126.37.0.0
Source: global traffic	HTTP traffic detected: GET /cookieconsentpub/v1/geo/location HTTP/1.1Host: geolocation.onetrust.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"accept: application/jsonsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://www.osler.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.osler.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_/ad/1d539869a4ba46ddbd0c2051a332bce8/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fwww.osler.com%2Fen%2Fcontact-us HTTP/1.1Host: q.quora.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.osler.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tag/uet/134024834 HTTP/1.1Host: www.clarity.msConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.osler.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CLID=f6d1e9bb216b487b8202329181413844.20240423.20250423; MUID=375E6F2E0D8F6B9C2CEB7C8E098F6DFE
Source: global traffic	HTTP traffic detected: GET /cookieconsentpub/v1/geo/location HTTP/1.1Host: geolocation.onetrust.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cmsapi/webanalytics/LogHit HTTP/1.1Host: www.osler.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CMSPreferredCulture=en-CA; lang=en-ca; ARRAffinity=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ARRAffinitySameSite=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ASLBSA=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASLBSACORS=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASP.NET_SessionId=wxt4gdhqkvddfgmpog4lnvg3; _gcl_au=1.1.1586521870.1713904103; _gid=GA1.2.51695240.1713904103; _gat_UA-44058441-1=1; __utma=48214201.1593841297.1713904103.1713904103.1713904103.1; __utmc=48214201; __utmz=48214201.1713904103.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt_UA-3837444-1=1; CurrentContact=37ec3b9a-1c25-4aee-af98-a7ec528e2a11; VisitorStatus=11064158108; CMSLandingPageLoaded=true; _hjSession_139501=eyJpZCI6ImMzNWIwMTJjLTc0YmItNDI5Mi1hZjliLTYyZDFlYzFlODFmNSIsImMiOjE3MTM5MDQxMDQ1MDQsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; _clck=upmekr%7C2%7Cfl6%7C0%7C1574; _hjSessionUser_139501=eyJpZCI6IjYwYzM0YWZlLWQ2ZDItNWJmMC1iOTZjLTY5ZTg0Y2JmYjM0YSIsImNyZWF0ZWQiOjE3MTM5MDQxMDQ0OTgsImV4aXN0aW5nIjp0cnVlfQ==; _clsk=1me437r%7C1713904126621%7C3%7C1%7Cn.clarity.ms%2Fcollect; OptanonConsent=isGpcEnabled=0&datestamp=Tue+Apr+23+2024+22%3A28%3A54+GMT%2B0200+(Central+European+Summer+Time)&version=202308.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&landingPath=NotLandingPage&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0&AwaitingReconsent=false; CMSUserPage={"TimeStamp":"2024-04-23T16:28:54.5932594-04:00","LastPageDocumentID":23074,"LastPageNodeID":14884,"Identifier":"08c5726e-213b-4603-94b0-d470fe6d082b"}; _uetsid=084a5ee001b011ef88b71f1374bb47ad; _uetvid=084aa1a001b011efb9fcf5db7f6b2865; _ga_2XYX2S797K=GS1.1.1713904103.1.1.1713904134.29.0.0; _ga=GA1.1.1593841297.1713904103; __utmb=48214201.4.10.1713904103
Source: global traffic	HTTP traffic detected: GET /_/ad/1d539869a4ba46ddbd0c2051a332bce8/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fwww.osler.com%2Fen%2Fcontact-us HTTP/1.1Host: q.quora.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_/ad/1d539869a4ba46ddbd0c2051a332bce8/pixel?j=1&u=https%3A%2F%2Fwww.osler.com%2Fen%2Fcontact-us&tag=DwellTime&ts=1713904137168&i=gtm&dwt=530&ive=blur HTTP/1.1Host: q.quora.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.osler.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_/ad/1d539869a4ba46ddbd0c2051a332bce8/pixel?j=1&u=https%3A%2F%2Fwww.osler.com%2Fen%2Fcontact-us&tag=DwellTime&ts=1713904137183&i=gtm&dwt=12&ive=webkitHidden HTTP/1.1Host: q.quora.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.osler.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_/ad/1d539869a4ba46ddbd0c2051a332bce8/pixel?j=1&u=https%3A%2F%2Fwww.osler.com%2Fen%2Fabout-us&tag=DwellTime&ts=1713904137554&i=gtm&dwt=614&ive=blur HTTP/1.1Host: q.quora.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.osler.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_/ad/1d539869a4ba46ddbd0c2051a332bce8/pixel?j=1&u=https%3A%2F%2Fwww.osler.com%2Fen%2Fcontact-us&tag=DwellTime&ts=1713904137168&i=gtm&dwt=530&ive=blur HTTP/1.1Host: q.quora.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_/ad/1d539869a4ba46ddbd0c2051a332bce8/pixel?j=1&u=https%3A%2F%2Fwww.osler.com%2Fen%2Fcontact-us&tag=DwellTime&ts=1713904137183&i=gtm&dwt=12&ive=webkitHidden HTTP/1.1Host: q.quora.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_/ad/1d539869a4ba46ddbd0c2051a332bce8/pixel?j=1&u=https%3A%2F%2Fwww.osler.com%2Fen%2Fabout-us&tag=DwellTime&ts=1713904137554&i=gtm&dwt=614&ive=blur HTTP/1.1Host: q.quora.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_/ad/1d539869a4ba46ddbd0c2051a332bce8/pixel?j=1&u=https%3A%2F%2Fwww.osler.com%2Fen%2Fcontact-us&tag=DwellTime&ts=1713904140732&i=gtm&dwt=3548&ive=blur HTTP/1.1Host: q.quora.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.osler.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /en/offices HTTP/1.1Host: www.osler.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CMSPreferredCulture=en-CA; lang=en-ca; ARRAffinity=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ARRAffinitySameSite=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ASLBSA=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASLBSACORS=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASP.NET_SessionId=wxt4gdhqkvddfgmpog4lnvg3; _gcl_au=1.1.1586521870.1713904103; _gid=GA1.2.51695240.1713904103; _gat_UA-44058441-1=1; __utma=48214201.1593841297.1713904103.1713904103.1713904103.1; __utmc=48214201; __utmz=48214201.1713904103.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt_UA-3837444-1=1; CurrentContact=37ec3b9a-1c25-4aee-af98-a7ec528e2a11; VisitorStatus=11064158108; CMSLandingPageLoaded=true; _hjSession_139501=eyJpZCI6ImMzNWIwMTJjLTc0YmItNDI5Mi1hZjliLTYyZDFlYzFlODFmNSIsImMiOjE3MTM5MDQxMDQ1MDQsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; _clck=upmekr%7C2%7Cfl6%7C0%7C1574; _hjSessionUser_139501=eyJpZCI6IjYwYzM0YWZlLWQ2ZDItNWJmMC1iOTZjLTY5ZTg0Y2JmYjM0YSIsImNyZWF0ZWQiOjE3MTM5MDQxMDQ0OTgsImV4aXN0aW5nIjp0cnVlfQ==; OptanonConsent=isGpcEnabled=0&datestamp=Tue+Apr+23+2024+22%3A28%3A54+GMT%2B0200+(Central+European+Summer+Time)&version=202308.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&landingPath=NotLandingPage&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0&AwaitingReconsent=false; CMSUserPage={"TimeStamp":"2024-04-23T16:28:54.5932594-04:00","LastPageDocumentID":23074,"LastPageNodeID":14884,"Identifier":"08c5726e-213b-4603-94b0-d470fe6d082b"}; _uetsid=084a5ee001b011ef88b71f1374bb47ad; _uetvid=084aa1a001b011efb9fcf5db7f6b2865; __utmb=48214201.4.10.1713904103; _ga=GA1.2.1593841297.1713904103; _ga_2XYX2S797K=GS1.1.1713904103.1.1.1713904136.27.0.0; _clsk=1me437r%7C1713904137534%7C4%7C1%7Cn.clarity.ms%2Fcollect; __utmli=two-column-main
Source: global traffic	HTTP traffic detected: GET /_/ad/1d539869a4ba46ddbd0c2051a332bce8/pixel?j=1&u=https%3A%2F%2Fwww.osler.com%2Fen%2Fcontact-us&tag=DwellTime&ts=1713904140732&i=gtm&dwt=3548&ive=blur HTTP/1.1Host: q.quora.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cookieconsentpub/v1/geo/location HTTP/1.1Host: geolocation.onetrust.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"accept: application/jsonsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://www.osler.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.osler.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_/ad/1d539869a4ba46ddbd0c2051a332bce8/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fwww.osler.com%2Fen%2Foffices HTTP/1.1Host: q.quora.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.osler.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cookieconsentpub/v1/geo/location HTTP/1.1Host: geolocation.onetrust.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tag/uet/134024834 HTTP/1.1Host: www.clarity.msConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.osler.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CLID=f6d1e9bb216b487b8202329181413844.20240423.20250423; MUID=375E6F2E0D8F6B9C2CEB7C8E098F6DFE
Source: global traffic	HTTP traffic detected: GET /cmsapi/webanalytics/LogHit HTTP/1.1Host: www.osler.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: CMSPreferredCulture=en-CA; lang=en-ca; ARRAffinity=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ARRAffinitySameSite=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ASLBSA=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASLBSACORS=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASP.NET_SessionId=wxt4gdhqkvddfgmpog4lnvg3; _gcl_au=1.1.1586521870.1713904103; _gid=GA1.2.51695240.1713904103; _gat_UA-44058441-1=1; __utma=48214201.1593841297.1713904103.1713904103.1713904103.1; __utmc=48214201; __utmz=48214201.1713904103.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt_UA-3837444-1=1; CurrentContact=37ec3b9a-1c25-4aee-af98-a7ec528e2a11; CMSLandingPageLoaded=true; _hjSession_139501=eyJpZCI6ImMzNWIwMTJjLTc0YmItNDI5Mi1hZjliLTYyZDFlYzFlODFmNSIsImMiOjE3MTM5MDQxMDQ1MDQsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=; _clck=upmekr%7C2%7Cfl6%7C0%7C1574; _hjSessionUser_139501=eyJpZCI6IjYwYzM0YWZlLWQ2ZDItNWJmMC1iOTZjLTY5ZTg0Y2JmYjM0YSIsImNyZWF0ZWQiOjE3MTM5MDQxMDQ0OTgsImV4aXN0aW5nIjp0cnVlfQ==; OptanonConsent=isGpcEnabled=0&datestamp=Tue+Apr+23+2024+22%3A28%3A54+GMT%2B0200+(Central+European+Summer+Time)&version=202308.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&landingPath=NotLandingPage&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0&AwaitingReconsent=false; _ga=GA1.2.1593841297.1713904103; _ga_2XYX2S797K=GS1.1.1713904103.1.1.1713904136.27.0.0; _clsk=1me437r%7C1713904137534%7C4%7C1%7Cn.clarity.ms%2Fcollect; _uetsid=084a5ee001b011ef88b71f1374bb47ad; _uetvid=084aa1a001b011efb9fcf5db7f6b2865; VisitorStatus=11064158109; CMSUserPage={"TimeStamp":"2024-04-23T16:29:02.9769474-04:00","LastPageDocumentID":1182,"LastPageNodeID":1110,"Identifier":"08c5726e-213b-4603-94b0-d470fe6d082b"}; __utmb=48214201.5.10.1713904103
Source: global traffic	HTTP traffic detected: GET /browser-perf.8417c6bba72228fa2e29.js HTTP/1.1Host: script.hotjar.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.osler.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_/ad/1d539869a4ba46ddbd0c2051a332bce8/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fwww.osler.com%2Fen%2Foffices HTTP/1.1Host: q.quora.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: chromecache_280.2.dr, chromecache_330.2.dr	String found in binary or memory: <a href="https://www.linkedin.com/company/osler-hoskin-&-harcourt-llp" aria-label="Osler on LinkedIn" class="offcanvas--social mobile-nav-linkedin" target="_blank"> equals www.linkedin.com (Linkedin)
Source: chromecache_280.2.dr, chromecache_330.2.dr	String found in binary or memory: <a class="social-media-icon" id="dropdown-linkedin-icon" aria-label="Osler on LinkedIn" href="https://www.linkedin.com/company/osler-hoskin-&-harcourt-llp" target="_blank"> equals www.linkedin.com (Linkedin)
Source: chromecache_280.2.dr, chromecache_330.2.dr	String found in binary or memory: <a class="social-media-icon" id="dropdown-youtube-icon" aria-label="Osler on YouTube" href="https://www.youtube.com/c/osler" target="_blank"> equals www.youtube.com (Youtube)
Source: chromecache_280.2.dr, chromecache_330.2.dr	String found in binary or memory: <a href="https://www.linkedin.com/company/osler-hoskin-&-harcourt-llp" aria-label="Osler on LinkedIn" class="linkedin-footer" target="_blank"> equals www.linkedin.com (Linkedin)
Source: chromecache_280.2.dr, chromecache_330.2.dr	String found in binary or memory: </a><a href="https://www.youtube.com/c/osler" aria-label="Osler on YouTube" class="offcanvas--social mobile-nav-youtube" target="_blank"> equals www.youtube.com (Youtube)
Source: chromecache_280.2.dr, chromecache_330.2.dr	String found in binary or memory: </a><a href="https://www.youtube.com/c/osler" aria-label="Osler on YouTube" class="youtube-footer" target="_blank"> equals www.youtube.com (Youtube)
Source: chromecache_211.2.dr, chromecache_216.2.dr, chromecache_276.2.dr	String found in binary or memory: Math.round(p);v["gtm.videoCurrentTime"]=Math.round(q);v["gtm.videoElapsedTime"]=Math.round(f);v["gtm.videoPercent"]=r;v["gtm.videoVisible"]=t;return v},Ij:function(){e=zb()},pd:function(){d()}}};var dc=ia(["data-gtm-yt-inspected-"]),xC=["www.youtube.com","www.youtube-nocookie.com"],yC,zC=!1; equals www.youtube.com (Youtube)
Source: chromecache_276.2.dr	String found in binary or memory: c(S[ka],E.xe)){mI("https://www.youtube.com/iframe_api");t=!0;break}})}}else I(u.vtp_gtmOnSuccess)}var p=["www.youtube.com","www.youtube-nocookie.com"],q={UNSTARTED:-1,ENDED:0,PLAYING:1,PAUSED:2,BUFFERING:3,CUED:5},r,t=!1;(function(u){Z.__ytl=u;Z.__ytl.C="ytl";Z.__ytl.isVendorTemplate=!0;Z.__ytl.priorityOverride=0;Z.__ytl.isInfrastructure=!1;Z.__ytl.runInSiloedMode=!1})(function(u){u.vtp_triggerStartOption?n(u):ww(function(){n(u)})})}(); equals www.youtube.com (Youtube)
Source: chromecache_216.2.dr	String found in binary or memory: c?"runIfCanceled":"runIfUncanceled",[]);if(!g.length)return!0;var h=jA(a,c,e);M(121);if("https://www.facebook.com/tr/"===h["gtm.elementUrl"])return M(122),!0;if(d&&f){for(var m=Jb(b,g.length),n=0;n<g.length;++n)g[n](h,m);return m.done}for(var p=0;p<g.length;++p)g[p](h,function(){});return!0},mA=function(){var a=[],b=function(c){return pb(a,function(d){return d.form===c})};return{store:function(c,d){var e=b(c);e?e.button=d:a.push({form:c,button:d})},get:function(c){var d=b(c);return d?d.button:null}}}, equals www.facebook.com (Facebook)
Source: chromecache_216.2.dr	String found in binary or memory: e\|\|f\|\|g.length\|\|h.length))return;var n={Tg:d,Rg:e,Sg:f,Dh:g,Eh:h,xe:m,zb:b},p=D.YT,q=function(){FC(n)};if(p)return p.ready&&p.ready(q),b;var r=D.onYouTubeIframeAPIReady;D.onYouTubeIframeAPIReady=function(){r&&r();q()};I(function(){for(var t=H.getElementsByTagName("script"),u=t.length,v=0;v<u;v++){var w=t[v].getAttribute("src");if(IC(w,"iframe_api")\|\|IC(w,"player_api"))return b}for(var x=H.getElementsByTagName("iframe"),y=x.length,A=0;A<y;A++)if(!zC&&GC(x[A],n.xe))return Ic("https://www.youtube.com/iframe_api"), equals www.youtube.com (Youtube)
Source: chromecache_211.2.dr, chromecache_276.2.dr	String found in binary or memory: function(h){return h.form===g})};return{store:function(g,h){var m=f(g);m?m.button=h:e.push({form:g,button:h})},get:function(g){var h=f(g);return h?h.button:null}}}function d(e,f,g,h,m){var n=Kz("fsl",g?"nv.mwt":"mwt",0),p;p=g?Kz("fsl","nv.ids",[]):Kz("fsl","ids",[]);if(!p.length)return!0;var q=Gz(e,"gtm.formSubmit",p),r=e.action;r&&r.tagName&&(r=e.cloneNode(!1).action);q["gtm.elementUrl"]=r;M(121);if("https://www.facebook.com/tr/"===r)return M(122),!0;m&&(q["gtm.formSubmitElement"]=m);if(h&&n){if(!rI(q, equals www.facebook.com (Facebook)
Source: chromecache_216.2.dr	String found in binary or memory: var KB=function(a,b,c,d,e){var f=Kz("fsl",c?"nv.mwt":"mwt",0),g;g=c?Kz("fsl","nv.ids",[]):Kz("fsl","ids",[]);if(!g.length)return!0;var h=Gz(a,"gtm.formSubmit",g),m=a.action;m&&m.tagName&&(m=a.cloneNode(!1).action);M(121);if("https://www.facebook.com/tr/"===m)return M(122),!0;h["gtm.elementUrl"]=m;h["gtm.formCanceled"]=c;null!=a.getAttribute("name")&&(h["gtm.interactedFormName"]=a.getAttribute("name"));e&&(h["gtm.formSubmitElement"]=e,h["gtm.formSubmitElementText"]=e.value);if(d&&f){if(!vy(h,wy(b, equals www.facebook.com (Facebook)

Source: unknown

DNS traffic detected: queries for: na2.docusign.net

Source: unknown

HTTP traffic detected: POST /g/collect?v=2&tid=G-2XYX2S797K&gtm=45je44h0v898263613z8898501896za200&_p=1713904101416&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=1593841297.1713904103&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_s=1&sid=1713904103&sct=1&seg=0&dl=https%3A%2F%2Fwww.osler.com%2Fen%2Fhome&dt=Osler%2C%20Hoskin%20%26%20Harcourt%20LLP%20%7C%20Business%20Law%20Firm&en=page_view&_fv=1&_ss=1&tfd=4918 HTTP/1.1Host: analytics.google.comConnection: keep-aliveContent-Length: 0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.osler.comX-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiSocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://www.osler.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: chromecache_228.2.dr	String found in binary or memory: http://dbj.org/dbj/?p=286
Source: chromecache_228.2.dr	String found in binary or memory: http://dean.edwards.name/weblog/2005/10/add-event/
Source: chromecache_228.2.dr	String found in binary or memory: http://documentcloud.github.com/underscore/
Source: chromecache_266.2.dr	String found in binary or memory: http://fontawesome.io
Source: chromecache_266.2.dr	String found in binary or memory: http://fontawesome.io/license
Source: chromecache_228.2.dr	String found in binary or memory: http://hacks.mozilla.org/2009/07/cross-site-xmlhttprequest-with-cors/
Source: chromecache_228.2.dr	String found in binary or memory: http://mixpanel.com/
Source: chromecache_227.2.dr	String found in binary or memory: http://opensource.org/licenses/BSD-2-Clause
Source: chromecache_227.2.dr	String found in binary or memory: http://opensource.org/licenses/GPL-2.0
Source: chromecache_280.2.dr, chromecache_330.2.dr	String found in binary or memory: http://stackoverflow.com/questions/11191746/should-role-contentinfo-be-always-added-on-footer-elemen
Source: chromecache_228.2.dr	String found in binary or memory: http://www.ecma-international.org/ecma-262/5.1/#sec-12.4
Source: chromecache_349.2.dr	String found in binary or memory: http://www.google-analytics.com
Source: chromecache_330.2.dr	String found in binary or memory: http://www.osler.com/en/about-us
Source: chromecache_280.2.dr	String found in binary or memory: http://www.osler.com/en/offices
Source: chromecache_211.2.dr, chromecache_276.2.dr	String found in binary or memory: https://a.quora.com/qevents.js
Source: chromecache_211.2.dr, chromecache_216.2.dr, chromecache_276.2.dr	String found in binary or memory: https://adservice.google.com/pagead/regclk
Source: chromecache_211.2.dr, chromecache_216.2.dr, chromecache_276.2.dr	String found in binary or memory: https://adservice.googlesyndication.com/pagead/regclk
Source: chromecache_280.2.dr, chromecache_330.2.dr	String found in binary or memory: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Source: chromecache_188.2.dr	String found in binary or memory: https://ampcid.google.com/v1/publisher:getClientId
Source: chromecache_211.2.dr, chromecache_216.2.dr, chromecache_276.2.dr	String found in binary or memory: https://cct.google/taggy/agent.js
Source: chromecache_280.2.dr, chromecache_330.2.dr	String found in binary or memory: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Source: chromecache_243.2.dr, chromecache_185.2.dr	String found in binary or memory: https://cdn.cookielaw.org/vendorlist/googleData.json
Source: chromecache_243.2.dr, chromecache_185.2.dr	String found in binary or memory: https://cdn.cookielaw.org/vendorlist/iab2Data.json
Source: chromecache_243.2.dr, chromecache_185.2.dr	String found in binary or memory: https://cdn.cookielaw.org/vendorlist/iab2V2Data.json
Source: chromecache_243.2.dr, chromecache_185.2.dr	String found in binary or memory: https://cdn.cookielaw.org/vendorlist/iabData.json
Source: chromecache_243.2.dr, chromecache_185.2.dr	String found in binary or memory: https://cookies-data.onetrust.io/bannersdk/v1/domaingroupcheck
Source: chromecache_228.2.dr	String found in binary or memory: https://developer.mozilla.org/en-US/docs/DOM/XMLHttpRequest#withCredentials
Source: chromecache_243.2.dr, chromecache_185.2.dr	String found in binary or memory: https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Source: chromecache_322.2.dr	String found in binary or memory: https://getbootstrap.com/)
Source: chromecache_228.2.dr	String found in binary or memory: https://gist.github.com/1930440
Source: chromecache_228.2.dr	String found in binary or memory: https://github.com/douglascrockford/JSON-js/blob/master/json_parse.js
Source: chromecache_322.2.dr	String found in binary or memory: https://github.com/h5bp/html5-boilerplate/blob/master/src/css/main.css
Source: chromecache_237.2.dr	String found in binary or memory: https://github.com/kriskowal/es5-shim/blob/master/es5-shim.js
Source: chromecache_315.2.dr, chromecache_224.2.dr	String found in binary or memory: https://github.com/microsoft/clarity
Source: chromecache_322.2.dr	String found in binary or memory: https://github.com/twbs/bootstrap/blob/master/LICENSE)
Source: chromecache_257.2.dr	String found in binary or memory: https://github.com/zloirock/core-js
Source: chromecache_257.2.dr	String found in binary or memory: https://github.com/zloirock/core-js/blob/v3.25.2/LICENSE
Source: chromecache_276.2.dr	String found in binary or memory: https://google.com
Source: chromecache_276.2.dr	String found in binary or memory: https://googleads.g.doubleclick.net
Source: chromecache_280.2.dr, chromecache_330.2.dr	String found in binary or memory: https://oss.maxcdn.com/html5shiv/3.7.2/html5shiv.js
Source: chromecache_276.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com
Source: chromecache_211.2.dr, chromecache_216.2.dr, chromecache_276.2.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe
Source: chromecache_276.2.dr	String found in binary or memory: https://q.quora.com/_/ad/
Source: chromecache_349.2.dr	String found in binary or memory: https://ssl.google-analytics.com
Source: chromecache_349.2.dr	String found in binary or memory: https://ssl.google-analytics.com/j/__utm.gif
Source: chromecache_211.2.dr	String found in binary or memory: https://static.hotjar.com/c/hotjar-
Source: chromecache_216.2.dr	String found in binary or memory: https://stats.g.doubleclick.net/g/collect
Source: chromecache_216.2.dr	String found in binary or memory: https://stats.g.doubleclick.net/g/collect?v=2&
Source: chromecache_188.2.dr	String found in binary or memory: https://stats.g.doubleclick.net/j/collect
Source: chromecache_349.2.dr	String found in binary or memory: https://stats.g.doubleclick.net/j/collect?
Source: chromecache_188.2.dr	String found in binary or memory: https://tagassistant.google.com/
Source: chromecache_211.2.dr, chromecache_216.2.dr, chromecache_276.2.dr	String found in binary or memory: https://td.doubleclick.net
Source: chromecache_330.2.dr	String found in binary or memory: https://twitter.com/osler_law
Source: chromecache_279.2.dr	String found in binary or memory: https://www.clarity.ms/tag/uet/
Source: chromecache_217.2.dr, chromecache_265.2.dr, chromecache_312.2.dr, chromecache_274.2.dr, chromecache_194.2.dr, chromecache_215.2.dr	String found in binary or memory: https://www.gettyimages.com/eula?utm_medium=organic&utm_source=google&utm_campaign=iptcurl8BIM
Source: chromecache_211.2.dr	String found in binary or memory: https://www.google-analytics.com/analytics.js
Source: chromecache_188.2.dr	String found in binary or memory: https://www.google-analytics.com/debug/bootstrap?id=
Source: chromecache_188.2.dr	String found in binary or memory: https://www.google-analytics.com/gtm/js?id=
Source: chromecache_188.2.dr	String found in binary or memory: https://www.google.%/ads/ga-audiences
Source: chromecache_349.2.dr	String found in binary or memory: https://www.google.%/ads/ga-audiences?
Source: chromecache_276.2.dr	String found in binary or memory: https://www.google.com
Source: chromecache_188.2.dr	String found in binary or memory: https://www.google.com/ads/ga-audiences
Source: chromecache_349.2.dr	String found in binary or memory: https://www.google.com/analytics/web/inpage/pub/inpage.js?
Source: chromecache_276.2.dr	String found in binary or memory: https://www.googleadservices.com
Source: chromecache_211.2.dr, chromecache_216.2.dr, chromecache_276.2.dr	String found in binary or memory: https://www.googletagmanager.com
Source: chromecache_188.2.dr	String found in binary or memory: https://www.googletagmanager.com/gtag/js?id=
Source: chromecache_280.2.dr, chromecache_330.2.dr	String found in binary or memory: https://www.googletagmanager.com/gtm.js?id=GTM-T6XW3V
Source: chromecache_280.2.dr, chromecache_330.2.dr	String found in binary or memory: https://www.googletagmanager.com/gtm.js?id=GTM-TWPZT6Z
Source: chromecache_280.2.dr, chromecache_330.2.dr	String found in binary or memory: https://www.googletagmanager.com/ns.html?id=GTM-T6XW3V
Source: chromecache_280.2.dr, chromecache_330.2.dr	String found in binary or memory: https://www.googletagmanager.com/ns.html?id=GTM-TWPZT6Z
Source: chromecache_330.2.dr	String found in binary or memory: https://www.instagram.com/osler_law/
Source: chromecache_330.2.dr	String found in binary or memory: https://www.linkedin.com/company/osler-hoskin-&-harcourt-llp
Source: chromecache_216.2.dr	String found in binary or memory: https://www.merchant-center-analytics.goog
Source: chromecache_330.2.dr	String found in binary or memory: https://www.osler.com/en/about-us
Source: chromecache_280.2.dr	String found in binary or memory: https://www.osler.com/en/offices
Source: chromecache_183.2.dr	String found in binary or memory: https://www.osler.com/en/privacy
Source: chromecache_330.2.dr	String found in binary or memory: https://www.osler.com/fr/a-propos-de-nous
Source: chromecache_280.2.dr	String found in binary or memory: https://www.osler.com/fr/bureaux
Source: chromecache_280.2.dr, chromecache_330.2.dr	String found in binary or memory: https://www.osler.com/osler/media/Osler/Content/Images/logo-200x200.jpg?ext=.jpg
Source: chromecache_330.2.dr	String found in binary or memory: https://www.youtube.com/c/osler
Source: chromecache_211.2.dr, chromecache_216.2.dr, chromecache_276.2.dr	String found in binary or memory: https://www.youtube.com/iframe_api

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49865
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49986
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49864
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49985
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49863
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49862
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49983
Source: unknown	Network traffic detected: HTTP traffic on port 49926 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49981
Source: unknown	Network traffic detected: HTTP traffic on port 49949 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49980
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50054
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50053
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50056
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50055
Source: unknown	Network traffic detected: HTTP traffic on port 49898 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50057
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50059
Source: unknown	Network traffic detected: HTTP traffic on port 49961 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49852 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50022 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50063
Source: unknown	Network traffic detected: HTTP traffic on port 50068 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49858
Source: unknown	Network traffic detected: HTTP traffic on port 49881 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49979
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49857
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49978
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49856
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49977
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49855
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49976
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49854
Source: unknown	Network traffic detected: HTTP traffic on port 49841 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49975
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49853
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49974
Source: unknown	Network traffic detected: HTTP traffic on port 50085 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49852
Source: unknown	Network traffic detected: HTTP traffic on port 49950 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49851
Source: unknown	Network traffic detected: HTTP traffic on port 49996 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50039 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49850
Source: unknown	Network traffic detected: HTTP traffic on port 49858 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50067
Source: unknown	Network traffic detected: HTTP traffic on port 50056 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50066
Source: unknown	Network traffic detected: HTTP traffic on port 49893 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50068
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50070
Source: unknown	Network traffic detected: HTTP traffic on port 49915 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50004 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49909 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49849
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49848
Source: unknown	Network traffic detected: HTTP traffic on port 49978 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49847
Source: unknown	Network traffic detected: HTTP traffic on port 49886 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49846
Source: unknown	Network traffic detected: HTTP traffic on port 49869 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49845
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49844
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49843
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49964
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49842
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49841
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49962
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49961
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49960
Source: unknown	Network traffic detected: HTTP traffic on port 50015 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50040 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49989 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50057 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49892 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49933 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50028 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50085
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49904 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49847 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49958
Source: unknown	Network traffic detected: HTTP traffic on port 49887 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49954
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49953
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49952
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49951
Source: unknown	Network traffic detected: HTTP traffic on port 49864 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49950
Source: unknown	Network traffic detected: HTTP traffic on port 49927 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49870 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49910 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49853 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50051 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49983 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49949
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49948
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50019
Source: unknown	Network traffic detected: HTTP traffic on port 49951 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49974 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50012
Source: unknown	Network traffic detected: HTTP traffic on port 50055 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50014
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50013
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50015
Source: unknown	Network traffic detected: HTTP traffic on port 50049 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49980 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49868 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49898
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50029
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49897
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50028
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49896
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49895
Source: unknown	Network traffic detected: HTTP traffic on port 49862 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49893
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49892
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49891
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49890
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50021
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50020
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50022
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50024
Source: unknown	Network traffic detected: HTTP traffic on port 49897 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49985 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49911 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50000 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49851 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50021 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50030
Source: unknown	Network traffic detected: HTTP traffic on port 49991 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50067 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49889
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49887
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49886
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50039
Source: unknown	Network traffic detected: HTTP traffic on port 49863 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49884
Source: unknown	Network traffic detected: HTTP traffic on port 49995 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49883
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49882
Source: unknown	Network traffic detected: HTTP traffic on port 49928 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49881
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49880
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49857 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50036
Source: unknown	Network traffic detected: HTTP traffic on port 49896 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49940 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50005 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50040
Source: unknown	Network traffic detected: HTTP traffic on port 50066 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49979 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49877
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49998
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 49891 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49996
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49874
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49995
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49994
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49872
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49871
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49870
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49991
Source: unknown	Network traffic detected: HTTP traffic on port 49917 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50042
Source: unknown	Network traffic detected: HTTP traffic on port 49874 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50047
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50049
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50048
Source: unknown	Network traffic detected: HTTP traffic on port 49880 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49962 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50052
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50051
Source: unknown	Network traffic detected: HTTP traffic on port 49846 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49869
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49868
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49989
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49867
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49866
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49987
Source: unknown	Network traffic detected: HTTP traffic on port 49890 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50013 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50036 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50042 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50059 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49912 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49958 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49849 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49900 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49889 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49866 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49975 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49929 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49872 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49855 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49964 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50053 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49981 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49901 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49924 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49844 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50001 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49986 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50006
Source: unknown	Network traffic detected: HTTP traffic on port 50012 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49952 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49994 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49672
Source: unknown	Network traffic detected: HTTP traffic on port 50020 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50001
Source: unknown	Network traffic detected: HTTP traffic on port 50054 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50000
Source: unknown	Network traffic detected: HTTP traffic on port 49856 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50005
Source: unknown	Network traffic detected: HTTP traffic on port 49895 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50004
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49913 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50048 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50006 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49884 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49907 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49867 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49865 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49842 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49940
Source: unknown	Network traffic detected: HTTP traffic on port 49871 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50052 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49977 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 49902 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49933
Source: unknown	Network traffic detected: HTTP traffic on port 49925 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49954 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50014 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50070 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49960 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49929
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49928
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49927
Source: unknown	Network traffic detected: HTTP traffic on port 49848 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 49882 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49926
Source: unknown	Network traffic detected: HTTP traffic on port 50029 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49925
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49924
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49920
Source: unknown	Network traffic detected: HTTP traffic on port 50063 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49976 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49953 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50019 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49877 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49854 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49914 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50047 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49908 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50024 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49917
Source: unknown	Network traffic detected: HTTP traffic on port 49883 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49915
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49914
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49913
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49912
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49911
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49910
Source: unknown	Network traffic detected: HTTP traffic on port 49948 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49998 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49843 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49987 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49909
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49908
Source: unknown	Network traffic detected: HTTP traffic on port 50030 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49907
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49904
Source: unknown	Network traffic detected: HTTP traffic on port 49920 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49902
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49901
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49900

Source: unknown	HTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.4:49767 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.31.62.93:443 -> 192.168.2.4:49772 version: TLS 1.2

Source: classification engine

Classification label: clean0.win@22/301@60/19

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2104 --field-trial-handle=1936,i,16160523055122430416,7819649957933225674,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://na2.docusign.net/Member/EmailStart.aspx?a=a80ac213-4c4b-4d94-8447-7b8ec8afda1c&r=2c2e6bab-d126-49a4-9fae-66272ce3bf00"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2104 --field-trial-handle=1936,i,16160523055122430416,7819649957933225674,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Automated click: Ok
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Automated click: Ok
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Automated click: Accept

Source: Window Recorder

Window detected: More than 3 window changes detected

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	Path Interception	1 Process Injection	1 Process Injection	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	Rootkit	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	3 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	4 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	1 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Source	Detection	Scanner	Label	Link
https://na2.docusign.net/Member/EmailStart.aspx?a=a80ac213-4c4b-4d94-8447-7b8ec8afda1c&r=2c2e6bab-d126-49a4-9fae-66272ce3bf00	0%	Avira URL Cloud	safe

Source	Detection	Scanner	Label
http://dbj.org/dbj/?p=286	0%	URL Reputation	safe
https://cct.google/taggy/agent.js	0%	URL Reputation	safe
http://dean.edwards.name/weblog/2005/10/add-event/	0%	URL Reputation	safe
https://www.google.%/ads/ga-audiences	0%	URL Reputation	safe
https://cookies-data.onetrust.io/bannersdk/v1/domaingroupcheck	0%	URL Reputation	safe
https://www.clarity.ms/tag/uet/	0%	URL Reputation	safe
https://www.google.%/ads/ga-audiences?	0%	URL Reputation	safe
about:blank	0%	Avira URL Cloud	safe
https://www.clarity.ms/tag/uet/134024834	0%	Avira URL Cloud	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
fp2e7a.wpc.phicdn.net	192.229.211.108	true	false	unknown
arya-1323461286.us-west-2.elb.amazonaws.com	54.186.38.246	true	false	high
stats.g.doubleclick.net	74.125.138.157	true	false	high
part-0013.t-0009.t-msedge.net	13.107.246.41	true	false	unknown
script.hotjar.com	99.84.191.81	true	false	high
www.google.com	74.125.136.106	true	false	high
analytics.google.com	142.251.15.138	true	false	high
td.doubleclick.net	172.217.215.156	true	false	high
part-0023.t-0009.t-msedge.net	13.107.213.51	true	false	unknown
api.mixpanel.com	35.190.25.25	true	false	high
cdn.cookielaw.org	104.19.177.52	true	false	high
geolocation.onetrust.com	104.18.32.137	true	false	high
q.quora.com	52.45.52.13	true	false	high
static-cdn.hotjar.com	52.85.132.14	true	false	high
a.quora.com	unknown	unknown	false	high
www.clarity.ms	unknown	unknown	false	unknown
cdn.optimizely.com	unknown	unknown	false	high
n.clarity.ms	unknown	unknown	false	unknown
static.hotjar.com	unknown	unknown	false	high
www.osler.com	unknown	unknown	false	high
a.docusign.com	unknown	unknown	false	high
docucdn-a.akamaihd.net	unknown	unknown	false	high
c.clarity.ms	unknown	unknown	false	unknown
na2.docusign.net	unknown	unknown	false	high

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://cdn.cookielaw.org/consent/25c02da3-4d83-47e6-b080-f533c2d99f75/25cdfee2-024b-4a52-a054-a6e05347c926/en.json	false		high
https://analytics.google.com/g/collect?v=2&tid=G-2XYX2S797K&gtm=45je44h0v898263613z8898501896za200&_p=1713904101416&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=1593841297.1713904103&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&_s=1&sid=1713904103&sct=1&seg=0&dl=https%3A%2F%2Fwww.osler.com%2Fen%2Fhome&dt=Osler%2C%20Hoskin%20%26%20Harcourt%20LLP%20%7C%20Business%20Law%20Firm&en=page_view&_fv=1&_ss=1&tfd=4918	false		high
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-2XYX2S797K&cid=1593841297.1713904103&gtm=45je44h0v898263613z8898501896za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0	false		high
https://www.osler.com/cmsapi/webanalytics/LogHit	false		high
https://www.osler.com/favicon.ico	false		high
https://q.quora.com/_/ad/1d539869a4ba46ddbd0c2051a332bce8/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fwww.osler.com%2Fen%2Fhome	false		high
https://cdn.cookielaw.org/scripttemplates/202308.1.0/assets/v2/otPcCenter.json	false		high
about:blank	false	Avira URL Cloud: safe	low
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg	false		high
https://www.osler.com/Osler/fonts/font-awesome/fonts/fontawesome-webfont.woff?v=4.2.0	false		high
https://q.quora.com/_/ad/1d539869a4ba46ddbd0c2051a332bce8/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fwww.osler.com%2Fen%2Foffices	false		high
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg	false		high
https://www.osler.com/en/home	false		high
https://q.quora.com/_/ad/1d539869a4ba46ddbd0c2051a332bce8/pixel?j=1&u=https%3A%2F%2Fwww.osler.com%2Fen%2Fabout-us&tag=DwellTime&ts=1713904125971&i=gtm&dwt=5&ive=webkitHidden	false		high
https://static.hotjar.com/c/hotjar-139501.js?sv=7	false		high
https://www.osler.com/osler/media/Osler/Content/Images/Tile-400x350/400x350-abstract-lines-blue-yellow.jpg?ext=.jpg	false		high
https://analytics.google.com/g/collect?v=2&tid=G-2XYX2S797K&gtm=45je44h0v898263613z8898501896za200&_p=1713904124141&gcd=13l3l3l3l1&npa=0&dma=0&cid=1593841297.1713904103&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&sid=1713904103&sct=1&seg=1&dl=https%3A%2F%2Fwww.osler.com%2Fen%2Fabout-us&dt=About%20Osler%20%7C%20Canadian%20Business%20Law%20Firm&_s=1&tfd=8351	false		high
https://www.osler.com/Osler/fonts/font-awesome/css/font-awesome.min.css	false		high
https://www.osler.com/en/offices	false		high
https://www.osler.com/ScriptResource.axd?d=Jw6tUGWnA15YEa3ai3FadJaKr3VMEUCzTcVUg3yR_61yWBgJoleXt-5Wzlb_DbMqUsLvg1hc9B9Cbq075jVgMxR2b_4e3El0QfSbhYiSO0Zck-SkUtK5a0ahJ4I80fD0ivUmZ29GXEQmkrFUXLiggKgpiZLo68rZ0QbCQ6QY_s81&t=722fe453	false		high
https://www.osler.com/	false		high
https://www.osler.com/ScriptResource.axd?d=dwY9oWetJoJoVpgL6Zq8OIraOhbH8dYmWuMx72NLg2J7X3NEA8pv5VQtFEWqTHEExepx7TUwZUeh0E-QDGbdH3gkHL4W7gJp3pm-xvAmoJCGu3YZyrY-30LLifE0byyBTuPNqmgSURntMKtPYO44DzjA-DbwqKN9rbzZh4zDZLA1&t=722fe453	false		high
https://analytics.google.com/g/collect?v=2&tid=G-2XYX2S797K&gtm=45je44h0v898263613z8898501896za200&_p=1713904141699&gcd=13l3l3l3l1&npa=0&dma=0&cid=1593841297.1713904103&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&sid=1713904103&sct=1&seg=1&dl=https%3A%2F%2Fwww.osler.com%2Fen%2Foffices&dt=Office%20Locations%20-%20Osler%2C%20Hoskin%20%26%20Harcourt%20LLP&_s=1&tfd=7071	false		high
https://www.osler.com/osler/media/Osler/Content/Images/Tile-300x300/300x300-Elizabeth-Sale.png?ext=.png	false		high
https://www.osler.com/osler/media/Osler/Content/Images/Tile-300x300/ESG-Podcast-300x300.jpg?ext=.jpg	false		high
https://analytics.google.com/g/collect?v=2&tid=G-2XYX2S797K&gtm=45je44h0v898263613z8898501896za200&_p=1713904132806&gcd=13l3l3l3l1&npa=0&dma=0&cid=1593841297.1713904103&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&sid=1713904103&sct=1&seg=1&dl=https%3A%2F%2Fwww.osler.com%2Fen%2Fcontact-us&dt=Contact%20Us%20%7C%20Osler%2C%20Hoskin%20%26%20Harcourt%20LLP&_s=1&tfd=10646	false		high
https://q.quora.com/_/ad/1d539869a4ba46ddbd0c2051a332bce8/pixel?j=1&u=https%3A%2F%2Fwww.osler.com%2Fen%2Fhome%23main&tag=DwellTime&ts=1713904125990&i=gtm&dwt=4&ive=blur	false		high
https://www.osler.com/Osler/css/styles.min.css?v=11.0.4	false		high
https://www.osler.com/Osler/js/bower_components/modernizr/modernizr.js	false		high
https://cdn.cookielaw.org/logos/38631fdf-9644-4fbd-9d51-548bf27f58b4/766c27fe-9d62-4742-8d14-c7025e4ea83d/b6e90325-7b68-4e30-bbe6-25167c632d2c/logo.png	false		high
https://q.quora.com/_/ad/1d539869a4ba46ddbd0c2051a332bce8/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fwww.osler.com%2Fen%2Fhome%23main	false		high
https://cdn.cookielaw.org/scripttemplates/202308.1.0/otBannerSdk.js	false		high
https://www.osler.com/Osler/js/dist/Osler.min.js	false		high
https://www.osler.com/Osler/fonts/celeste/CelesteWeb.woff?	false		high
https://script.hotjar.com/modules.588629dd3c10b20ab52d.js	false		high
https://www.osler.com/CMSPages/GetResource.ashx?scriptfile=%7e%2fCMSScripts%2fWebServiceCall.js	false		high
https://www.osler.com/ScriptResource.axd?d=uHIkleVeDJf4xS50Krz-yND2uNShhTUBAP5n7Xu_4VEl-p2v7XApT3Wzf25zNj8jfHNT4wEsGAA2Kw1gCxln6iOKKZKXd_VfM8hBCSVnU9G4mkKk8MEcUDtNc08T0CzJigFOUXvGgrseIpqSzLM-sUZdqwGIcIt8aEKbHu1vqV81&t=722fe453	false		high
https://www.osler.com/Osler/css/bootstrap-accessibility-plugin.min.css	false		high
https://www.osler.com/Osler/fonts/celeste-sans/bold/celestesanscomp-bold-webfont.woff2	false		high
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js	false		high
https://q.quora.com/_/ad/1d539869a4ba46ddbd0c2051a332bce8/pixel?j=1&u=https%3A%2F%2Fwww.osler.com%2Fen%2Fcontact-us&tag=DwellTime&ts=1713904137168&i=gtm&dwt=530&ive=blur	false		high
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location	false		high
https://q.quora.com/_/ad/1d539869a4ba46ddbd0c2051a332bce8/pixel?j=1&u=https%3A%2F%2Fwww.osler.com%2Fen%2Fhome&tag=DwellTime&ts=1713904115967&i=gtm&dwt=10239&ive=blur	false		high
https://q.quora.com/_/ad/1d539869a4ba46ddbd0c2051a332bce8/pixel?j=1&u=https%3A%2F%2Fwww.osler.com%2Fen%2Fabout-us&tag=DwellTime&ts=1713904128765&i=gtm&dwt=2792&ive=blur	false		high
https://www.osler.com/Osler/js/dist/datepicker/wet/css/event-cal-style.css	false		high
https://analytics.google.com/g/collect?v=2&tid=G-2XYX2S797K&gtm=45je44h0v898263613z8898501896za200&_p=1713904101416&gcd=13l3l3l3l1&npa=0&dma=0&cid=1593841297.1713904103&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&pscdl=noapi&sid=1713904103&sct=1&seg=0&dl=https%3A%2F%2Fwww.osler.com%2Fen%2Fhome&dt=Osler%2C%20Hoskin%20%26%20Harcourt%20LLP%20%7C%20Business%20Law%20Firm&_s=2&tfd=12102	false		high
https://q.quora.com/_/ad/1d539869a4ba46ddbd0c2051a332bce8/pixel?j=1&u=https%3A%2F%2Fwww.osler.com%2Fen%2Fcontact-us&tag=DwellTime&ts=1713904137183&i=gtm&dwt=12&ive=webkitHidden	false		high
https://www.osler.com/osler/media/Osler/Content/Images/Tile-400x350/GettyImages-917750358-400x350px-lights.jpg?ext=.jpg	false		high
https://q.quora.com/_/ad/1d539869a4ba46ddbd0c2051a332bce8/pixel?j=1&u=https%3A%2F%2Fwww.osler.com%2Fen%2Fhome%23main&tag=DwellTime&ts=1713904122825&i=gtm&dwt=1928&ive=blur	false		high
https://www.osler.com/osler/media/Osler/Content/Images/Tile-700x350/Federal-Budget-2024-700x350.jpg?ext=.jpg	false		high
https://www.osler.com/osler/media/Osler/Content/Images/Tile-700x350/700x350-dealpoints-2024.png?ext=.png	false		high
https://q.quora.com/_/ad/1d539869a4ba46ddbd0c2051a332bce8/pixel?j=1&u=https%3A%2F%2Fwww.osler.com%2Fen%2Fcontact-us&tag=DwellTime&ts=1713904140732&i=gtm&dwt=3548&ive=blur	false		high
https://cdn.cookielaw.org/scripttemplates/202308.1.0/assets/otCommonStyles.css	false		high
https://q.quora.com/_/ad/1d539869a4ba46ddbd0c2051a332bce8/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fwww.osler.com%2Fen%2Fcontact-us	false		high
https://www.clarity.ms/tag/uet/134024834	false	Avira URL Cloud: safe	unknown
https://a.docusign.com/ds_arya_wrapper.min.js?f=1	false		high
https://www.osler.com/osler/media/Osler/Content/Email/Email-Icon.svg	false		high
https://www.osler.com/en/home#main	false		high
https://td.doubleclick.net/td/ga/rul?tid=G-2XYX2S797K&gacid=1593841297.1713904103&gtm=45je44h0v898263613z8898501896za200&dma=0&gcd=13l3l3l3l1&npa=0&pscdl=noapi&aip=1&fledge=1&z=701014799	false		high

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
http://fontawesome.io	chromecache_266.2.dr	false		high
https://stats.g.doubleclick.net/g/collect	chromecache_216.2.dr	false		high
https://github.com/zloirock/core-js	chromecache_257.2.dr	false		high
https://ampcid.google.com/v1/publisher:getClientId	chromecache_188.2.dr	false		high
https://q.quora.com/_/ad/	chromecache_276.2.dr	false		high
https://www.osler.com/en/privacy	chromecache_183.2.dr	false		high
https://www.google.com	chromecache_276.2.dr	false		high
https://www.youtube.com/iframe_api	chromecache_211.2.dr, chromecache_216.2.dr, chromecache_276.2.dr	false		high
https://github.com/zloirock/core-js/blob/v3.25.2/LICENSE	chromecache_257.2.dr	false		high
https://github.com/kriskowal/es5-shim/blob/master/es5-shim.js	chromecache_237.2.dr	false		high
https://stats.g.doubleclick.net/j/collect	chromecache_188.2.dr	false		high
http://dbj.org/dbj/?p=286	chromecache_228.2.dr	false	URL Reputation: safe	unknown
https://github.com/microsoft/clarity	chromecache_315.2.dr, chromecache_224.2.dr	false		high
https://www.osler.com/osler/media/Osler/Content/Images/logo-200x200.jpg?ext=.jpg	chromecache_280.2.dr, chromecache_330.2.dr	false		high
https://www.instagram.com/osler_law/	chromecache_330.2.dr	false		high
https://adservice.google.com/pagead/regclk	chromecache_211.2.dr, chromecache_216.2.dr, chromecache_276.2.dr	false		high
http://opensource.org/licenses/GPL-2.0	chromecache_227.2.dr	false		high
https://cct.google/taggy/agent.js	chromecache_211.2.dr, chromecache_216.2.dr, chromecache_276.2.dr	false	URL Reputation: safe	unknown
https://www.linkedin.com/company/osler-hoskin-&-harcourt-llp	chromecache_330.2.dr	false		high
http://dean.edwards.name/weblog/2005/10/add-event/	chromecache_228.2.dr	false	URL Reputation: safe	unknown
https://stats.g.doubleclick.net/j/collect?	chromecache_349.2.dr	false		high
https://www.google.%/ads/ga-audiences	chromecache_188.2.dr	false	URL Reputation: safe	low
https://github.com/twbs/bootstrap/blob/master/LICENSE)	chromecache_322.2.dr	false		high
https://stats.g.doubleclick.net/g/collect?v=2&	chromecache_216.2.dr	false		high
https://a.quora.com/qevents.js	chromecache_211.2.dr, chromecache_276.2.dr	false		high
https://www.gettyimages.com/eula?utm_medium=organic&utm_source=google&utm_campaign=iptcurl8BIM	chromecache_217.2.dr, chromecache_265.2.dr, chromecache_312.2.dr, chromecache_274.2.dr, chromecache_194.2.dr, chromecache_215.2.dr	false		high
http://hacks.mozilla.org/2009/07/cross-site-xmlhttprequest-with-cors/	chromecache_228.2.dr	false		high
https://cookies-data.onetrust.io/bannersdk/v1/domaingroupcheck	chromecache_243.2.dr, chromecache_185.2.dr	false	URL Reputation: safe	unknown
https://www.osler.com/fr/bureaux	chromecache_280.2.dr	false		high
https://gist.github.com/1930440	chromecache_228.2.dr	false		high
https://www.clarity.ms/tag/uet/	chromecache_279.2.dr	false	URL Reputation: safe	unknown
http://www.osler.com/en/about-us	chromecache_330.2.dr	false		high
http://opensource.org/licenses/BSD-2-Clause	chromecache_227.2.dr	false		high
http://stackoverflow.com/questions/11191746/should-role-contentinfo-be-always-added-on-footer-elemen	chromecache_280.2.dr, chromecache_330.2.dr	false		high
https://www.osler.com/fr/a-propos-de-nous	chromecache_330.2.dr	false		high
https://www.google.%/ads/ga-audiences?	chromecache_349.2.dr	false	URL Reputation: safe	low
http://documentcloud.github.com/underscore/	chromecache_228.2.dr	false		high
https://cdn.cookielaw.org/vendorlist/googleData.json	chromecache_243.2.dr, chromecache_185.2.dr	false		high
https://cdn.cookielaw.org/vendorlist/iabData.json	chromecache_243.2.dr, chromecache_185.2.dr	false		high
https://www.google.com/analytics/web/inpage/pub/inpage.js?	chromecache_349.2.dr	false		high
https://cdn.cookielaw.org/vendorlist/iab2Data.json	chromecache_243.2.dr, chromecache_185.2.dr	false		high

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
74.125.138.157	stats.g.doubleclick.net	United States	15169	GOOGLEUS	false
35.186.241.51	unknown	United States	15169	GOOGLEUS	false
13.107.246.41	part-0013.t-0009.t-msedge.net	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
104.19.177.52	cdn.cookielaw.org	United States	13335	CLOUDFLARENETUS	false
74.125.136.106	www.google.com	United States	15169	GOOGLEUS	false
104.18.32.137	geolocation.onetrust.com	United States	13335	CLOUDFLARENETUS	false
54.186.38.246	arya-1323461286.us-west-2.elb.amazonaws.com	United States	16509	AMAZON-02US	false
52.85.132.14	static-cdn.hotjar.com	United States	16509	AMAZON-02US	false
172.217.215.156	td.doubleclick.net	United States	15169	GOOGLEUS	false
104.19.178.52	unknown	United States	13335	CLOUDFLARENETUS	false
52.200.166.19	unknown	United States	14618	AMAZON-AESUS	false
172.64.155.119	unknown	United States	13335	CLOUDFLARENETUS	false
35.190.25.25	api.mixpanel.com	United States	15169	GOOGLEUS	false
52.45.52.13	q.quora.com	United States	14618	AMAZON-AESUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
99.84.191.81	script.hotjar.com	United States	16509	AMAZON-02US	false
13.107.213.51	part-0023.t-0009.t-msedge.net	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
142.251.15.138	analytics.google.com	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.4

General Information

Joe Sandbox version:	40.0.0 Tourmaline
Analysis ID:	1430579
Start date and time:	2024-04-23 22:26:54 +02:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 4m 5s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	browseurl.jbs
Sample URL:	https://na2.docusign.net/Member/EmailStart.aspx?a=a80ac213-4c4b-4d94-8447-7b8ec8afda1c&r=2c2e6bab-d126-49a4-9fae-66272ce3bf00
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	8
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	CLEAN
Classification:	clean0.win@22/301@60/19
EGA Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0
Cookbook Comments:	Browse: https://www.osler.com/ Browse: https://www.osler.com/en/home#main Browse: https://www.osler.com/en/about-us Browse: https://www.osler.com/en/contact-us Browse: https://www.osler.com/en/offices

Warnings

Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 142.250.105.94, 142.250.105.139, 142.250.105.101, 142.250.105.100, 142.250.105.102, 142.250.105.113, 142.250.105.138, 142.250.105.84, 34.104.35.123, 162.248.185.181, 23.223.31.252, 23.223.31.199, 184.25.164.153, 162.248.185.182, 64.233.177.95, 172.253.124.95, 173.194.219.95, 142.250.105.95, 74.125.136.95, 108.177.122.95, 142.251.15.95, 142.250.9.95, 172.217.215.95, 64.233.176.95, 74.125.138.95, 64.233.185.95, 40.127.169.103, 23.45.13.184, 23.45.13.176, 23.45.13.145, 23.45.13.185, 23.45.13.171, 192.229.211.108, 13.85.23.206, 52.165.164.15, 172.253.124.97, 162.159.153.247, 162.159.152.17, 13.107.21.237, 204.79.197.237, 74.125.136.102, 74.125.136.100, 74.125.136.101, 74.125.136.113, 74.125.136.138, 74.125.136.139, 173.194.219.97, 142.250.9.102, 142.250.9.113, 142.250.9.101, 142.250.9.139, 142.250.9.138, 142.250.9.100, 52.184.204.244, 20.110.205.119, 20.12.23.50, 13.85.23.86
Excluded domains from analysis (whitelisted): na2.docusign.net.akadns.net, bat-bing-com.dual-a-0034.a-msedge.net, slscr.update.microsoft.com, c-msn-com-nsatc.trafficmanager.net, clientservices.googleapis.com, a767.dspw65.akamai.net, a.quora.com.cdn.cloudflare.net, vmss-clarity-ingest-eus2-f.eastus2.cloudapp.azure.com, e5048.dsca.akamaiedge.net, a1737.b.akamai.net, clients2.google.com, ocsp.digicert.com, www.googletagmanager.com, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, bat.bing.com, update.googleapis.com, azurefd-t-prod.trafficmanager.net, glb.sls.prod.dcat.dsp.trafficmanager.net, www.google-analytics.com, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, ajax.googleapis.com, c-bing-com.dual-a-0034.a-msedge.net, na2-ch.docusign.net.akadns.net, ctldl.windowsupdate.com, docucdn-a.akamaihd.net.edgesuite.net, wu-bg-shim.trafficmanager.net, download.windowsupdate.com.edgesuite.net, fe3cr.delivery.mp.microsoft.com, ssl.google-analytics.com, fe
HTTPS proxy raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
Not all processes where analyzed, report is missing behavior information
Report size getting too big, too many NtSetInformationFile calls found.
VT rate limit hit for: https://na2.docusign.net/Member/EmailStart.aspx?a=a80ac213-4c4b-4d94-8447-7b8ec8afda1c&r=2c2e6bab-d126-49a4-9fae-66272ce3bf00

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with no line terminators
Category:	downloaded
Size (bytes):	16
Entropy (8bit):	3.75
Encrypted:	false
SSDEEP:	3:HFjRn:hRn
MD5:	C9785540787087E135E2E3256D4128E6
SHA1:	41BD40CDDBF7127B59A6D093F72D6EF7AC2E45D4
SHA-256:	ADB38815ED6BC0240FFD0E7299D9CFA5860D5C662C7C2B4DAE11EF97EC951B05
SHA-512:	6B30566B0D5AEA45E318E7FF711E7BD4873933FB61C438B3F3C1ED46D81BF2AA1AB5EAB72EE3E2577E5785DADB479670157A0332AE9775AFD18DA77FAB0005B2
Malicious:	false
Reputation:	low
URL:	https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISEAn3qRtDfMoshxIFDaLAi2s=?alt=proto
Preview:	CgkKBw2iwItrGgA=

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Apr 23, 2024 22:27:51.031783104 CEST	53	51902	1.1.1.1	192.168.2.4
Apr 23, 2024 22:27:51.068391085 CEST	53	53566	1.1.1.1	192.168.2.4
Apr 23, 2024 22:27:51.674998999 CEST	53	60050	1.1.1.1	192.168.2.4
Apr 23, 2024 22:27:51.889106989 CEST	49780	53	192.168.2.4	1.1.1.1
Apr 23, 2024 22:27:51.889384031 CEST	61996	53	192.168.2.4	1.1.1.1
Apr 23, 2024 22:27:53.776456118 CEST	62348	53	192.168.2.4	1.1.1.1
Apr 23, 2024 22:27:53.776702881 CEST	56279	53	192.168.2.4	1.1.1.1
Apr 23, 2024 22:27:53.881403923 CEST	53	62348	1.1.1.1	192.168.2.4
Apr 23, 2024 22:27:53.881664038 CEST	53	56279	1.1.1.1	192.168.2.4
Apr 23, 2024 22:27:54.000164986 CEST	57329	53	192.168.2.4	1.1.1.1
Apr 23, 2024 22:27:54.000333071 CEST	55888	53	192.168.2.4	1.1.1.1
Apr 23, 2024 22:27:54.001612902 CEST	64751	53	192.168.2.4	1.1.1.1
Apr 23, 2024 22:27:54.001899004 CEST	64992	53	192.168.2.4	1.1.1.1
Apr 23, 2024 22:27:54.108468056 CEST	53	64751	1.1.1.1	192.168.2.4
Apr 23, 2024 22:27:54.108623981 CEST	53	64992	1.1.1.1	192.168.2.4
Apr 23, 2024 22:27:54.593266010 CEST	59966	53	192.168.2.4	1.1.1.1
Apr 23, 2024 22:27:54.593755007 CEST	64343	53	192.168.2.4	1.1.1.1
Apr 23, 2024 22:27:54.760780096 CEST	61568	53	192.168.2.4	1.1.1.1
Apr 23, 2024 22:27:54.761460066 CEST	51225	53	192.168.2.4	1.1.1.1
Apr 23, 2024 22:27:54.866625071 CEST	53	51225	1.1.1.1	192.168.2.4
Apr 23, 2024 22:27:54.868191957 CEST	53	61568	1.1.1.1	192.168.2.4
Apr 23, 2024 22:27:56.017302990 CEST	62440	53	192.168.2.4	1.1.1.1
Apr 23, 2024 22:27:56.017302990 CEST	50555	53	192.168.2.4	1.1.1.1
Apr 23, 2024 22:27:56.122150898 CEST	53	62440	1.1.1.1	192.168.2.4
Apr 23, 2024 22:27:56.122165918 CEST	53	50555	1.1.1.1	192.168.2.4
Apr 23, 2024 22:27:59.549472094 CEST	58126	53	192.168.2.4	1.1.1.1
Apr 23, 2024 22:27:59.549869061 CEST	52809	53	192.168.2.4	1.1.1.1
Apr 23, 2024 22:28:00.265985012 CEST	53089	53	192.168.2.4	1.1.1.1
Apr 23, 2024 22:28:00.266494036 CEST	55479	53	192.168.2.4	1.1.1.1
Apr 23, 2024 22:28:00.297405005 CEST	64755	53	192.168.2.4	1.1.1.1
Apr 23, 2024 22:28:00.297610044 CEST	53108	53	192.168.2.4	1.1.1.1
Apr 23, 2024 22:28:02.473500967 CEST	53	57581	1.1.1.1	192.168.2.4
Apr 23, 2024 22:28:07.973135948 CEST	138	138	192.168.2.4	192.168.2.255
Apr 23, 2024 22:28:09.394845009 CEST	53	57388	1.1.1.1	192.168.2.4
Apr 23, 2024 22:28:19.161559105 CEST	64582	53	192.168.2.4	1.1.1.1
Apr 23, 2024 22:28:19.161679983 CEST	54508	53	192.168.2.4	1.1.1.1
Apr 23, 2024 22:28:20.719441891 CEST	63540	53	192.168.2.4	1.1.1.1
Apr 23, 2024 22:28:20.719825029 CEST	53361	53	192.168.2.4	1.1.1.1
Apr 23, 2024 22:28:20.824660063 CEST	53	63540	1.1.1.1	192.168.2.4
Apr 23, 2024 22:28:20.825059891 CEST	53	53361	1.1.1.1	192.168.2.4
Apr 23, 2024 22:28:21.824724913 CEST	50050	53	192.168.2.4	1.1.1.1
Apr 23, 2024 22:28:21.825193882 CEST	51722	53	192.168.2.4	1.1.1.1
Apr 23, 2024 22:28:21.828212976 CEST	64794	53	192.168.2.4	1.1.1.1
Apr 23, 2024 22:28:21.828366995 CEST	56562	53	192.168.2.4	1.1.1.1
Apr 23, 2024 22:28:21.929795027 CEST	53	51722	1.1.1.1	192.168.2.4
Apr 23, 2024 22:28:21.930294037 CEST	53	50050	1.1.1.1	192.168.2.4
Apr 23, 2024 22:28:21.933558941 CEST	53	56562	1.1.1.1	192.168.2.4
Apr 23, 2024 22:28:21.935313940 CEST	53	64794	1.1.1.1	192.168.2.4
Apr 23, 2024 22:28:21.968058109 CEST	53	54945	1.1.1.1	192.168.2.4
Apr 23, 2024 22:28:21.969948053 CEST	53	57093	1.1.1.1	192.168.2.4
Apr 23, 2024 22:28:22.170758009 CEST	59242	53	192.168.2.4	1.1.1.1
Apr 23, 2024 22:28:22.171051979 CEST	53578	53	192.168.2.4	1.1.1.1
Apr 23, 2024 22:28:22.429497004 CEST	57235	53	192.168.2.4	1.1.1.1
Apr 23, 2024 22:28:22.429636002 CEST	53971	53	192.168.2.4	1.1.1.1
Apr 23, 2024 22:28:22.534487009 CEST	53	57235	1.1.1.1	192.168.2.4
Apr 23, 2024 22:28:22.536289930 CEST	53	53971	1.1.1.1	192.168.2.4
Apr 23, 2024 22:28:23.041984081 CEST	63197	53	192.168.2.4	1.1.1.1
Apr 23, 2024 22:28:23.042268038 CEST	56630	53	192.168.2.4	1.1.1.1
Apr 23, 2024 22:28:23.045011997 CEST	56395	53	192.168.2.4	1.1.1.1
Apr 23, 2024 22:28:23.045156956 CEST	50017	53	192.168.2.4	1.1.1.1
Apr 23, 2024 22:28:23.072580099 CEST	64124	53	192.168.2.4	1.1.1.1
Apr 23, 2024 22:28:23.072777033 CEST	54634	53	192.168.2.4	1.1.1.1
Apr 23, 2024 22:28:23.150547028 CEST	53	50017	1.1.1.1	192.168.2.4
Apr 23, 2024 22:28:23.150701046 CEST	53	56395	1.1.1.1	192.168.2.4
Apr 23, 2024 22:28:23.174252987 CEST	53	60011	1.1.1.1	192.168.2.4
Apr 23, 2024 22:28:23.175471067 CEST	53	53706	1.1.1.1	192.168.2.4
Apr 23, 2024 22:28:23.177613974 CEST	53	64124	1.1.1.1	192.168.2.4
Apr 23, 2024 22:28:23.197045088 CEST	53	54634	1.1.1.1	192.168.2.4
Apr 23, 2024 22:28:23.654593945 CEST	63304	53	192.168.2.4	1.1.1.1
Apr 23, 2024 22:28:23.654872894 CEST	57020	53	192.168.2.4	1.1.1.1
Apr 23, 2024 22:28:23.760298014 CEST	53	63304	1.1.1.1	192.168.2.4
Apr 23, 2024 22:28:23.760783911 CEST	53	57020	1.1.1.1	192.168.2.4
Apr 23, 2024 22:28:23.873759031 CEST	62060	53	192.168.2.4	1.1.1.1
Apr 23, 2024 22:28:23.873887062 CEST	54621	53	192.168.2.4	1.1.1.1
Apr 23, 2024 22:28:23.979094028 CEST	53	62060	1.1.1.1	192.168.2.4
Apr 23, 2024 22:28:23.979137897 CEST	53	54621	1.1.1.1	192.168.2.4
Apr 23, 2024 22:28:24.058386087 CEST	50989	53	192.168.2.4	1.1.1.1
Apr 23, 2024 22:28:24.058532953 CEST	50890	53	192.168.2.4	1.1.1.1
Apr 23, 2024 22:28:24.059093952 CEST	56916	53	192.168.2.4	1.1.1.1
Apr 23, 2024 22:28:24.059535027 CEST	59717	53	192.168.2.4	1.1.1.1
Apr 23, 2024 22:28:24.084196091 CEST	55959	53	192.168.2.4	1.1.1.1
Apr 23, 2024 22:28:24.084335089 CEST	57702	53	192.168.2.4	1.1.1.1
Apr 23, 2024 22:28:24.163414001 CEST	53	50989	1.1.1.1	192.168.2.4
Apr 23, 2024 22:28:24.163475037 CEST	53	50890	1.1.1.1	192.168.2.4
Apr 23, 2024 22:28:24.163928032 CEST	53	56916	1.1.1.1	192.168.2.4
Apr 23, 2024 22:28:24.164248943 CEST	53	59717	1.1.1.1	192.168.2.4
Apr 23, 2024 22:28:24.179017067 CEST	52109	53	192.168.2.4	1.1.1.1
Apr 23, 2024 22:28:24.179197073 CEST	65275	53	192.168.2.4	1.1.1.1
Apr 23, 2024 22:28:24.189511061 CEST	53	55959	1.1.1.1	192.168.2.4
Apr 23, 2024 22:28:24.189647913 CEST	53	57702	1.1.1.1	192.168.2.4
Apr 23, 2024 22:28:24.222574949 CEST	53	59606	1.1.1.1	192.168.2.4
Apr 23, 2024 22:28:24.392930984 CEST	53	56848	1.1.1.1	192.168.2.4
Apr 23, 2024 22:28:26.438774109 CEST	62132	53	192.168.2.4	1.1.1.1
Apr 23, 2024 22:28:26.438874006 CEST	52610	53	192.168.2.4	1.1.1.1
Apr 23, 2024 22:28:26.478614092 CEST	55385	53	192.168.2.4	1.1.1.1
Apr 23, 2024 22:28:26.478950977 CEST	56453	53	192.168.2.4	1.1.1.1
Apr 23, 2024 22:28:26.545591116 CEST	53	52610	1.1.1.1	192.168.2.4
Apr 23, 2024 22:28:26.588042021 CEST	53	56453	1.1.1.1	192.168.2.4
Apr 23, 2024 22:28:26.878587008 CEST	53	53422	1.1.1.1	192.168.2.4
Apr 23, 2024 22:28:28.311301947 CEST	53	54661	1.1.1.1	192.168.2.4
Apr 23, 2024 22:28:29.181853056 CEST	50358	53	192.168.2.4	1.1.1.1
Apr 23, 2024 22:28:29.182645082 CEST	53297	53	192.168.2.4	1.1.1.1
Apr 23, 2024 22:28:29.288846970 CEST	53	53297	1.1.1.1	192.168.2.4
Apr 23, 2024 22:28:49.799587965 CEST	53	51228	1.1.1.1	192.168.2.4
Apr 23, 2024 22:28:52.902920961 CEST	53	50182	1.1.1.1	192.168.2.4
Apr 23, 2024 22:29:02.607659101 CEST	57151	53	192.168.2.4	1.1.1.1
Apr 23, 2024 22:29:02.608603001 CEST	54494	53	192.168.2.4	1.1.1.1
Apr 23, 2024 22:29:03.358707905 CEST	61938	53	192.168.2.4	1.1.1.1
Apr 23, 2024 22:29:03.358916044 CEST	51238	53	192.168.2.4	1.1.1.1

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class	DNS over HTTPS
Apr 23, 2024 22:27:51.995122910 CEST	1.1.1.1	192.168.2.4	0xbaa8	No error (0)	na2.docusign.net	na2.docusign.net.akadns.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 23, 2024 22:27:51.996400118 CEST	1.1.1.1	192.168.2.4	0x5fba	No error (0)	na2.docusign.net	na2.docusign.net.akadns.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 23, 2024 22:27:53.881403923 CEST	1.1.1.1	192.168.2.4	0x89ef	No error (0)	www.google.com		74.125.136.106	A (IP address)	IN (0x0001)	false
Apr 23, 2024 22:27:53.881403923 CEST	1.1.1.1	192.168.2.4	0x89ef	No error (0)	www.google.com		74.125.136.147	A (IP address)	IN (0x0001)	false
Apr 23, 2024 22:27:53.881403923 CEST	1.1.1.1	192.168.2.4	0x89ef	No error (0)	www.google.com		74.125.136.105	A (IP address)	IN (0x0001)	false
Apr 23, 2024 22:27:53.881403923 CEST	1.1.1.1	192.168.2.4	0x89ef	No error (0)	www.google.com		74.125.136.104	A (IP address)	IN (0x0001)	false
Apr 23, 2024 22:27:53.881403923 CEST	1.1.1.1	192.168.2.4	0x89ef	No error (0)	www.google.com		74.125.136.99	A (IP address)	IN (0x0001)	false
Apr 23, 2024 22:27:53.881403923 CEST	1.1.1.1	192.168.2.4	0x89ef	No error (0)	www.google.com		74.125.136.103	A (IP address)	IN (0x0001)	false
Apr 23, 2024 22:27:53.881664038 CEST	1.1.1.1	192.168.2.4	0x862a	No error (0)	www.google.com			65	IN (0x0001)	false
Apr 23, 2024 22:27:54.106678963 CEST	1.1.1.1	192.168.2.4	0x782e	No error (0)	docucdn-a.akamaihd.net	docucdn-a.akamaihd.net.edgesuite.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 23, 2024 22:27:54.107203007 CEST	1.1.1.1	192.168.2.4	0xdaa3	No error (0)	docucdn-a.akamaihd.net	docucdn-a.akamaihd.net.edgesuite.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 23, 2024 22:27:54.108468056 CEST	1.1.1.1	192.168.2.4	0x45e3	No error (0)	a.docusign.com	arya-1323461286.us-west-2.elb.amazonaws.com		CNAME (Canonical name)	IN (0x0001)	false
Apr 23, 2024 22:27:54.108468056 CEST	1.1.1.1	192.168.2.4	0x45e3	No error (0)	arya-1323461286.us-west-2.elb.amazonaws.com		54.186.38.246	A (IP address)	IN (0x0001)	false
Apr 23, 2024 22:27:54.108468056 CEST	1.1.1.1	192.168.2.4	0x45e3	No error (0)	arya-1323461286.us-west-2.elb.amazonaws.com		35.162.217.246	A (IP address)	IN (0x0001)	false
Apr 23, 2024 22:27:54.108468056 CEST	1.1.1.1	192.168.2.4	0x45e3	No error (0)	arya-1323461286.us-west-2.elb.amazonaws.com		54.148.51.66	A (IP address)	IN (0x0001)	false
Apr 23, 2024 22:27:54.108623981 CEST	1.1.1.1	192.168.2.4	0xc6fa	No error (0)	a.docusign.com	arya-1323461286.us-west-2.elb.amazonaws.com		CNAME (Canonical name)	IN (0x0001)	false
Apr 23, 2024 22:27:54.698997021 CEST	1.1.1.1	192.168.2.4	0x3cf	No error (0)	docucdn-a.akamaihd.net	docucdn-a.akamaihd.net.edgesuite.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 23, 2024 22:27:54.699796915 CEST	1.1.1.1	192.168.2.4	0xc9a4	No error (0)	docucdn-a.akamaihd.net	docucdn-a.akamaihd.net.edgesuite.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 23, 2024 22:27:54.868191957 CEST	1.1.1.1	192.168.2.4	0x698d	No error (0)	api.mixpanel.com		35.190.25.25	A (IP address)	IN (0x0001)	false
Apr 23, 2024 22:27:54.868191957 CEST	1.1.1.1	192.168.2.4	0x698d	No error (0)	api.mixpanel.com		35.186.241.51	A (IP address)	IN (0x0001)	false
Apr 23, 2024 22:27:54.868191957 CEST	1.1.1.1	192.168.2.4	0x698d	No error (0)	api.mixpanel.com		107.178.240.159	A (IP address)	IN (0x0001)	false
Apr 23, 2024 22:27:54.868191957 CEST	1.1.1.1	192.168.2.4	0x698d	No error (0)	api.mixpanel.com		130.211.34.183	A (IP address)	IN (0x0001)	false
Apr 23, 2024 22:27:56.122150898 CEST	1.1.1.1	192.168.2.4	0xd2c6	No error (0)	api.mixpanel.com		35.186.241.51	A (IP address)	IN (0x0001)	false
Apr 23, 2024 22:27:56.122150898 CEST	1.1.1.1	192.168.2.4	0xd2c6	No error (0)	api.mixpanel.com		107.178.240.159	A (IP address)	IN (0x0001)	false
Apr 23, 2024 22:27:56.122150898 CEST	1.1.1.1	192.168.2.4	0xd2c6	No error (0)	api.mixpanel.com		35.190.25.25	A (IP address)	IN (0x0001)	false
Apr 23, 2024 22:27:56.122150898 CEST	1.1.1.1	192.168.2.4	0xd2c6	No error (0)	api.mixpanel.com		130.211.34.183	A (IP address)	IN (0x0001)	false
Apr 23, 2024 22:27:59.654355049 CEST	1.1.1.1	192.168.2.4	0x26e8	No error (0)	cdn.optimizely.com	cdn.o6.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 23, 2024 22:27:59.656064034 CEST	1.1.1.1	192.168.2.4	0x72d8	No error (0)	cdn.optimizely.com	cdn.o6.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 23, 2024 22:28:00.373120070 CEST	1.1.1.1	192.168.2.4	0x5afd	No error (0)	na2.docusign.net	na2.docusign.net.akadns.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 23, 2024 22:28:00.373415947 CEST	1.1.1.1	192.168.2.4	0x3600	No error (0)	na2.docusign.net	na2.docusign.net.akadns.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 23, 2024 22:28:00.402604103 CEST	1.1.1.1	192.168.2.4	0x5eb2	No error (0)	cdn.optimizely.com	cdn.o6.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 23, 2024 22:28:00.403568983 CEST	1.1.1.1	192.168.2.4	0x5c3d	No error (0)	cdn.optimizely.com	cdn.o6.edgekey.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 23, 2024 22:28:07.173983097 CEST	1.1.1.1	192.168.2.4	0x7d4a	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 23, 2024 22:28:07.173983097 CEST	1.1.1.1	192.168.2.4	0x7d4a	No error (0)	fp2e7a.wpc.phicdn.net		192.229.211.108	A (IP address)	IN (0x0001)	false
Apr 23, 2024 22:28:19.341131926 CEST	1.1.1.1	192.168.2.4	0xd38f	No error (0)	www.osler.com	prodoslercom.azurefd.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 23, 2024 22:28:19.341131926 CEST	1.1.1.1	192.168.2.4	0xd38f	No error (0)	prodoslercom.azurefd.net	azurefd-t-prod.trafficmanager.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 23, 2024 22:28:19.354526043 CEST	1.1.1.1	192.168.2.4	0x8c27	No error (0)	www.osler.com	prodoslercom.azurefd.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 23, 2024 22:28:19.354526043 CEST	1.1.1.1	192.168.2.4	0x8c27	No error (0)	prodoslercom.azurefd.net	azurefd-t-prod.trafficmanager.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 23, 2024 22:28:19.354526043 CEST	1.1.1.1	192.168.2.4	0x8c27	No error (0)	shed.dual-low.part-0013.t-0009.t-msedge.net	part-0013.t-0009.t-msedge.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 23, 2024 22:28:19.354526043 CEST	1.1.1.1	192.168.2.4	0x8c27	No error (0)	part-0013.t-0009.t-msedge.net		13.107.246.41	A (IP address)	IN (0x0001)	false
Apr 23, 2024 22:28:19.354526043 CEST	1.1.1.1	192.168.2.4	0x8c27	No error (0)	part-0013.t-0009.t-msedge.net		13.107.213.41	A (IP address)	IN (0x0001)	false
Apr 23, 2024 22:28:19.491473913 CEST	1.1.1.1	192.168.2.4	0x1067	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 23, 2024 22:28:19.491473913 CEST	1.1.1.1	192.168.2.4	0x1067	No error (0)	fp2e7a.wpc.phicdn.net		192.229.211.108	A (IP address)	IN (0x0001)	false
Apr 23, 2024 22:28:20.824660063 CEST	1.1.1.1	192.168.2.4	0xfba5	No error (0)	cdn.cookielaw.org		104.19.177.52	A (IP address)	IN (0x0001)	false
Apr 23, 2024 22:28:20.824660063 CEST	1.1.1.1	192.168.2.4	0xfba5	No error (0)	cdn.cookielaw.org		104.19.178.52	A (IP address)	IN (0x0001)	false
Apr 23, 2024 22:28:20.825059891 CEST	1.1.1.1	192.168.2.4	0x22a8	No error (0)	cdn.cookielaw.org			65	IN (0x0001)	false
Apr 23, 2024 22:28:21.929795027 CEST	1.1.1.1	192.168.2.4	0xbc8c	No error (0)	geolocation.onetrust.com			65	IN (0x0001)	false
Apr 23, 2024 22:28:21.930294037 CEST	1.1.1.1	192.168.2.4	0x6a55	No error (0)	geolocation.onetrust.com		104.18.32.137	A (IP address)	IN (0x0001)	false
Apr 23, 2024 22:28:21.930294037 CEST	1.1.1.1	192.168.2.4	0x6a55	No error (0)	geolocation.onetrust.com		172.64.155.119	A (IP address)	IN (0x0001)	false
Apr 23, 2024 22:28:21.933558941 CEST	1.1.1.1	192.168.2.4	0xbcb9	No error (0)	cdn.cookielaw.org			65	IN (0x0001)	false
Apr 23, 2024 22:28:21.935313940 CEST	1.1.1.1	192.168.2.4	0x8287	No error (0)	cdn.cookielaw.org		104.19.178.52	A (IP address)	IN (0x0001)	false
Apr 23, 2024 22:28:21.935313940 CEST	1.1.1.1	192.168.2.4	0x8287	No error (0)	cdn.cookielaw.org		104.19.177.52	A (IP address)	IN (0x0001)	false
Apr 23, 2024 22:28:22.377135038 CEST	1.1.1.1	192.168.2.4	0x231f	No error (0)	www.osler.com	prodoslercom.azurefd.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 23, 2024 22:28:22.377135038 CEST	1.1.1.1	192.168.2.4	0x231f	No error (0)	prodoslercom.azurefd.net	azurefd-t-prod.trafficmanager.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 23, 2024 22:28:22.393066883 CEST	1.1.1.1	192.168.2.4	0x9e02	No error (0)	www.osler.com	prodoslercom.azurefd.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 23, 2024 22:28:22.393066883 CEST	1.1.1.1	192.168.2.4	0x9e02	No error (0)	prodoslercom.azurefd.net	azurefd-t-prod.trafficmanager.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 23, 2024 22:28:22.393066883 CEST	1.1.1.1	192.168.2.4	0x9e02	No error (0)	shed.dual-low.part-0013.t-0009.t-msedge.net	part-0013.t-0009.t-msedge.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 23, 2024 22:28:22.393066883 CEST	1.1.1.1	192.168.2.4	0x9e02	No error (0)	part-0013.t-0009.t-msedge.net		13.107.246.41	A (IP address)	IN (0x0001)	false
Apr 23, 2024 22:28:22.393066883 CEST	1.1.1.1	192.168.2.4	0x9e02	No error (0)	part-0013.t-0009.t-msedge.net		13.107.213.41	A (IP address)	IN (0x0001)	false
Apr 23, 2024 22:28:22.534487009 CEST	1.1.1.1	192.168.2.4	0x57a	No error (0)	geolocation.onetrust.com		172.64.155.119	A (IP address)	IN (0x0001)	false
Apr 23, 2024 22:28:22.534487009 CEST	1.1.1.1	192.168.2.4	0x57a	No error (0)	geolocation.onetrust.com		104.18.32.137	A (IP address)	IN (0x0001)	false
Apr 23, 2024 22:28:22.536289930 CEST	1.1.1.1	192.168.2.4	0xc2e6	No error (0)	geolocation.onetrust.com			65	IN (0x0001)	false
Apr 23, 2024 22:28:23.147561073 CEST	1.1.1.1	192.168.2.4	0x569	No error (0)	a.quora.com	a.quora.com.cdn.cloudflare.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 23, 2024 22:28:23.150562048 CEST	1.1.1.1	192.168.2.4	0x2299	No error (0)	a.quora.com	a.quora.com.cdn.cloudflare.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 23, 2024 22:28:23.150701046 CEST	1.1.1.1	192.168.2.4	0x6a2b	No error (0)	q.quora.com		52.45.52.13	A (IP address)	IN (0x0001)	false
Apr 23, 2024 22:28:23.150701046 CEST	1.1.1.1	192.168.2.4	0x6a2b	No error (0)	q.quora.com		52.200.166.19	A (IP address)	IN (0x0001)	false
Apr 23, 2024 22:28:23.150701046 CEST	1.1.1.1	192.168.2.4	0x6a2b	No error (0)	q.quora.com		52.200.154.95	A (IP address)	IN (0x0001)	false
Apr 23, 2024 22:28:23.150701046 CEST	1.1.1.1	192.168.2.4	0x6a2b	No error (0)	q.quora.com		52.3.212.252	A (IP address)	IN (0x0001)	false
Apr 23, 2024 22:28:23.150701046 CEST	1.1.1.1	192.168.2.4	0x6a2b	No error (0)	q.quora.com		52.21.40.167	A (IP address)	IN (0x0001)	false
Apr 23, 2024 22:28:23.177613974 CEST	1.1.1.1	192.168.2.4	0x8b72	No error (0)	static.hotjar.com	static-cdn.hotjar.com		CNAME (Canonical name)	IN (0x0001)	false
Apr 23, 2024 22:28:23.177613974 CEST	1.1.1.1	192.168.2.4	0x8b72	No error (0)	static-cdn.hotjar.com		52.85.132.14	A (IP address)	IN (0x0001)	false
Apr 23, 2024 22:28:23.177613974 CEST	1.1.1.1	192.168.2.4	0x8b72	No error (0)	static-cdn.hotjar.com		52.85.132.25	A (IP address)	IN (0x0001)	false
Apr 23, 2024 22:28:23.177613974 CEST	1.1.1.1	192.168.2.4	0x8b72	No error (0)	static-cdn.hotjar.com		52.85.132.15	A (IP address)	IN (0x0001)	false
Apr 23, 2024 22:28:23.177613974 CEST	1.1.1.1	192.168.2.4	0x8b72	No error (0)	static-cdn.hotjar.com		52.85.132.5	A (IP address)	IN (0x0001)	false
Apr 23, 2024 22:28:23.197045088 CEST	1.1.1.1	192.168.2.4	0xd80	No error (0)	static.hotjar.com	static-cdn.hotjar.com		CNAME (Canonical name)	IN (0x0001)	false
Apr 23, 2024 22:28:23.760298014 CEST	1.1.1.1	192.168.2.4	0x12aa	No error (0)	q.quora.com		52.200.166.19	A (IP address)	IN (0x0001)	false
Apr 23, 2024 22:28:23.760298014 CEST	1.1.1.1	192.168.2.4	0x12aa	No error (0)	q.quora.com		52.21.40.167	A (IP address)	IN (0x0001)	false
Apr 23, 2024 22:28:23.760298014 CEST	1.1.1.1	192.168.2.4	0x12aa	No error (0)	q.quora.com		52.3.212.252	A (IP address)	IN (0x0001)	false
Apr 23, 2024 22:28:23.760298014 CEST	1.1.1.1	192.168.2.4	0x12aa	No error (0)	q.quora.com		52.200.154.95	A (IP address)	IN (0x0001)	false
Apr 23, 2024 22:28:23.760298014 CEST	1.1.1.1	192.168.2.4	0x12aa	No error (0)	q.quora.com		52.45.52.13	A (IP address)	IN (0x0001)	false
Apr 23, 2024 22:28:23.979094028 CEST	1.1.1.1	192.168.2.4	0xe37	No error (0)	script.hotjar.com		99.84.191.81	A (IP address)	IN (0x0001)	false
Apr 23, 2024 22:28:23.979094028 CEST	1.1.1.1	192.168.2.4	0xe37	No error (0)	script.hotjar.com		99.84.191.41	A (IP address)	IN (0x0001)	false
Apr 23, 2024 22:28:23.979094028 CEST	1.1.1.1	192.168.2.4	0xe37	No error (0)	script.hotjar.com		99.84.191.43	A (IP address)	IN (0x0001)	false
Apr 23, 2024 22:28:23.979094028 CEST	1.1.1.1	192.168.2.4	0xe37	No error (0)	script.hotjar.com		99.84.191.77	A (IP address)	IN (0x0001)	false
Apr 23, 2024 22:28:24.163414001 CEST	1.1.1.1	192.168.2.4	0xcdc8	No error (0)	analytics.google.com		142.251.15.138	A (IP address)	IN (0x0001)	false
Apr 23, 2024 22:28:24.163414001 CEST	1.1.1.1	192.168.2.4	0xcdc8	No error (0)	analytics.google.com		142.251.15.102	A (IP address)	IN (0x0001)	false
Apr 23, 2024 22:28:24.163414001 CEST	1.1.1.1	192.168.2.4	0xcdc8	No error (0)	analytics.google.com		142.251.15.139	A (IP address)	IN (0x0001)	false
Apr 23, 2024 22:28:24.163414001 CEST	1.1.1.1	192.168.2.4	0xcdc8	No error (0)	analytics.google.com		142.251.15.113	A (IP address)	IN (0x0001)	false
Apr 23, 2024 22:28:24.163414001 CEST	1.1.1.1	192.168.2.4	0xcdc8	No error (0)	analytics.google.com		142.251.15.100	A (IP address)	IN (0x0001)	false
Apr 23, 2024 22:28:24.163414001 CEST	1.1.1.1	192.168.2.4	0xcdc8	No error (0)	analytics.google.com		142.251.15.101	A (IP address)	IN (0x0001)	false
Apr 23, 2024 22:28:24.163928032 CEST	1.1.1.1	192.168.2.4	0xc441	No error (0)	stats.g.doubleclick.net		74.125.138.157	A (IP address)	IN (0x0001)	false
Apr 23, 2024 22:28:24.163928032 CEST	1.1.1.1	192.168.2.4	0xc441	No error (0)	stats.g.doubleclick.net		74.125.138.156	A (IP address)	IN (0x0001)	false
Apr 23, 2024 22:28:24.163928032 CEST	1.1.1.1	192.168.2.4	0xc441	No error (0)	stats.g.doubleclick.net		74.125.138.154	A (IP address)	IN (0x0001)	false
Apr 23, 2024 22:28:24.163928032 CEST	1.1.1.1	192.168.2.4	0xc441	No error (0)	stats.g.doubleclick.net		74.125.138.155	A (IP address)	IN (0x0001)	false
Apr 23, 2024 22:28:24.189511061 CEST	1.1.1.1	192.168.2.4	0x7962	No error (0)	td.doubleclick.net		172.217.215.156	A (IP address)	IN (0x0001)	false
Apr 23, 2024 22:28:24.189511061 CEST	1.1.1.1	192.168.2.4	0x7962	No error (0)	td.doubleclick.net		172.217.215.154	A (IP address)	IN (0x0001)	false
Apr 23, 2024 22:28:24.189511061 CEST	1.1.1.1	192.168.2.4	0x7962	No error (0)	td.doubleclick.net		172.217.215.155	A (IP address)	IN (0x0001)	false
Apr 23, 2024 22:28:24.189511061 CEST	1.1.1.1	192.168.2.4	0x7962	No error (0)	td.doubleclick.net		172.217.215.157	A (IP address)	IN (0x0001)	false
Apr 23, 2024 22:28:24.284039974 CEST	1.1.1.1	192.168.2.4	0x6bb2	No error (0)	www.clarity.ms	clarity.azurefd.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 23, 2024 22:28:24.284039974 CEST	1.1.1.1	192.168.2.4	0x6bb2	No error (0)	clarity.azurefd.net	azurefd-t-prod.trafficmanager.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 23, 2024 22:28:24.284039974 CEST	1.1.1.1	192.168.2.4	0x6bb2	No error (0)	shed.dual-low.part-0023.t-0009.t-msedge.net	part-0023.t-0009.t-msedge.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 23, 2024 22:28:24.284039974 CEST	1.1.1.1	192.168.2.4	0x6bb2	No error (0)	part-0023.t-0009.t-msedge.net		13.107.213.51	A (IP address)	IN (0x0001)	false
Apr 23, 2024 22:28:24.284039974 CEST	1.1.1.1	192.168.2.4	0x6bb2	No error (0)	part-0023.t-0009.t-msedge.net		13.107.246.51	A (IP address)	IN (0x0001)	false
Apr 23, 2024 22:28:24.284591913 CEST	1.1.1.1	192.168.2.4	0x3e9d	No error (0)	www.clarity.ms	clarity.azurefd.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 23, 2024 22:28:24.284591913 CEST	1.1.1.1	192.168.2.4	0x3e9d	No error (0)	clarity.azurefd.net	azurefd-t-prod.trafficmanager.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 23, 2024 22:28:26.544935942 CEST	1.1.1.1	192.168.2.4	0x5e06	No error (0)	n.clarity.ms	vmss-clarity-ingest-eus2-f.eastus2.cloudapp.azure.com		CNAME (Canonical name)	IN (0x0001)	false
Apr 23, 2024 22:28:26.545591116 CEST	1.1.1.1	192.168.2.4	0x53da	No error (0)	n.clarity.ms	vmss-clarity-ingest-eus2-f.eastus2.cloudapp.azure.com		CNAME (Canonical name)	IN (0x0001)	false
Apr 23, 2024 22:28:26.584449053 CEST	1.1.1.1	192.168.2.4	0xbc7e	No error (0)	c.clarity.ms	c.msn.com		CNAME (Canonical name)	IN (0x0001)	false
Apr 23, 2024 22:28:26.584449053 CEST	1.1.1.1	192.168.2.4	0xbc7e	No error (0)	c.msn.com	c-msn-com-nsatc.trafficmanager.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 23, 2024 22:28:26.588042021 CEST	1.1.1.1	192.168.2.4	0xa140	No error (0)	c.clarity.ms	c.msn.com		CNAME (Canonical name)	IN (0x0001)	false
Apr 23, 2024 22:28:26.588042021 CEST	1.1.1.1	192.168.2.4	0xa140	No error (0)	c.msn.com	c-msn-com-nsatc.trafficmanager.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 23, 2024 22:28:29.286942959 CEST	1.1.1.1	192.168.2.4	0xe63c	No error (0)	c.clarity.ms	c.msn.com		CNAME (Canonical name)	IN (0x0001)	false
Apr 23, 2024 22:28:29.286942959 CEST	1.1.1.1	192.168.2.4	0xe63c	No error (0)	c.msn.com	c-msn-com-nsatc.trafficmanager.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 23, 2024 22:28:29.288846970 CEST	1.1.1.1	192.168.2.4	0x2ddb	No error (0)	c.clarity.ms	c.msn.com		CNAME (Canonical name)	IN (0x0001)	false
Apr 23, 2024 22:28:29.288846970 CEST	1.1.1.1	192.168.2.4	0x2ddb	No error (0)	c.msn.com	c-msn-com-nsatc.trafficmanager.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 23, 2024 22:28:44.704142094 CEST	1.1.1.1	192.168.2.4	0x1356	No error (0)	fp2e7a.wpc.2be4.phicdn.net	fp2e7a.wpc.phicdn.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 23, 2024 22:28:44.704142094 CEST	1.1.1.1	192.168.2.4	0x1356	No error (0)	fp2e7a.wpc.phicdn.net		192.229.211.108	A (IP address)	IN (0x0001)	false
Apr 23, 2024 22:29:02.713659048 CEST	1.1.1.1	192.168.2.4	0x30f4	No error (0)	na2.docusign.net	na2.docusign.net.akadns.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 23, 2024 22:29:02.714306116 CEST	1.1.1.1	192.168.2.4	0x3bf3	No error (0)	na2.docusign.net	na2.docusign.net.akadns.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 23, 2024 22:29:03.464894056 CEST	1.1.1.1	192.168.2.4	0xb15b	No error (0)	na2.docusign.net	na2.docusign.net.akadns.net		CNAME (Canonical name)	IN (0x0001)	false
Apr 23, 2024 22:29:03.465152979 CEST	1.1.1.1	192.168.2.4	0xa947	No error (0)	na2.docusign.net	na2.docusign.net.akadns.net		CNAME (Canonical name)	IN (0x0001)	false

Timestamp	Bytes transferred	Direction	Data
2024-04-23 20:27:54 UTC	540	OUT	GET /ds_arya_wrapper.min.js?f=1 HTTP/1.1 Host: a.docusign.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://na2.docusign.net/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-23 20:27:54 UTC	313	IN	HTTP/1.1 200 OK Date: Tue, 23 Apr 2024 20:27:54 GMT Content-Length: 631 Connection: close Server: DS-Arya Expires: Wed, 24 Apr 2024 20:27:54 GMT Cache-Control: max-age=86400 Set-Cookie: ds_a=1d8157cd-e01d-4aa0-9aec-ad2dbb46f761;Domain=.docusign.com;Max-Age=63072000;SameSite=None;Secure;Path=/;HttpOnly
2024-04-23 20:27:54 UTC	631	IN	Data Raw: 28 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 75 3d 74 68 69 73 3b 21 66 75 6e 63 74 69 6f 6e 28 6e 2c 74 2c 69 2c 66 2c 72 2c 65 2c 6f 29 7b 69 66 28 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 64 65 66 69 6e 65 26 26 64 65 66 69 6e 65 2e 61 6d 64 29 72 65 74 75 72 6e 20 64 65 66 69 6e 65 28 6f 29 3b 66 26 26 66 5b 72 5d 3f 66 5b 72 5d 3d 6f 28 6e 2c 30 2c 21 30 2c 66 2c 72 2c 65 29 3a 75 5b 6e 5d 3d 6f 28 6e 2c 30 2c 21 30 2c 66 2c 72 2c 65 29 7d 28 22 44 53 5f 41 72 79 61 22 2c 30 2c 30 2c 75 2e 6d 6f 64 75 6c 65 2c 22 65 78 70 6f 72 74 73 22 2c 22 6c 65 6e 67 74 68 22 2c 66 75 6e 63 74 69 6f 6e 28 74 2c 69 2c 6e 2c 66 2c 72 2c 65 2c 6f 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 76 61 72 20 75 3d 7b 7d 2c 63 3d 28 73 28 66 75 6e 63 74 Data Ascii: (function(){var u=this;!function(n,t,i,f,r,e,o){if("function"==typeof define&&define.amd)return define(o);f&&f[r]?f[r]=o(n,0,!0,f,r,e):u[n]=o(n,0,!0,f,r,e)}("DS_Arya",0,0,u.module,"exports","length",function(t,i,n,f,r,e,o){"use strict";var u={},c=(s(funct

Timestamp	Bytes transferred	Direction	Data
2024-04-23 20:27:55 UTC	1091	OUT	GET /track/?data=eyJldmVudCI6ICJtcF9wYWdlX3ZpZXciLCJwcm9wZXJ0aWVzIjogeyIkb3MiOiAiV2luZG93cyIsIiRicm93c2VyIjogIkNocm9tZSIsIiRzY3JlZW5faGVpZ2h0IjogMTAyNCwiJHNjcmVlbl93aWR0aCI6IDEyODAsIm1wX2xpYiI6ICJ3ZWIiLCJkaXN0aW5jdF9pZCI6ICIxOGYwY2E0YmUyYzExOC0wOTNkMGRiY2RmYWYwNS0yNjAzMWU1MS0xNDAwMDAtMThmMGNhNGJlMmQxNzEiLCIkaW5pdGlhbF9yZWZlcnJpbmdfZG9tYWluIjogIiRkaXJlY3QiLCJtcF9wYWdlIjogIm5hMi5kb2N1c2lnbi5uZXQiLCJtcF9icm93c2VyIjogIkNocm9tZSIsIm1wX3BsYXRmb3JtIjogIldpbmRvd3MiLCJ0b2tlbiI6ICIzMDRjY2JkZTI0ZDNiMTVmZmUyZDVkZTMwYzEwZGFiMiJ9fQ%3D%3D&ip=1&_=1713904074295 HTTP/1.1 Host: api.mixpanel.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Origin: https://na2.docusign.net Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://na2.docusign.net/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-23 20:27:55 UTC	579	IN	HTTP/1.1 200 OK access-control-allow-credentials: true access-control-allow-headers: X-Requested-With access-control-allow-methods: GET, POST, OPTIONS access-control-allow-origin: https://na2.docusign.net access-control-expose-headers: X-MP-CE-Backoff access-control-max-age: 1728000 cache-control: no-cache, no-store content-type: application/json strict-transport-security: max-age=604800; includeSubDomains date: Tue, 23 Apr 2024 20:27:55 GMT Content-Length: 1 x-envoy-upstream-service-time: 0 server: envoy Via: 1.1 google Alt-Svc: clear Connection: close
2024-04-23 20:27:55 UTC	1	IN	Data Raw: 31 Data Ascii: 1

Timestamp	Bytes transferred	Direction	Data
2024-04-23 20:27:55 UTC	1085	OUT	GET /track/?data=eyJldmVudCI6ICJtcF9wYWdlX3ZpZXciLCJwcm9wZXJ0aWVzIjogeyIkb3MiOiAiV2luZG93cyIsIiRicm93c2VyIjogIkNocm9tZSIsIiRzY3JlZW5faGVpZ2h0IjogMTAyNCwiJHNjcmVlbl93aWR0aCI6IDEyODAsIm1wX2xpYiI6ICJ3ZWIiLCJkaXN0aW5jdF9pZCI6ICIxOGYwY2E0YmUzMWQ3LTBlOWQ0ZDQ0YWY2NzktMjYwMzFlNTEtMTQwMDAwLTE4ZjBjYTRiZTMyMzAyIiwiJGluaXRpYWxfcmVmZXJyaW5nX2RvbWFpbiI6ICIkZGlyZWN0IiwibXBfcGFnZSI6ICJuYTIuZG9jdXNpZ24ubmV0IiwibXBfYnJvd3NlciI6ICJDaHJvbWUiLCJtcF9wbGF0Zm9ybSI6ICJXaW5kb3dzIiwidG9rZW4iOiAiNjI0NGJiOWUzMWRmNmQ4ZGNmOGM0MTM1ZGVmZTY0NjAifX0%3D&ip=1&_=1713904074298 HTTP/1.1 Host: api.mixpanel.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Origin: https://na2.docusign.net Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://na2.docusign.net/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-23 20:27:55 UTC	579	IN	HTTP/1.1 200 OK access-control-allow-credentials: true access-control-allow-headers: X-Requested-With access-control-allow-methods: GET, POST, OPTIONS access-control-allow-origin: https://na2.docusign.net access-control-expose-headers: X-MP-CE-Backoff access-control-max-age: 1728000 cache-control: no-cache, no-store content-type: application/json strict-transport-security: max-age=604800; includeSubDomains date: Tue, 23 Apr 2024 20:27:55 GMT Content-Length: 1 x-envoy-upstream-service-time: 0 server: envoy Via: 1.1 google Alt-Svc: clear Connection: close
2024-04-23 20:27:55 UTC	1	IN	Data Raw: 31 Data Ascii: 1

Timestamp	Bytes transferred	Direction	Data
2024-04-23 20:27:56 UTC	885	OUT	GET /track/?data=eyJldmVudCI6ICJtcF9wYWdlX3ZpZXciLCJwcm9wZXJ0aWVzIjogeyIkb3MiOiAiV2luZG93cyIsIiRicm93c2VyIjogIkNocm9tZSIsIiRzY3JlZW5faGVpZ2h0IjogMTAyNCwiJHNjcmVlbl93aWR0aCI6IDEyODAsIm1wX2xpYiI6ICJ3ZWIiLCJkaXN0aW5jdF9pZCI6ICIxOGYwY2E0YmUyYzExOC0wOTNkMGRiY2RmYWYwNS0yNjAzMWU1MS0xNDAwMDAtMThmMGNhNGJlMmQxNzEiLCIkaW5pdGlhbF9yZWZlcnJpbmdfZG9tYWluIjogIiRkaXJlY3QiLCJtcF9wYWdlIjogIm5hMi5kb2N1c2lnbi5uZXQiLCJtcF9icm93c2VyIjogIkNocm9tZSIsIm1wX3BsYXRmb3JtIjogIldpbmRvd3MiLCJ0b2tlbiI6ICIzMDRjY2JkZTI0ZDNiMTVmZmUyZDVkZTMwYzEwZGFiMiJ9fQ%3D%3D&ip=1&_=1713904074295 HTTP/1.1 Host: api.mixpanel.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-23 20:27:56 UTC	556	IN	HTTP/1.1 200 OK access-control-allow-credentials: true access-control-allow-headers: X-Requested-With access-control-allow-methods: GET, POST, OPTIONS access-control-allow-origin: * access-control-expose-headers: X-MP-CE-Backoff access-control-max-age: 1728000 cache-control: no-cache, no-store content-type: application/json strict-transport-security: max-age=604800; includeSubDomains date: Tue, 23 Apr 2024 20:27:56 GMT Content-Length: 1 x-envoy-upstream-service-time: 0 server: envoy Via: 1.1 google Alt-Svc: clear Connection: close
2024-04-23 20:27:56 UTC	1	IN	Data Raw: 31 Data Ascii: 1

Timestamp	Bytes transferred	Direction	Data
2024-04-23 20:27:56 UTC	161	OUT	HEAD /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-04-23 20:27:56 UTC	467	IN	HTTP/1.1 200 OK Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json Content-Type: application/octet-stream ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Last-Modified: Tue, 16 May 2017 22:58:00 GMT Server: ECAcc (chd/079C) X-CID: 11 X-Ms-ApiVersion: Distribute 1.2 X-Ms-Region: prod-eus2-z1 Cache-Control: public, max-age=38162 Date: Tue, 23 Apr 2024 20:27:56 GMT Connection: close X-CID: 2

Timestamp	Bytes transferred	Direction	Data
2024-04-23 20:27:56 UTC	239	OUT	GET /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT Range: bytes=0-2147483646 User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-04-23 20:27:56 UTC	804	IN	HTTP/1.1 200 OK ApiVersion: Distribute 1.1 Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Last-Modified: Tue, 16 May 2017 22:58:00 GMT Server: ECAcc (chd/0778) X-CID: 11 X-CCC: US X-Azure-Ref-OriginShield: Ref A: 52EA27DBDE0C4533B819423583F6692E Ref B: CH1AA2040902052 Ref C: 2023-07-09T23:10:08Z X-MSEdge-Ref: Ref A: 528BB8D443C042AA9AEA4EC3F75C7762 Ref B: CHI30EDGE0111 Ref C: 2023-07-09T23:11:11Z Content-Type: application/octet-stream X-Azure-Ref: 01uvbYwAAAACkqWtaEMjWQL/4cpisZkorTUVNMzBFREdFMDgxMQBjZWZjMjU4My1hOWIyLTQ0YTctOTc1NS1iNzZkMTdlMDVmN2Y= Cache-Control: public, max-age=38109 Date: Tue, 23 Apr 2024 20:27:56 GMT Content-Length: 55 Connection: close X-CID: 2
2024-04-23 20:27:56 UTC	55	IN	Data Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}

Timestamp	Bytes transferred	Direction	Data
2024-04-23 20:28:02 UTC	3471	OUT	GET /track/?data=eyJldmVudCI6ICJDQyBSZWNpcGllbnQgVmlldyBTaWdudXAgRm9ybSIsInByb3BlcnRpZXMiOiB7IiRvcyI6ICJXaW5kb3dzIiwiJGJyb3dzZXIiOiAiQ2hyb21lIiwiJHNjcmVlbl9oZWlnaHQiOiAxMDI0LCIkc2NyZWVuX3dpZHRoIjogMTI4MCwibXBfbGliIjogIndlYiIsImRpc3RpbmN0X2lkIjogIjllZGZiODIzYTZhNWZmZWI4NmZkZDlkN2E3NWI4ZmFkNWJjMjI3OTkiLCIkaW5pdGlhbF9yZWZlcnJpbmdfZG9tYWluIjogIiRkaXJlY3QiLCJQYWdlIjogIlNpZ24gJiBSZXR1cm4gTW9kYWwiLCJIYXNoZWRFbWFpbCI6ICJiYTE4MTQ2ZDhlODAxMmUxOTE0Nzk5ODczMzk3YzIzYyIsIlBvc3QgU2lnbmluZyBEaWFsb2ciOiAiRG9uZSIsIkVudmVsb3BlIElEIjogIjBhYTYwNzdiOGVjOTAzNjAxNGZiYWE4NTU4ZTgxZjI4Mjc1YTUyM2IiLCJSZWNpcGllbnQgSUQiOiAiYmViMzJiMDY1MmZhODYzMzQzY2U1ZTRiMTYwN2JkMmMyMjQ5OGZmYyIsIlNpZ25lciBJRCI6ICI5ZWRmYjgyM2E2YTVmZmViODZmZGQ5ZDdhNzViOGZhZDViYzIyNzk5IiwiQnJvd3NlciBWZXJzaW9uIjogIkNocm9tZSAxMjMuMCIsIkZpZWxkcyBSZWNpcGllbnQiOiAiMiIsIkZpZWxkcyBFbnZlbG9wZSI6ICIyIiwiUmVxdWlyZWQgRmllbGRzIjogIjEiLCJMYW5ndWFnZSI6ICJlbiIsIlNpZ25pbmcgQWNjZXNzIjogIlJlbW90ZSIsIkF1dG9OYXYgUnVsZXMiOiAiRmllbGRzQWxsIiwiUmVjaXBpZW50cyI6ICIxIiwiUmVjaXBpZW50IFR5cGUiOiAiU2lnbmVyIiwiUmVjaXBpZW50cyBXb3JrZmxvdyI6ICIxIiwiU2VuZGVyIEFjY291bnQgSUQiOiAiOWNlZDk4ZmQyMjhlNjg5M2IxMWRjYTdjYjZiYTZkYTA0M2FjZjY4NyIsIkFjY291bnQgSUQiOiAiODkzZTJiNGE5MWFhMDYyNzQyOGRlNzlmMzIxNzkzNmM0MDZlYzEwYSIsIkJyYW5kZWQiOiB0cnVlLCJCcmFuZGVkIExvZ28iOiB0cnVlLCJCcmFuZGVkIENvbG9yIjogdHJ1ZSwiQnJhbmRlZCBGaWxlIjogZmFsc2UsIkNvbmNhdCBNb2RlIjogZmFsc2UsIkF0dGFjaG1lbnQgQWRkZWQiOiBmYWxzZSwiQXR0YWNobWVudCBDb3VudCI6IDAsIkF0dGFjaG1lbnQgTWV0aG9kIjogbnVsbCwiUGFnZXMiOiAiMTEiLCJEb2NzIjogIjMiLCJBdXRoZW50aWNhdGlvbiI6ICJOb25lIiwiTG9nZ2VkIEluIjogZmFsc2UsIkNvbnNlbnQgU2hvd24iOiBmYWxzZSwiQWNjb3VudCBIb2xkZXIiOiBmYWxzZSwiRmllbGQgU2lnbmF0dXJlIjogdHJ1ZSwiRmllbGQgSW5pdGlhbCI6IGZhbHNlLCJGaWVsZCBTdGFtcCI6IGZhbHNlLCJGaWVsZCBEYXRlIjogdHJ1ZSwiRmllbGQgVGV4dCI6IGZhbHNlLCJGaWVsZCBOYW1lIjogZmFsc2UsIkZpZWxkIENvbXBhbnkiOiBmYWxzZSwiRmllbGQgVGl0bGUiOiBmYWxzZSwiRmllbGQgRW1haWwiOiBmYWxzZSwiRmllbGQgQ2hlY2tib3giOiBmYWxzZSwiRmllbGQgUmFkaW8iOiBmYWxzZSwiRmllbGQgRHJvcGRvd24iOiBmYWxzZSwiRmllbGQgQXR0YWNobWVudCI6IGZhbHNlLCJGaWVsZCBOb3RlIjogZmFsc2UsIkZpZWxkIEFwcHJvdmUiOiBmYWxzZSwiRmllbGQgRGVjbGluZSI6IGZhbHNlLCJGaWVsZCBWaWV3IjogZmFsc2UsIkZpZWxkIEZvcm11bGEiOiBmYWxzZSwiVGVtcGxhdGUgVXNlZCI6IGZhbHNlLCJTdXBwbGVtZW50YWwgRG9jdW1lbnQgQ291bnQiOiAxLCJTdXBwbGVtZW50YWwgRG9jdW1lbnQgUmVxdWlyZW1lbnRzIjogIk5vSW50ZXJhY3Rpb24iLCJBdXRvQ29tcGxldGUgRW5hYmxlZCI6IGZhbHNlLCJwcm9kdWN0IGFyZWEiOiAiU2lnbmluZyIsIkRTX0EiOiAiMWQ4MTU3Y2QtZTAxZC00YWEwLTlhZWMtYWQyZGJiNDZmNzYxIiwiRnJlZWZvcm0iOiBmYWxzZSwiU2lnbmluZ0V4dGVuc2lvbnMiOiB0cnVlLCJCcm93c2VyIFdpZHRoIEluaXRpYWwiOiAxMjgwLCJCcm93c2VyIEhlaWdodCBJbml0aWFsIjogOTA3LCJCcm93c2VyIFdpZHRoIjogMTI4MCwiQnJvd3NlciBIZWlnaHQiOiA5MDcsIlNlc3Npb24gQWJvdXQgdG8gRXhwaXJlIENvdW50IjogMCwiVG9wIEZpbmlzaCBIaWRkZW4iOiBmYWxzZSwiUG93ZXJGb3JtIjogZmFsc2UsIkEvQiBUZXN0cyI6ICJpZnJhbWVsZXNzOiBtb2JpbGUiLCJQb3dlcmZvcm0gU2VuZGVyIjogZmFsc2UsIlBsYXRmb3JtIjogIldlYiBBcHAiLCJ0b2tlbiI6ICIzMDRjY2JkZTI0ZDNiMTVmZmUyZDVkZTMwYzEwZGFiMiJ9fQ%3D%3D&ip=1&_=1713904082133 HTTP/1.1 Host: api.mixpanel.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Origin: https://na2.docusign.net Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://na2.docusign.net/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-23 20:28:03 UTC	580	IN	HTTP/1.1 200 OK access-control-allow-credentials: true access-control-allow-headers: X-Requested-With access-control-allow-methods: GET, POST, OPTIONS access-control-allow-origin: https://na2.docusign.net access-control-expose-headers: X-MP-CE-Backoff access-control-max-age: 1728000 cache-control: no-cache, no-store content-type: application/json strict-transport-security: max-age=604800; includeSubDomains date: Tue, 23 Apr 2024 20:28:03 GMT Content-Length: 1 x-envoy-upstream-service-time: 37 server: envoy Via: 1.1 google Alt-Svc: clear Connection: close
2024-04-23 20:28:03 UTC	1	IN	Data Raw: 31 Data Ascii: 1

Timestamp	Bytes transferred	Direction	Data
2024-04-23 20:28:03 UTC	3265	OUT	GET /track/?data=eyJldmVudCI6ICJDQyBSZWNpcGllbnQgVmlldyBTaWdudXAgRm9ybSIsInByb3BlcnRpZXMiOiB7IiRvcyI6ICJXaW5kb3dzIiwiJGJyb3dzZXIiOiAiQ2hyb21lIiwiJHNjcmVlbl9oZWlnaHQiOiAxMDI0LCIkc2NyZWVuX3dpZHRoIjogMTI4MCwibXBfbGliIjogIndlYiIsImRpc3RpbmN0X2lkIjogIjllZGZiODIzYTZhNWZmZWI4NmZkZDlkN2E3NWI4ZmFkNWJjMjI3OTkiLCIkaW5pdGlhbF9yZWZlcnJpbmdfZG9tYWluIjogIiRkaXJlY3QiLCJQYWdlIjogIlNpZ24gJiBSZXR1cm4gTW9kYWwiLCJIYXNoZWRFbWFpbCI6ICJiYTE4MTQ2ZDhlODAxMmUxOTE0Nzk5ODczMzk3YzIzYyIsIlBvc3QgU2lnbmluZyBEaWFsb2ciOiAiRG9uZSIsIkVudmVsb3BlIElEIjogIjBhYTYwNzdiOGVjOTAzNjAxNGZiYWE4NTU4ZTgxZjI4Mjc1YTUyM2IiLCJSZWNpcGllbnQgSUQiOiAiYmViMzJiMDY1MmZhODYzMzQzY2U1ZTRiMTYwN2JkMmMyMjQ5OGZmYyIsIlNpZ25lciBJRCI6ICI5ZWRmYjgyM2E2YTVmZmViODZmZGQ5ZDdhNzViOGZhZDViYzIyNzk5IiwiQnJvd3NlciBWZXJzaW9uIjogIkNocm9tZSAxMjMuMCIsIkZpZWxkcyBSZWNpcGllbnQiOiAiMiIsIkZpZWxkcyBFbnZlbG9wZSI6ICIyIiwiUmVxdWlyZWQgRmllbGRzIjogIjEiLCJMYW5ndWFnZSI6ICJlbiIsIlNpZ25pbmcgQWNjZXNzIjogIlJlbW90ZSIsIkF1dG9OYXYgUnVsZXMiOiAiRmllbGRzQWxsIiwiUmVjaXBpZW50cyI6ICIxIiwiUmVjaXBpZW50IFR5cGUiOiAiU2lnbmVyIiwiUmVjaXBpZW50cyBXb3JrZmxvdyI6ICIxIiwiU2VuZGVyIEFjY291bnQgSUQiOiAiOWNlZDk4ZmQyMjhlNjg5M2IxMWRjYTdjYjZiYTZkYTA0M2FjZjY4NyIsIkFjY291bnQgSUQiOiAiODkzZTJiNGE5MWFhMDYyNzQyOGRlNzlmMzIxNzkzNmM0MDZlYzEwYSIsIkJyYW5kZWQiOiB0cnVlLCJCcmFuZGVkIExvZ28iOiB0cnVlLCJCcmFuZGVkIENvbG9yIjogdHJ1ZSwiQnJhbmRlZCBGaWxlIjogZmFsc2UsIkNvbmNhdCBNb2RlIjogZmFsc2UsIkF0dGFjaG1lbnQgQWRkZWQiOiBmYWxzZSwiQXR0YWNobWVudCBDb3VudCI6IDAsIkF0dGFjaG1lbnQgTWV0aG9kIjogbnVsbCwiUGFnZXMiOiAiMTEiLCJEb2NzIjogIjMiLCJBdXRoZW50aWNhdGlvbiI6ICJOb25lIiwiTG9nZ2VkIEluIjogZmFsc2UsIkNvbnNlbnQgU2hvd24iOiBmYWxzZSwiQWNjb3VudCBIb2xkZXIiOiBmYWxzZSwiRmllbGQgU2lnbmF0dXJlIjogdHJ1ZSwiRmllbGQgSW5pdGlhbCI6IGZhbHNlLCJGaWVsZCBTdGFtcCI6IGZhbHNlLCJGaWVsZCBEYXRlIjogdHJ1ZSwiRmllbGQgVGV4dCI6IGZhbHNlLCJGaWVsZCBOYW1lIjogZmFsc2UsIkZpZWxkIENvbXBhbnkiOiBmYWxzZSwiRmllbGQgVGl0bGUiOiBmYWxzZSwiRmllbGQgRW1haWwiOiBmYWxzZSwiRmllbGQgQ2hlY2tib3giOiBmYWxzZSwiRmllbGQgUmFkaW8iOiBmYWxzZSwiRmllbGQgRHJvcGRvd24iOiBmYWxzZSwiRmllbGQgQXR0YWNobWVudCI6IGZhbHNlLCJGaWVsZCBOb3RlIjogZmFsc2UsIkZpZWxkIEFwcHJvdmUiOiBmYWxzZSwiRmllbGQgRGVjbGluZSI6IGZhbHNlLCJGaWVsZCBWaWV3IjogZmFsc2UsIkZpZWxkIEZvcm11bGEiOiBmYWxzZSwiVGVtcGxhdGUgVXNlZCI6IGZhbHNlLCJTdXBwbGVtZW50YWwgRG9jdW1lbnQgQ291bnQiOiAxLCJTdXBwbGVtZW50YWwgRG9jdW1lbnQgUmVxdWlyZW1lbnRzIjogIk5vSW50ZXJhY3Rpb24iLCJBdXRvQ29tcGxldGUgRW5hYmxlZCI6IGZhbHNlLCJwcm9kdWN0IGFyZWEiOiAiU2lnbmluZyIsIkRTX0EiOiAiMWQ4MTU3Y2QtZTAxZC00YWEwLTlhZWMtYWQyZGJiNDZmNzYxIiwiRnJlZWZvcm0iOiBmYWxzZSwiU2lnbmluZ0V4dGVuc2lvbnMiOiB0cnVlLCJCcm93c2VyIFdpZHRoIEluaXRpYWwiOiAxMjgwLCJCcm93c2VyIEhlaWdodCBJbml0aWFsIjogOTA3LCJCcm93c2VyIFdpZHRoIjogMTI4MCwiQnJvd3NlciBIZWlnaHQiOiA5MDcsIlNlc3Npb24gQWJvdXQgdG8gRXhwaXJlIENvdW50IjogMCwiVG9wIEZpbmlzaCBIaWRkZW4iOiBmYWxzZSwiUG93ZXJGb3JtIjogZmFsc2UsIkEvQiBUZXN0cyI6ICJpZnJhbWVsZXNzOiBtb2JpbGUiLCJQb3dlcmZvcm0gU2VuZGVyIjogZmFsc2UsIlBsYXRmb3JtIjogIldlYiBBcHAiLCJ0b2tlbiI6ICIzMDRjY2JkZTI0ZDNiMTVmZmUyZDVkZTMwYzEwZGFiMiJ9fQ%3D%3D&ip=1&_=1713904082133 HTTP/1.1 Host: api.mixpanel.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-23 20:28:03 UTC	557	IN	HTTP/1.1 200 OK access-control-allow-credentials: true access-control-allow-headers: X-Requested-With access-control-allow-methods: GET, POST, OPTIONS access-control-allow-origin: * access-control-expose-headers: X-MP-CE-Backoff access-control-max-age: 1728000 cache-control: no-cache, no-store content-type: application/json strict-transport-security: max-age=604800; includeSubDomains date: Tue, 23 Apr 2024 20:28:03 GMT Content-Length: 1 x-envoy-upstream-service-time: 12 server: envoy Via: 1.1 google Alt-Svc: clear Connection: close
2024-04-23 20:28:03 UTC	1	IN	Data Raw: 31 Data Ascii: 1

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (65447)
Category:	downloaded
Size (bytes):	136177
Entropy (8bit):	5.178504502403718
Encrypted:	false
SSDEEP:	1536:8prIg2sdtEyE4aoo/Iy4onqRmn4r4B52zqdiq85fhdsbPvLKaSlMaQLp9jU:AtcqoIzqdiqcsRSlMzY
MD5:	45E9F15CED8CBD83BCC82A5944B39B51
SHA1:	3ED7652897552ED89586170F19F38D05182007AA
SHA-256:	6536407B38F198296F45A08A4B01FB42F6F8138F158F4C75289EF10C53F8E3F4
SHA-512:	4C6A75B62BAE35D489E0AB39580D706EF1821A9F922C9BE18B4948DA4A698D9B644371EFC4A134B53E95407D71313A125BF1FED23CEEF9A3FC0C65CAD4563237
Malicious:	false
Reputation:	low
URL:	https://docucdn-a.akamaihd.net/production/1ds/widgets/@ds/signing/24.4.38-9/signing_iframeless_mobile.olive.js?cs=6967951d2ad3b4b0daf8
Preview:	/! For license information please see signing_iframeless_mobile.olive.js.LICENSE.txt /.(self.webpackChunk_ds_signing=self.webpackChunk_ds_signing\|\|[]).push([[3784],{483788:function(e){e.exports=function(e){function t(i){if(n[i])return n[i].exports;var o=n[i]={exports:{},id:i,loaded:!1};return e[i].call(o.exports,o,o.exports,t),o.loaded=!0,o.exports}var n={};return t.m=e,t.c=n,t.p="/",t(0)}([function(e,t,n){"use strict";n(1),n(2),n(3);var i=n(76);i.keys().forEach((function(e){i(e)}))},function(e,t,n){"use strict";!function(e,t){e.config={closePopoverOnEsc:!0,closePopoverOnClickAnywhere:!0,debug:!1,isAutoInitEnabled:!0},e.version="17.20.0",e.KEYS={tab:9,enter:13,esc:27,left:37,up:38,right:39,down:40},e.l10n={close:"Close",characterLimit:"{{REMAINING}} (maximum {{MAX}} characters)"},e.init=function(e){var t=[],n={add:function(e){return t.push(e),n},run:function(){var e;for(e=0;e<t.length;e++)t[e]();return n},afterLoad:function(){e.config.isAutoInitEnabled&&e.init.run(),e.util.polyfillFl

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	PNG image data, 300 x 300, 8-bit/color RGB, non-interlaced
Category:	downloaded
Size (bytes):	157684
Entropy (8bit):	7.996439784008411
Encrypted:	true
SSDEEP:	3072:Puger50MIxG6wEeqr3YvOUFK2EAMMEEFJwqnG70YpR:PugeF0MIU6fTr3UF/Tj+0c
MD5:	E639BA3E6DEFA15DF240DEA0BB8E130E
SHA1:	ADE632AD533FE91EEB7FA112BBC7DAE31AC99850
SHA-256:	B81B45671673BD9E7CCACCFCEA951EBA11A93297C4E17766B1118435A55D9771
SHA-512:	7B18B0180B0EA278AB3F4F099B9B6ADF5D1F717483DD83E1B377D503CF897CFE562F39290E79EF4F0A5FB25CCEA56B3F3BBA27865977C6B2751C688630AF7993
Malicious:	false
Reputation:	low
URL:	https://www.osler.com/osler/media/Osler/Content/Images/Tile-300x300/300x300-Elizabeth-Sale.png?ext=.png
Preview:	.PNG........IHDR...,...,........"....tEXtSoftware.Adobe ImageReadyq.e<...&iTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 9.1-c002 79.f354efc70, 2023/11/09-12:05:53 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop 25.4 (Windows)" xmpMM:InstanceID="xmp.iid:E8849033FC0111EEA97AFD9CBBCAB39B" xmpMM:DocumentID="xmp.did:E8849034FC0111EEA97AFD9CBBCAB39B"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:E8849031FC0111EEA97AFD9CBBCAB39B" stRef:documentID="xmp.did:E8849032FC0111EEA97AFD9CBBCAB39B"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>d.....ddIDATx..i.$Iv....c..m......X.AF....._..A..$3...(~....$.dF.d.i.(. .a0.1.p.....^n....=7"3#2#_.5.=..EFFF..s

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	Unicode text, UTF-8 text, with very long lines (37942), with LF, NEL line terminators
Category:	downloaded
Size (bytes):	168907
Entropy (8bit):	5.471593773106688
Encrypted:	false
SSDEEP:	1536:bW95pUq+jn+pal8Vip1xbpkYzo31lIRjsOM46WXPrcygsuiPyOESV72VQ3tYI:bznlPp/dkz6jJ76e72Vw+I
MD5:	D3CFD27D7C446BB6990F77270FE22618
SHA1:	968A527F295CEF9D789B3C1DC4B7805AFB948D0E
SHA-256:	A79F2067FCDCF733F15CF6773ADCDEBFC3CC7DDC1E86992DF70A4C76D7FAA743
SHA-512:	8C832B46F85A2EA89421C1F1E05F155D79E65FBDD90922E4AE88FAC8C1ADBC00C5849DED43FC2DE7E51486B8A1AEB4E467BCA40F3AF219D288AF670DD4493395
Malicious:	false
Reputation:	low
URL:	https://docucdn-a.akamaihd.net/production/1ds/widgets/@ds/signing/24.4.38-9/signing_iframeless_mobile.2492.js?cs=db236daf727ce4deba4a
Preview:	/! For license information please see signing_iframeless_mobile.2492.js.LICENSE.txt /.(self.webpackChunk_ds_signing=self.webpackChunk_ds_signing\|\|[]).push([[2492],{111328:function(t,e,r){var n=r(492784),i=r(582504),a="EN-US";function o(t){return n.currencies[t.toUpperCase()]\|\|""}function s(t,e){return i.formatNumber(t,i.getNumberFormat(e,n.numberFormats))}e.formatNumber=function(t,e){return s(t,e=e?i.unifyLocale(e):a)},e.formatCurrencyNumber=function(t,e,r,u){r=r?i.unifyLocale(r):a,e=e.toUpperCase();var c={num:s(t,r),sym:o(e),iso:e},l=i.getCurrencyFormat(e,r,n.currencyFormats);return l=u?l[1]:l[0],i.replacePlaceholders(l,c)},e.getSymbol=o},582504:function(t,e){e.unifyLocale=function(t){return t.replace("_","-").toUpperCase()},e.getNumberFormat=function t(e,r){var n=r[e]\|\|r.DEFAULT;if(!n)return{LEAD_SEP:"",GROUP_SEP:"",DECIMAL_SEP:".",DECIMAL_NUM:2};var i=n.split("\|");return 4!==i.length?t("DEFAULT",r):{LEAD_SEP:i[0],GROUP_SEP:i[1],DECIMAL_SEP:i[2],DECIMAL_NUM:parseInt(i[3])}},e.getCu

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ISO-8859 text, with CRLF line terminators
Category:	downloaded
Size (bytes):	3237
Entropy (8bit):	5.0247419289830715
Encrypted:	false
SSDEEP:	48:RqTXTiqTXT6CVo+pMMpbYLLlbYCpOqVDcqSgGm0wJGLH0N+IRoh6DQOdFGuES9r4:RqTXTiqTXTg3M4LpVUdm0wGLH0J+OLE
MD5:	82D39E05E3C85A7396329C92C3692DC4
SHA1:	5771C68E32F5C25F274FDAB38C1CAF276578F4D1
SHA-256:	ACE43A0FBBBFDF820ED7B226A6EFF09C8ABB1468C7854595ADC14CBA04D138B0
SHA-512:	7C04043C391CD1B6D9420794D6DA93F9E7AA2F0A27C9D2F9ABC7ECE3166DDE66C7A3BBE23012272B645126432A2309FFB4E652F17A1B45326562DC621F41158B
Malicious:	false
Reputation:	low
URL:	https://www.osler.com/Osler/js/dist/datepicker/wet/css/event-cal-style.css
Preview:	@charset "UTF-8";../.. Web Experience Toolkit (WET) / Bo.te . outils de l'exp.rience Web (BOEW).. * wet-boew.github.io/wet-boew/License-en.html / wet-boew.github.io/wet-boew/Licence-fr.html.. /.. @charset "UTF-8";../.. * Web Experience Toolkit (WET) / Bo.te . outils de l'exp.rience Web (BOEW).. * wet-boew.github.io/wet-boew/License-en.html / wet-boew.github.io/wet-boew/Licence-fr.html.. */...cal-cnt .cal-goto-mnth, .cal-cnt .cal-goto-yr, .cal-cnt .cal-goto-btn {.. position: relative;..}.....cal-cnt .cal-goto-mnth, .cal-cnt .cal-goto-yr, .cal-cnt .cal-goto-btn {.. display: inline-block;.. margin: 10px 5px;..}...wb-inv {...clip: rect(1px,1px,1px,1px);.. height: 1px;.. margin: 0;.. overflow: hidden;.. position: absolute;.. width: 1px;..}...cal-cnt .cal-hd, .cal-nxtmnth.active:hover,...cal-nxtmnth.active:focus,...cal-prvmnth.active:hover,...cal-prvmnth.active:focus, .cal-days .cal-currday {.. color: #fff;..}.....cal-cnt .cal-goto-lnk, .cal-days a:hover,...cal-days a

Timestamp	Bytes transferred	Direction	Data
2024-04-23 20:28:19 UTC	636	OUT	GET / HTTP/1.1 Host: www.osler.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-Dest: document Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-23 20:28:20 UTC	1034	IN	HTTP/1.1 302 Found Date: Tue, 23 Apr 2024 20:28:20 GMT Content-Type: text/html; charset=utf-8 Content-Length: 125 Connection: close Location: /en/home Set-Cookie: CMSPreferredCulture=en-CA; expires=Wed, 23-Apr-2025 20:28:19 GMT; path=/; HttpOnly Set-Cookie: lang=en-ca; expires=Wed, 23-Apr-2025 20:28:19 GMT; path=/; HttpOnly Set-Cookie: ARRAffinity=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd;Path=/;HttpOnly;Secure;Domain=www.osler.com Set-Cookie: ARRAffinitySameSite=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd;Path=/;HttpOnly;SameSite=None;Secure;Domain=www.osler.com X-Frame-Options: SAMEORIGIN X-Powered-By: ASP.NET set-cookie: ASLBSA=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; Path=/; Secure; HttpOnly; set-cookie: ASLBSACORS=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; SameSite=none; Path=/; Secure; HttpOnly; x-azure-ref: 20240423T202819Z-16f56cb894fh4vxq7cm94bepdg000000019g00000000m3a4 X-Cache: CONFIG_NOCACHE
2024-04-23 20:28:20 UTC	125	IN	Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 4f 62 6a 65 63 74 20 6d 6f 76 65 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 32 3e 4f 62 6a 65 63 74 20 6d 6f 76 65 64 20 74 6f 20 3c 61 20 68 72 65 66 3d 22 2f 65 6e 2f 68 6f 6d 65 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 68 32 3e 0d 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a Data Ascii: <html><head><title>Object moved</title></head><body><h2>Object moved to <a href="/en/home">here</a>.</h2></body></html>

Timestamp	Bytes transferred	Direction	Data
2024-04-23 20:28:20 UTC	1012	OUT	GET /en/home HTTP/1.1 Host: www.osler.com Connection: keep-alive Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-Dest: document sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: CMSPreferredCulture=en-CA; lang=en-ca; ARRAffinity=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ARRAffinitySameSite=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ASLBSA=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASLBSACORS=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c
2024-04-23 20:28:20 UTC	875	IN	HTTP/1.1 200 OK Date: Tue, 23 Apr 2024 20:28:20 GMT Content-Type: text/html; charset=utf-8 Content-Length: 35610 Connection: close Cache-Control: no-cache, no-store, must-revalidate Expires: -1 Pragma: no-cache Set-Cookie: ASP.NET_SessionId=wxt4gdhqkvddfgmpog4lnvg3; path=/; HttpOnly; SameSite=Lax Set-Cookie: lang=en-ca; expires=Wed, 23-Apr-2025 20:28:20 GMT; path=/; HttpOnly X-Frame-Options: SAMEORIGIN X-UA-Compatible: IE=Edge X-AspNet-Version: 4.0.30319 X-Powered-By: ASP.NET set-cookie: ASLBSA=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; Path=/; Secure; HttpOnly; set-cookie: ASLBSACORS=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; SameSite=none; Path=/; Secure; HttpOnly; x-azure-ref: 20240423T202820Z-16f7b4795d4hbs9nymf33py59c00000005x0000000001p1q X-Cache: CONFIG_NOCACHE Accept-Ranges: bytes
2024-04-23 20:28:20 UTC	13371	IN	Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0d 0a 3c 68 74 6d 6c 20 20 6c 61 6e 67 3d 22 65 6e 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 3e 0d 0a 3c 68 65 61 64 20 69 64 3d 22 68 65 61 64 22 3e 3c 74 69 74 6c 65 3e 0d 0a 09 4f 73 6c 65 72 2c 20 48 6f 73 6b 69 6e 20 26 61 6d 70 3b 20 48 61 72 63 6f 75 72 74 20 4c 4c 50 20 7c 20 42 75 73 69 6e 65 73 73 20 4c 61 77 20 46 69 72 6d 0d 0a 3c 2f 74 69 74 6c 65 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 64 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 4f 73 6c 65 72 20 69 73 20 61 20 6c 65 61 64 69 6e 67 20 62 75 73 69 6e 65 73 73 20 6c 61 77 20 66 69 72 6d 20 70 72 61 63 74 69 73 69 6e 67 20 69 6e 74 65 72 6e 61 74 69 6f 6e 61 6c 6c 79 20 66 72 6f 6d 20 6f 66 66 69 63 65 73 20 61 63 72 6f 73 73 Data Ascii: <!DOCTYPE html><html lang="en" xml:lang="en"><head id="head"><title>Osler, Hoskin & Harcourt LLP \| Business Law Firm</title><meta name="description" content="Osler is a leading business law firm practising internationally from offices across
2024-04-23 20:28:20 UTC	4096	IN	Data Raw: 72 63 68 22 20 6f 6e 6b 65 79 70 72 65 73 73 3d 22 6a 61 76 61 73 63 72 69 70 74 3a 72 65 74 75 72 6e 20 57 65 62 46 6f 72 6d 5f 46 69 72 65 44 65 66 61 75 6c 74 42 75 74 74 6f 6e 28 65 76 65 6e 74 2c 20 26 23 33 39 3b 6f 66 66 63 61 6e 76 61 73 53 65 61 72 63 68 42 74 6e 26 23 33 39 3b 29 22 3e 0d 0a 09 0d 0a 09 3c 6c 61 62 65 6c 20 63 6c 61 73 73 3d 22 73 72 2d 6f 6e 6c 79 22 20 69 64 3d 22 6c 62 6c 48 65 61 64 65 72 4f 66 66 63 61 6e 76 61 73 53 65 61 72 63 68 4d 6f 62 69 6c 65 22 20 66 6f 72 3d 22 6f 66 66 63 61 6e 76 61 73 54 78 74 53 65 61 72 63 68 22 3e 53 65 61 72 63 68 20 74 68 65 20 73 69 74 65 3a 3c 2f 6c 61 62 65 6c 3e 0d 0a 0d 0a 20 20 20 3c 69 6e 70 75 74 20 6e 61 6d 65 3d 22 70 24 6c 74 24 63 74 6c 30 35 24 4d 6f 62 69 6c 65 4e 61 76 69 67 Data Ascii: rch" onkeypress="javascript:return WebForm_FireDefaultButton(event, 'offcanvasSearchBtn')"><label class="sr-only" id="lblHeaderOffcanvasSearchMobile" for="offcanvasTxtSearch">Search the site:</label> <input name="p$lt$ctl05$MobileNavig
2024-04-23 20:28:20 UTC	16384	IN	Data Raw: 3e 0d 0a 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6c 2d 73 6d 2d 31 32 20 63 6f 6c 75 6d 6e 73 20 68 6f 6d 65 70 61 67 65 2d 74 69 6c 65 2d 63 6f 6d 70 6f 6e 65 6e 74 22 3e 0d 0a 20 20 20 20 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 69 64 3d 22 70 5f 6c 74 5f 63 74 6c 30 36 5f 70 61 67 65 70 6c 61 63 65 68 6f 6c 64 65 72 5f 70 5f 6c 74 5f 63 74 6c 30 31 5f 54 69 6c 65 4c 69 73 74 5f 72 70 74 49 74 65 6d 73 5f 63 74 6c 30 30 5f 47 72 69 64 50 61 6e 65 6c 22 20 63 6c 61 73 73 3d 22 63 6f 6c 2d 78 73 2d 31 32 20 63 6f 6c 75 6d 6e 73 20 67 72 69 64 2d 69 74 65 6d 22 3e 0d 0a 09 0d 0a 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 64 69 76 20 63 6c 61 73 73 3d 22 67 72 69 64 Data Ascii: > <div class="col-sm-12 columns homepage-tile-component"> <div id="p_lt_ctl06_pageplaceholder_p_lt_ctl01_TileList_rptItems_ctl00_GridPanel" class="col-xs-12 columns grid-item"> <div class="grid
2024-04-23 20:28:20 UTC	1759	IN	Data Raw: 0a 0a 20 20 20 20 3c 2f 64 69 76 3e 0a 20 20 3c 2f 64 69 76 3e 0a 3c 2f 66 6f 6f 74 65 72 3e 0a 3c 21 2d 2d 46 4f 4f 54 45 52 20 45 4e 44 2d 2d 3e 0a 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 2f 4f 73 6c 65 72 2f 6a 73 2f 64 69 73 74 2f 72 65 6d 2e 6d 69 6e 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 61 6a 61 78 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 61 6a 61 78 2f 6c 69 62 73 2f 6a 71 75 65 72 79 2f 31 2e 31 32 2e 34 2f 6a 71 75 65 72 79 2e 6d 69 6e 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 20 20 20 20 3c 21 2d 2d 5b 69 66 20 6c 74 20 49 45 20 Data Ascii: </div> </div></footer>...FOOTER END--><script type="text/javascript" src="/Osler/js/dist/rem.min.js"></script><script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js"></script> ...[if lt IE

Timestamp	Bytes transferred	Direction	Data
2024-04-23 20:28:21 UTC	994	OUT	GET /Osler/fonts/font-awesome/css/font-awesome.min.css HTTP/1.1 Host: www.osler.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://www.osler.com/en/home Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: CMSPreferredCulture=en-CA; lang=en-ca; ARRAffinity=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ARRAffinitySameSite=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ASLBSA=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASLBSACORS=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASP.NET_SessionId=wxt4gdhqkvddfgmpog4lnvg3
2024-04-23 20:28:21 UTC	373	IN	HTTP/1.1 200 OK Date: Tue, 23 Apr 2024 20:28:21 GMT Content-Type: text/css Content-Length: 21987 Connection: close ETag: "09e76b69f86da1:0" Last-Modified: Thu, 04 Apr 2024 14:52:28 GMT X-Frame-Options: SAMEORIGIN X-Powered-By: ASP.NET x-azure-ref: 20240423T202821Z-16f56cb894fljwv72mzt8bkz1c00000001h0000000002x8w X-Cache: CONFIG_NOCACHE Accept-Ranges: bytes
2024-04-23 20:28:21 UTC	3619	IN	Data Raw: 2f 2a 21 0d 0a 20 2a 20 20 46 6f 6e 74 20 41 77 65 73 6f 6d 65 20 34 2e 32 2e 30 20 62 79 20 40 64 61 76 65 67 61 6e 64 79 20 2d 20 68 74 74 70 3a 2f 2f 66 6f 6e 74 61 77 65 73 6f 6d 65 2e 69 6f 20 2d 20 40 66 6f 6e 74 61 77 65 73 6f 6d 65 0d 0a 20 2a 20 20 4c 69 63 65 6e 73 65 20 2d 20 68 74 74 70 3a 2f 2f 66 6f 6e 74 61 77 65 73 6f 6d 65 2e 69 6f 2f 6c 69 63 65 6e 73 65 20 28 46 6f 6e 74 3a 20 53 49 4c 20 4f 46 4c 20 31 2e 31 2c 20 43 53 53 3a 20 4d 49 54 20 4c 69 63 65 6e 73 65 29 0d 0a 20 2a 2f 40 66 6f 6e 74 2d 66 61 63 65 7b 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 27 46 6f 6e 74 41 77 65 73 6f 6d 65 27 3b 73 72 63 3a 75 72 6c 28 27 2e 2e 2f 66 6f 6e 74 73 2f 66 6f 6e 74 61 77 65 73 6f 6d 65 2d 77 65 62 66 6f 6e 74 2e 65 6f 74 3f 76 3d 34 2e 32 2e 30 27 Data Ascii: /! Font Awesome 4.2.0 by @davegandy - http://fontawesome.io - @fontawesome * License - http://fontawesome.io/license (Font: SIL OFL 1.1, CSS: MIT License) */@font-face{font-family:'FontAwesome';src:url('../fonts/fontawesome-webfont.eot?v=4.2.0'
2024-04-23 20:28:21 UTC	12288	IN	Data Raw: 73 69 67 6e 61 6c 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 31 32 22 7d 2e 66 61 2d 67 65 61 72 3a 62 65 66 6f 72 65 2c 2e 66 61 2d 63 6f 67 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 31 33 22 7d 2e 66 61 2d 74 72 61 73 68 2d 6f 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 31 34 22 7d 2e 66 61 2d 68 6f 6d 65 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 31 35 22 7d 2e 66 61 2d 66 69 6c 65 2d 6f 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 31 36 22 7d 2e 66 61 2d 63 6c 6f 63 6b 2d 6f 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 31 37 22 7d 2e 66 61 2d 72 6f 61 64 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 30 31 38 22 7d 2e 66 61 2d 64 6f 77 6e 6c 6f Data Ascii: signal:before{content:"\f012"}.fa-gear:before,.fa-cog:before{content:"\f013"}.fa-trash-o:before{content:"\f014"}.fa-home:before{content:"\f015"}.fa-file-o:before{content:"\f016"}.fa-clock-o:before{content:"\f017"}.fa-road:before{content:"\f018"}.fa-downlo
2024-04-23 20:28:21 UTC	6080	IN	Data Raw: 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 31 36 61 22 7d 2e 66 61 2d 64 72 6f 70 62 6f 78 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 31 36 62 22 7d 2e 66 61 2d 73 74 61 63 6b 2d 6f 76 65 72 66 6c 6f 77 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 31 36 63 22 7d 2e 66 61 2d 69 6e 73 74 61 67 72 61 6d 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 31 36 64 22 7d 2e 66 61 2d 66 6c 69 63 6b 72 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 31 36 65 22 7d 2e 66 61 2d 61 64 6e 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 31 37 30 22 7d 2e 66 61 2d 62 69 74 62 75 63 6b 65 74 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 66 31 37 31 22 7d 2e 66 61 2d 62 69 74 62 75 63 6b 65 74 2d 73 71 75 61 72 Data Ascii: ore{content:"\f16a"}.fa-dropbox:before{content:"\f16b"}.fa-stack-overflow:before{content:"\f16c"}.fa-instagram:before{content:"\f16d"}.fa-flickr:before{content:"\f16e"}.fa-adn:before{content:"\f170"}.fa-bitbucket:before{content:"\f171"}.fa-bitbucket-squar

Timestamp	Bytes transferred	Direction	Data
2024-04-23 20:28:21 UTC	993	OUT	GET /Osler/css/bootstrap-accessibility-plugin.min.css HTTP/1.1 Host: www.osler.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://www.osler.com/en/home Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: CMSPreferredCulture=en-CA; lang=en-ca; ARRAffinity=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ARRAffinitySameSite=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ASLBSA=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASLBSACORS=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASP.NET_SessionId=wxt4gdhqkvddfgmpog4lnvg3
2024-04-23 20:28:21 UTC	371	IN	HTTP/1.1 200 OK Date: Tue, 23 Apr 2024 20:28:21 GMT Content-Type: text/css Content-Length: 720 Connection: close ETag: "09e76b69f86da1:0" Last-Modified: Thu, 04 Apr 2024 14:52:28 GMT X-Frame-Options: SAMEORIGIN X-Powered-By: ASP.NET x-azure-ref: 20240423T202821Z-16f56cb894fdm9r7z8wfs1qqw000000001dg00000000bv5r X-Cache: CONFIG_NOCACHE Accept-Ranges: bytes
2024-04-23 20:28:21 UTC	720	IN	Data Raw: 2e 62 74 6e 3a 66 6f 63 75 73 7b 6f 75 74 6c 69 6e 65 3a 23 30 30 30 20 64 6f 74 74 65 64 20 32 70 78 7d 2e 63 6c 6f 73 65 3a 66 6f 63 75 73 2c 2e 63 6c 6f 73 65 3a 68 6f 76 65 72 2c 2e 6e 61 76 3e 6c 69 3e 61 3a 66 6f 63 75 73 2c 2e 6e 61 76 3e 6c 69 3e 61 3a 68 6f 76 65 72 2c 61 3a 66 6f 63 75 73 2c 64 69 76 2e 61 63 74 69 76 65 3a 66 6f 63 75 73 7b 6f 75 74 6c 69 6e 65 3a 23 30 30 30 20 64 6f 74 74 65 64 20 31 70 78 7d 2e 63 61 72 6f 75 73 65 6c 2d 69 6e 6e 65 72 3e 2e 69 74 65 6d 7b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 2d 39 39 39 39 39 39 65 6d 3b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 3b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 69 74 69 6f 6e 3a 2e 36 73 20 65 61 73 65 2d 69 6e 2d 6f 75 74 20 6c 65 66 74 3b 2d 6d 6f 7a 2d Data Ascii: .btn:focus{outline:#000 dotted 2px}.close:focus,.close:hover,.nav>li>a:focus,.nav>li>a:hover,a:focus,div.active:focus{outline:#000 dotted 1px}.carousel-inner>.item{position:absolute;top:-999999em;display:block;-webkit-transition:.6s ease-in-out left;-moz-

Timestamp	Bytes transferred	Direction	Data
2024-04-23 20:28:21 UTC	978	OUT	GET /Osler/css/styles.min.css?v=11.0.4 HTTP/1.1 Host: www.osler.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: text/css,/;q=0.1 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: style Referer: https://www.osler.com/en/home Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: CMSPreferredCulture=en-CA; lang=en-ca; ARRAffinity=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ARRAffinitySameSite=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ASLBSA=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASLBSACORS=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASP.NET_SessionId=wxt4gdhqkvddfgmpog4lnvg3
2024-04-23 20:28:21 UTC	374	IN	HTTP/1.1 200 OK Date: Tue, 23 Apr 2024 20:28:21 GMT Content-Type: text/css Content-Length: 328011 Connection: close ETag: "051b627a086da1:0" Last-Modified: Thu, 04 Apr 2024 14:55:38 GMT X-Frame-Options: SAMEORIGIN X-Powered-By: ASP.NET x-azure-ref: 20240423T202821Z-16f56cb894frt5xthgg03udhpc00000001g000000000079x X-Cache: CONFIG_NOCACHE Accept-Ranges: bytes
2024-04-23 20:28:21 UTC	13622	IN	Data Raw: 40 63 68 61 72 73 65 74 20 22 55 54 46 2d 38 22 3b 2f 2a 21 0a 20 2a 20 42 6f 6f 74 73 74 72 61 70 20 76 33 2e 34 2e 31 20 28 68 74 74 70 73 3a 2f 2f 67 65 74 62 6f 6f 74 73 74 72 61 70 2e 63 6f 6d 2f 29 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 32 30 31 31 2d 32 30 31 39 20 54 77 69 74 74 65 72 2c 20 49 6e 63 2e 0a 20 2a 20 4c 69 63 65 6e 73 65 64 20 75 6e 64 65 72 20 4d 49 54 20 28 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 63 6f 6d 2f 74 77 62 73 2f 62 6f 6f 74 73 74 72 61 70 2f 62 6c 6f 62 2f 6d 61 73 74 65 72 2f 4c 49 43 45 4e 53 45 29 0a 20 2a 2f 2f 2a 21 20 6e 6f 72 6d 61 6c 69 7a 65 2e 63 73 73 20 76 33 2e 30 2e 33 20 7c 20 4d 49 54 20 4c 69 63 65 6e 73 65 20 7c 20 67 69 74 68 75 62 2e 63 6f 6d 2f 6e 65 63 6f 6c 61 73 2f 6e 6f 72 6d 61 6c 69 7a Data Ascii: @charset "UTF-8";/! Bootstrap v3.4.1 (https://getbootstrap.com/) * Copyright 2011-2019 Twitter, Inc. * Licensed under MIT (https://github.com/twbs/bootstrap/blob/master/LICENSE) //! normalize.css v3.0.3 \| MIT License \| github.com/necolas/normaliz
2024-04-23 20:28:21 UTC	4096	IN	Data Raw: 6f 6e 2d 69 63 65 2d 6c 6f 6c 6c 79 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 32 33 31 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 69 63 65 2d 6c 6f 6c 6c 79 2d 74 61 73 74 65 64 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 32 33 32 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 65 64 75 63 61 74 69 6f 6e 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 32 33 33 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 6f 70 74 69 6f 6e 2d 68 6f 72 69 7a 6f 6e 74 61 6c 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 32 33 34 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 6f 70 74 69 6f 6e 2d 76 65 72 74 69 63 61 6c 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 22 5c 65 32 33 35 22 7d 2e 67 6c 79 70 68 69 63 6f 6e 2d 6d 65 6e 75 2d 68 61 6d 62 75 72 Data Ascii: on-ice-lolly:before{content:"\e231"}.glyphicon-ice-lolly-tasted:before{content:"\e232"}.glyphicon-education:before{content:"\e233"}.glyphicon-option-horizontal:before{content:"\e234"}.glyphicon-option-vertical:before{content:"\e235"}.glyphicon-menu-hambur
2024-04-23 20:28:21 UTC	16384	IN	Data Raw: 7d 2e 74 65 78 74 2d 77 61 72 6e 69 6e 67 7b 63 6f 6c 6f 72 3a 23 38 61 36 64 33 62 7d 61 2e 74 65 78 74 2d 77 61 72 6e 69 6e 67 3a 66 6f 63 75 73 2c 61 2e 74 65 78 74 2d 77 61 72 6e 69 6e 67 3a 68 6f 76 65 72 7b 63 6f 6c 6f 72 3a 23 36 36 35 31 32 63 7d 2e 74 65 78 74 2d 64 61 6e 67 65 72 7b 63 6f 6c 6f 72 3a 23 61 39 34 34 34 32 7d 61 2e 74 65 78 74 2d 64 61 6e 67 65 72 3a 66 6f 63 75 73 2c 61 2e 74 65 78 74 2d 64 61 6e 67 65 72 3a 68 6f 76 65 72 7b 63 6f 6c 6f 72 3a 23 38 34 33 35 33 34 7d 2e 62 67 2d 70 72 69 6d 61 72 79 7b 63 6f 6c 6f 72 3a 23 66 66 66 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 33 33 37 61 62 37 7d 61 2e 62 67 2d 70 72 69 6d 61 72 79 3a 66 6f 63 75 73 2c 61 2e 62 67 2d 70 72 69 6d 61 72 79 3a 68 6f 76 65 72 7b 62 61 63 Data Ascii: }.text-warning{color:#8a6d3b}a.text-warning:focus,a.text-warning:hover{color:#66512c}.text-danger{color:#a94442}a.text-danger:focus,a.text-danger:hover{color:#843534}.bg-primary{color:#fff;background-color:#337ab7}a.bg-primary:focus,a.bg-primary:hover{bac
2024-04-23 20:28:21 UTC	8192	IN	Data Raw: 6e 69 6e 67 3e 74 64 2c 2e 74 61 62 6c 65 3e 74 68 65 61 64 3e 74 72 2e 77 61 72 6e 69 6e 67 3e 74 68 2c 2e 74 61 62 6c 65 3e 74 68 65 61 64 3e 74 72 3e 74 64 2e 77 61 72 6e 69 6e 67 2c 2e 74 61 62 6c 65 3e 74 68 65 61 64 3e 74 72 3e 74 68 2e 77 61 72 6e 69 6e 67 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 66 63 66 38 65 33 7d 2e 74 61 62 6c 65 2d 68 6f 76 65 72 3e 74 62 6f 64 79 3e 74 72 2e 77 61 72 6e 69 6e 67 3a 68 6f 76 65 72 3e 74 64 2c 2e 74 61 62 6c 65 2d 68 6f 76 65 72 3e 74 62 6f 64 79 3e 74 72 2e 77 61 72 6e 69 6e 67 3a 68 6f 76 65 72 3e 74 68 2c 2e 74 61 62 6c 65 2d 68 6f 76 65 72 3e 74 62 6f 64 79 3e 74 72 3a 68 6f 76 65 72 3e 2e 77 61 72 6e 69 6e 67 2c 2e 74 61 62 6c 65 2d 68 6f 76 65 72 3e 74 62 6f 64 79 3e 74 72 3e 74 64 2e 77 Data Ascii: ning>td,.table>thead>tr.warning>th,.table>thead>tr>td.warning,.table>thead>tr>th.warning{background-color:#fcf8e3}.table-hover>tbody>tr.warning:hover>td,.table-hover>tbody>tr.warning:hover>th,.table-hover>tbody>tr:hover>.warning,.table-hover>tbody>tr>td.w
2024-04-23 20:28:21 UTC	8192	IN	Data Raw: 2d 62 74 6e 3e 73 65 6c 65 63 74 2e 62 74 6e 2c 2e 69 6e 70 75 74 2d 67 72 6f 75 70 2d 6c 67 3e 73 65 6c 65 63 74 2e 66 6f 72 6d 2d 63 6f 6e 74 72 6f 6c 2c 2e 69 6e 70 75 74 2d 67 72 6f 75 70 2d 6c 67 3e 73 65 6c 65 63 74 2e 69 6e 70 75 74 2d 67 72 6f 75 70 2d 61 64 64 6f 6e 2c 73 65 6c 65 63 74 2e 69 6e 70 75 74 2d 6c 67 7b 68 65 69 67 68 74 3a 34 36 70 78 3b 6c 69 6e 65 2d 68 65 69 67 68 74 3a 34 36 70 78 7d 2e 69 6e 70 75 74 2d 67 72 6f 75 70 2d 6c 67 3e 2e 69 6e 70 75 74 2d 67 72 6f 75 70 2d 62 74 6e 3e 73 65 6c 65 63 74 5b 6d 75 6c 74 69 70 6c 65 5d 2e 62 74 6e 2c 2e 69 6e 70 75 74 2d 67 72 6f 75 70 2d 6c 67 3e 2e 69 6e 70 75 74 2d 67 72 6f 75 70 2d 62 74 6e 3e 74 65 78 74 61 72 65 61 2e 62 74 6e 2c 2e 69 6e 70 75 74 2d 67 72 6f 75 70 2d 6c 67 3e 73 Data Ascii: -btn>select.btn,.input-group-lg>select.form-control,.input-group-lg>select.input-group-addon,select.input-lg{height:46px;line-height:46px}.input-group-lg>.input-group-btn>select[multiple].btn,.input-group-lg>.input-group-btn>textarea.btn,.input-group-lg>s
2024-04-23 20:28:21 UTC	8192	IN	Data Raw: 74 69 76 65 3a 66 6f 63 75 73 2c 2e 62 74 6e 2d 70 72 69 6d 61 72 79 2e 61 63 74 69 76 65 3a 68 6f 76 65 72 2c 2e 62 74 6e 2d 70 72 69 6d 61 72 79 3a 61 63 74 69 76 65 2e 66 6f 63 75 73 2c 2e 62 74 6e 2d 70 72 69 6d 61 72 79 3a 61 63 74 69 76 65 3a 66 6f 63 75 73 2c 2e 62 74 6e 2d 70 72 69 6d 61 72 79 3a 61 63 74 69 76 65 3a 68 6f 76 65 72 2c 2e 6f 70 65 6e 3e 2e 62 74 6e 2d 70 72 69 6d 61 72 79 2e 64 72 6f 70 64 6f 77 6e 2d 74 6f 67 67 6c 65 2e 66 6f 63 75 73 2c 2e 6f 70 65 6e 3e 2e 62 74 6e 2d 70 72 69 6d 61 72 79 2e 64 72 6f 70 64 6f 77 6e 2d 74 6f 67 67 6c 65 3a 66 6f 63 75 73 2c 2e 6f 70 65 6e 3e 2e 62 74 6e 2d 70 72 69 6d 61 72 79 2e 64 72 6f 70 64 6f 77 6e 2d 74 6f 67 67 6c 65 3a 68 6f 76 65 72 7b 63 6f 6c 6f 72 3a 23 66 66 66 3b 62 61 63 6b 67 72 Data Ascii: tive:focus,.btn-primary.active:hover,.btn-primary:active.focus,.btn-primary:active:focus,.btn-primary:active:hover,.open>.btn-primary.dropdown-toggle.focus,.open>.btn-primary.dropdown-toggle:focus,.open>.btn-primary.dropdown-toggle:hover{color:#fff;backgr
2024-04-23 20:28:21 UTC	16384	IN	Data Raw: 6f 70 64 6f 77 6e 2d 6d 65 6e 75 7b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 7d 2e 6f 70 65 6e 3e 61 7b 6f 75 74 6c 69 6e 65 3a 30 7d 2e 64 72 6f 70 64 6f 77 6e 2d 6d 65 6e 75 2d 6c 65 66 74 7b 72 69 67 68 74 3a 61 75 74 6f 3b 6c 65 66 74 3a 30 7d 2e 64 72 6f 70 64 6f 77 6e 2d 68 65 61 64 65 72 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 63 6f 6c 6f 72 3a 23 37 37 37 7d 2e 64 72 6f 70 64 6f 77 6e 2d 62 61 63 6b 64 72 6f 70 7b 70 6f 73 69 74 69 6f 6e 3a 66 69 78 65 64 3b 74 6f 70 3a 30 3b 72 69 67 68 74 3a 30 3b 62 6f 74 74 6f 6d 3a 30 3b 6c 65 66 74 3a 30 3b 7a 2d 69 6e 64 65 78 3a 39 39 30 7d 2e 70 75 6c 6c 2d 72 69 67 68 74 3e 2e 64 72 6f 70 64 6f 77 6e 2d 6d 65 6e 75 7b 72 69 67 68 74 3a 30 3b 6c 65 66 74 3a 61 75 74 6f 7d 2e 64 72 6f 70 75 70 20 2e Data Ascii: opdown-menu{display:block}.open>a{outline:0}.dropdown-menu-left{right:auto;left:0}.dropdown-header{font-size:12px;color:#777}.dropdown-backdrop{position:fixed;top:0;right:0;bottom:0;left:0;z-index:990}.pull-right>.dropdown-menu{right:0;left:auto}.dropup .
2024-04-23 20:28:21 UTC	16384	IN	Data Raw: 23 65 37 65 37 65 37 7d 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6c 69 6e 6b 7b 63 6f 6c 6f 72 3a 23 37 37 37 7d 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 6e 61 76 62 61 72 2d 6c 69 6e 6b 3a 68 6f 76 65 72 7b 63 6f 6c 6f 72 3a 23 33 33 33 7d 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 62 74 6e 2d 6c 69 6e 6b 7b 63 6f 6c 6f 72 3a 23 37 37 37 7d 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 62 74 6e 2d 6c 69 6e 6b 3a 66 6f 63 75 73 2c 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 62 74 6e 2d 6c 69 6e 6b 3a 68 6f 76 65 72 7b 63 6f 6c 6f 72 3a 23 33 33 33 7d 2e 6e 61 76 62 61 72 2d 64 65 66 61 75 6c 74 20 2e 62 74 6e 2d 6c 69 6e 6b 5b 64 69 73 61 62 6c 65 64 5d 3a 66 6f 63 75 73 2c 2e 6e 61 76 62 61 72 Data Ascii: #e7e7e7}.navbar-default .navbar-link{color:#777}.navbar-default .navbar-link:hover{color:#333}.navbar-default .btn-link{color:#777}.navbar-default .btn-link:focus,.navbar-default .btn-link:hover{color:#333}.navbar-default .btn-link[disabled]:focus,.navbar
2024-04-23 20:28:21 UTC	16384	IN	Data Raw: 65 2c 62 75 74 74 6f 6e 2e 6c 69 73 74 2d 67 72 6f 75 70 2d 69 74 65 6d 2d 69 6e 66 6f 2e 61 63 74 69 76 65 3a 66 6f 63 75 73 2c 62 75 74 74 6f 6e 2e 6c 69 73 74 2d 67 72 6f 75 70 2d 69 74 65 6d 2d 69 6e 66 6f 2e 61 63 74 69 76 65 3a 68 6f 76 65 72 7b 63 6f 6c 6f 72 3a 23 66 66 66 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 33 31 37 30 38 66 3b 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 23 33 31 37 30 38 66 7d 2e 6c 69 73 74 2d 67 72 6f 75 70 2d 69 74 65 6d 2d 77 61 72 6e 69 6e 67 7b 63 6f 6c 6f 72 3a 23 38 61 36 64 33 62 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 66 63 66 38 65 33 7d 61 2e 6c 69 73 74 2d 67 72 6f 75 70 2d 69 74 65 6d 2d 77 61 72 6e 69 6e 67 2c 62 75 74 74 6f 6e 2e 6c 69 73 74 2d 67 72 6f 75 70 2d 69 74 65 6d 2d 77 Data Ascii: e,button.list-group-item-info.active:focus,button.list-group-item-info.active:hover{color:#fff;background-color:#31708f;border-color:#31708f}.list-group-item-warning{color:#8a6d3b;background-color:#fcf8e3}a.list-group-item-warning,button.list-group-item-w
2024-04-23 20:28:21 UTC	9216	IN	Data Raw: 72 6f 77 7b 62 6f 74 74 6f 6d 3a 30 3b 6c 65 66 74 3a 35 30 25 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 3b 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 35 70 78 20 35 70 78 20 30 3b 62 6f 72 64 65 72 2d 74 6f 70 2d 63 6f 6c 6f 72 3a 23 30 30 30 7d 2e 74 6f 6f 6c 74 69 70 2e 74 6f 70 2d 6c 65 66 74 20 2e 74 6f 6f 6c 74 69 70 2d 61 72 72 6f 77 7b 72 69 67 68 74 3a 35 70 78 7d 2e 74 6f 6f 6c 74 69 70 2e 74 6f 70 2d 72 69 67 68 74 20 2e 74 6f 6f 6c 74 69 70 2d 61 72 72 6f 77 7b 6c 65 66 74 3a 35 70 78 7d 2e 74 6f 6f 6c 74 69 70 2e 72 69 67 68 74 20 2e 74 6f 6f 6c 74 69 70 2d 61 72 72 6f 77 7b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 30 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 35 70 78 3b 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 35 70 78 20 35 70 78 20 35 70 78 Data Ascii: row{bottom:0;left:50%;margin-left:-5px;border-width:5px 5px 0;border-top-color:#000}.tooltip.top-left .tooltip-arrow{right:5px}.tooltip.top-right .tooltip-arrow{left:5px}.tooltip.right .tooltip-arrow{top:50%;left:0;margin-top:-5px;border-width:5px 5px 5px

Timestamp	Bytes transferred	Direction	Data
2024-04-23 20:28:21 UTC	542	OUT	GET /scripttemplates/otSDKStub.js HTTP/1.1 Host: cdn.cookielaw.org Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.osler.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-23 20:28:21 UTC	859	IN	HTTP/1.1 200 OK Date: Tue, 23 Apr 2024 20:28:21 GMT Content-Type: application/javascript Transfer-Encoding: chunked Connection: close Content-MD5: zgTRIDojRJmnmBTwUyI2Vw== Last-Modified: Tue, 23 Apr 2024 02:35:10 GMT x-ms-request-id: b57d1c5d-f01e-002b-5698-95b94f000000 x-ms-version: 2009-09-19 x-ms-lease-status: unlocked x-ms-blob-type: BlockBlob Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding Access-Control-Allow-Origin: * CF-Cache-Status: HIT Age: 6 Expires: Wed, 24 Apr 2024 20:28:21 GMT Cache-Control: public, max-age=86400 Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-Content-Type-Options: nosniff Server: cloudflare CF-RAY: 87909978b87b7bb7-ATL
2024-04-23 20:28:21 UTC	510	IN	Data Raw: 35 32 65 65 0d 0a 76 61 72 20 4f 6e 65 54 72 75 73 74 53 74 75 62 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 76 61 72 20 61 2c 6f 2c 70 3d 6e 65 77 20 66 75 6e 63 74 69 6f 6e 28 29 7b 74 68 69 73 2e 6f 70 74 61 6e 6f 6e 43 6f 6f 6b 69 65 4e 61 6d 65 3d 22 4f 70 74 61 6e 6f 6e 43 6f 6e 73 65 6e 74 22 2c 74 68 69 73 2e 6f 70 74 61 6e 6f 6e 48 74 6d 6c 47 72 6f 75 70 44 61 74 61 3d 5b 5d 2c 74 68 69 73 2e 6f 70 74 61 6e 6f 6e 48 6f 73 74 44 61 74 61 3d 5b 5d 2c 74 68 69 73 2e 67 65 6e 56 65 6e 64 6f 72 73 44 61 74 61 3d 5b 5d 2c 74 68 69 73 2e 76 65 6e 64 6f 72 73 53 65 72 76 69 63 65 44 61 74 61 3d 5b 5d 2c 74 68 69 73 2e 49 41 42 43 6f 6f 6b 69 65 56 61 6c 75 65 3d 22 22 2c 74 68 69 73 2e 6f 6e 65 54 72 75 73 74 49 41 42 Data Ascii: 52eevar OneTrustStub=function(t){"use strict";var a,o,p=new function(){this.optanonCookieName="OptanonConsent",this.optanonHtmlGroupData=[],this.optanonHostData=[],this.genVendorsData=[],this.vendorsServiceData=[],this.IABCookieValue="",this.oneTrustIAB
2024-04-23 20:28:21 UTC	1369	IN	Data Raw: 54 22 2c 22 50 4c 22 2c 22 50 54 22 2c 22 52 4f 22 2c 22 53 49 22 2c 22 53 4b 22 2c 22 46 49 22 2c 22 53 45 22 2c 22 47 42 22 2c 22 48 52 22 2c 22 4c 49 22 2c 22 4e 4f 22 2c 22 49 53 22 5d 2c 74 68 69 73 2e 73 74 75 62 46 69 6c 65 4e 61 6d 65 3d 22 6f 74 53 44 4b 53 74 75 62 22 2c 74 68 69 73 2e 44 41 54 41 46 49 4c 45 41 54 54 52 49 42 55 54 45 3d 22 64 61 74 61 2d 64 6f 6d 61 69 6e 2d 73 63 72 69 70 74 22 2c 74 68 69 73 2e 62 61 6e 6e 65 72 53 63 72 69 70 74 4e 61 6d 65 3d 22 6f 74 42 61 6e 6e 65 72 53 64 6b 2e 6a 73 22 2c 74 68 69 73 2e 6d 6f 62 69 6c 65 4f 6e 6c 69 6e 65 55 52 4c 3d 5b 5d 2c 74 68 69 73 2e 69 73 4d 69 67 72 61 74 65 64 55 52 4c 3d 21 31 2c 74 68 69 73 2e 6d 69 67 72 61 74 65 64 43 43 54 49 44 3d 22 5b 5b 4f 6c 64 43 43 54 49 44 5d 5d Data Ascii: T","PL","PT","RO","SI","SK","FI","SE","GB","HR","LI","NO","IS"],this.stubFileName="otSDKStub",this.DATAFILEATTRIBUTE="data-domain-script",this.bannerScriptName="otBannerSdk.js",this.mobileOnlineURL=[],this.isMigratedURL=!1,this.migratedCCTID="[[OldCCTID]]
2024-04-23 20:28:21 UTC	1369	IN	Data Raw: 28 21 28 61 3d 69 5b 6e 5d 2e 73 70 6c 69 74 28 2f 3a 28 2e 2b 29 2f 29 29 5b 31 5d 29 72 65 74 75 72 6e 20 6e 75 6c 6c 3b 65 5b 74 68 69 73 2e 63 61 6d 65 6c 69 7a 65 28 61 5b 30 5d 29 5d 3d 61 5b 31 5d 2e 74 72 69 6d 28 29 7d 72 65 74 75 72 6e 20 65 7d 2c 65 29 3b 66 75 6e 63 74 69 6f 6e 20 65 28 29 7b 76 61 72 20 74 3d 74 68 69 73 3b 74 68 69 73 2e 69 6d 70 6c 65 6d 65 6e 74 54 68 65 50 6f 6c 79 66 69 6c 6c 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 61 3d 74 2c 6f 3d 45 6c 65 6d 65 6e 74 2e 70 72 6f 74 6f 74 79 70 65 2e 73 65 74 41 74 74 72 69 62 75 74 65 3b 72 65 74 75 72 6e 20 45 6c 65 6d 65 6e 74 2e 70 72 6f 74 6f 74 79 70 65 2e 73 65 74 41 74 74 72 69 62 75 74 65 3d 66 75 6e 63 74 69 6f 6e 28 74 2c 65 29 7b 69 66 28 22 73 74 79 6c 65 22 21 3d Data Ascii: (!(a=i[n].split(/:(.+)/))[1])return null;e[this.camelize(a[0])]=a[1].trim()}return e},e);function e(){var t=this;this.implementThePolyfill=function(){var a=t,o=Element.prototype.setAttribute;return Element.prototype.setAttribute=function(t,e){if("style"!=
2024-04-23 20:28:21 UTC	1369	IN	Data Raw: 65 72 2c 21 31 29 2c 73 2e 61 64 64 46 72 61 6d 65 28 73 2e 4c 4f 43 41 54 4f 52 5f 4e 41 4d 45 29 29 7d 2c 74 68 69 73 2e 72 65 6d 6f 76 65 47 70 70 41 70 69 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 64 65 6c 65 74 65 20 73 2e 77 69 6e 2e 5f 5f 67 70 70 3b 76 61 72 20 74 3d 64 6f 63 75 6d 65 6e 74 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 22 69 66 72 61 6d 65 5b 6e 61 6d 65 3d 22 2b 73 2e 4c 4f 43 41 54 4f 52 5f 4e 41 4d 45 2b 22 5d 22 29 5b 30 5d 3b 74 26 26 74 2e 70 61 72 65 6e 74 45 6c 65 6d 65 6e 74 2e 72 65 6d 6f 76 65 43 68 69 6c 64 28 74 29 7d 2c 74 68 69 73 2e 65 78 65 63 75 74 65 47 70 70 41 70 69 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 66 6f 72 28 76 61 72 20 74 3d 5b 5d 2c 65 3d 30 3b 65 3c 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 3b Data Ascii: er,!1),s.addFrame(s.LOCATOR_NAME))},this.removeGppApi=function(){delete s.win.__gpp;var t=document.querySelectorAll("iframe[name="+s.LOCATOR_NAME+"]")[0];t&&t.parentElement.removeChild(t)},this.executeGppApi=function(){for(var t=[],e=0;e<arguments.length;
2024-04-23 20:28:21 UTC	1369	IN	Data Raw: 74 28 22 69 66 72 61 6d 65 22 29 29 2e 73 74 79 6c 65 2e 63 73 73 54 65 78 74 3d 22 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 22 2c 65 2e 6e 61 6d 65 3d 74 2c 65 2e 73 65 74 41 74 74 72 69 62 75 74 65 28 22 74 69 74 6c 65 22 2c 22 47 50 50 20 4c 6f 63 61 74 6f 72 22 29 2c 69 2e 62 6f 64 79 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 65 29 29 3a 73 65 74 54 69 6d 65 6f 75 74 28 66 75 6e 63 74 69 6f 6e 28 29 7b 73 2e 61 64 64 46 72 61 6d 65 28 74 29 7d 2c 35 29 29 2c 21 6e 7d 2c 74 68 69 73 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 3d 66 75 6e 63 74 69 6f 6e 28 74 2c 65 29 7b 76 61 72 20 69 2c 6e 3d 73 2e 77 69 6e 2e 5f 5f 67 70 70 3b 72 65 74 75 72 6e 20 6e 2e 65 76 65 6e 74 73 3d 6e 2e 65 76 65 6e 74 73 7c 7c 5b 5d 2c 6e 75 6c 6c 21 3d 28 69 3d 6e 29 26 26 Data Ascii: t("iframe")).style.cssText="display:none",e.name=t,e.setAttribute("title","GPP Locator"),i.body.appendChild(e)):setTimeout(function(){s.addFrame(t)},5)),!n},this.addEventListener=function(t,e){var i,n=s.win.__gpp;return n.events=n.events\|\|[],null!=(i=n)&&
2024-04-23 20:28:21 UTC	1369	IN	Data Raw: 2c 74 68 69 73 2e 63 61 70 74 75 72 65 4e 6f 6e 63 65 28 29 7d 2c 68 2e 70 72 6f 74 6f 74 79 70 65 2e 63 61 70 74 75 72 65 4e 6f 6e 63 65 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 68 69 73 2e 6e 6f 6e 63 65 3d 70 2e 73 74 75 62 53 63 72 69 70 74 45 6c 65 6d 65 6e 74 2e 6e 6f 6e 63 65 7c 7c 70 2e 73 74 75 62 53 63 72 69 70 74 45 6c 65 6d 65 6e 74 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 22 6e 6f 6e 63 65 22 29 7c 7c 6e 75 6c 6c 7d 2c 68 2e 70 72 6f 74 6f 74 79 70 65 2e 66 65 74 63 68 42 61 6e 6e 65 72 53 44 4b 44 65 70 65 6e 64 65 6e 63 79 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 68 69 73 2e 73 65 74 44 6f 6d 61 69 6e 44 61 74 61 46 69 6c 65 55 52 4c 28 29 2c 74 68 69 73 2e 63 72 6f 73 73 4f 72 69 67 69 6e 3d 70 2e 73 74 75 62 53 63 72 69 70 74 45 6c 65 6d 65 Data Ascii: ,this.captureNonce()},h.prototype.captureNonce=function(){this.nonce=p.stubScriptElement.nonce\|\|p.stubScriptElement.getAttribute("nonce")\|\|null},h.prototype.fetchBannerSDKDependency=function(){this.setDomainDataFileURL(),this.crossOrigin=p.stubScriptEleme
2024-04-23 20:28:21 UTC	1369	IN	Data Raw: 6f 63 61 74 69 6f 6e 52 65 73 70 6f 6e 73 65 3f 28 69 3d 69 2e 4f 6e 65 54 72 75 73 74 2e 67 65 6f 6c 6f 63 61 74 69 6f 6e 52 65 73 70 6f 6e 73 65 2c 74 68 69 73 2e 73 65 74 47 65 6f 4c 6f 63 61 74 69 6f 6e 28 69 2e 63 6f 75 6e 74 72 79 43 6f 64 65 2c 69 2e 73 74 61 74 65 43 6f 64 65 29 2c 74 68 69 73 2e 61 64 64 42 61 6e 6e 65 72 53 44 4b 53 63 72 69 70 74 28 74 29 29 3a 28 69 3d 74 68 69 73 2e 72 65 61 64 43 6f 6f 6b 69 65 50 61 72 61 6d 28 70 2e 6f 70 74 61 6e 6f 6e 43 6f 6f 6b 69 65 4e 61 6d 65 2c 70 2e 67 65 6f 6c 6f 63 61 74 69 6f 6e 43 6f 6f 6b 69 65 73 50 61 72 61 6d 29 29 7c 7c 74 2e 53 6b 69 70 47 65 6f 6c 6f 63 61 74 69 6f 6e 3f 28 65 3d 69 2e 73 70 6c 69 74 28 22 3b 22 29 5b 30 5d 2c 69 3d 69 2e 73 70 6c 69 74 28 22 3b 22 29 5b 31 5d 2c 74 68 Data Ascii: ocationResponse?(i=i.OneTrust.geolocationResponse,this.setGeoLocation(i.countryCode,i.stateCode),this.addBannerSDKScript(t)):(i=this.readCookieParam(p.optanonCookieName,p.geolocationCookiesParam))\|\|t.SkipGeolocation?(e=i.split(";")[0],i=i.split(";")[1],th
2024-04-23 20:28:21 UTC	1369	IN	Data Raw: 65 72 22 7d 7d 2c 68 2e 70 72 6f 74 6f 74 79 70 65 2e 73 65 74 47 65 6f 4c 6f 63 61 74 69 6f 6e 3d 66 75 6e 63 74 69 6f 6e 28 74 2c 65 29 7b 70 2e 75 73 65 72 4c 6f 63 61 74 69 6f 6e 3d 7b 63 6f 75 6e 74 72 79 3a 74 2c 73 74 61 74 65 3a 65 3d 76 6f 69 64 20 30 3d 3d 3d 65 3f 22 22 3a 65 7d 7d 2c 68 2e 70 72 6f 74 6f 74 79 70 65 2e 6f 74 46 65 74 63 68 3d 66 75 6e 63 74 69 6f 6e 28 74 2c 69 2c 65 2c 6e 2c 61 29 7b 76 6f 69 64 20 30 3d 3d 3d 65 26 26 28 65 3d 21 31 29 2c 76 6f 69 64 20 30 3d 3d 3d 6e 26 26 28 6e 3d 6e 75 6c 6c 29 3b 76 61 72 20 6f 3d 77 69 6e 64 6f 77 2e 73 65 73 73 69 6f 6e 53 74 6f 72 61 67 65 26 26 77 69 6e 64 6f 77 2e 73 65 73 73 69 6f 6e 53 74 6f 72 61 67 65 2e 67 65 74 49 74 65 6d 28 22 6f 74 50 72 65 76 69 65 77 44 61 74 61 22 29 3b Data Ascii: er"}},h.prototype.setGeoLocation=function(t,e){p.userLocation={country:t,state:e=void 0===e?"":e}},h.prototype.otFetch=function(t,i,e,n,a){void 0===e&&(e=!1),void 0===n&&(n=null);var o=window.sessionStorage&&window.sessionStorage.getItem("otPreviewData");
2024-04-23 20:28:21 UTC	1369	IN	Data Raw: 67 69 6f 6e 53 65 74 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 76 61 72 20 65 2c 69 2c 6e 2c 61 3d 70 2e 75 73 65 72 4c 6f 63 61 74 69 6f 6e 2c 6f 3d 74 2e 52 75 6c 65 53 65 74 2e 66 69 6c 74 65 72 28 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 21 30 3d 3d 3d 74 2e 44 65 66 61 75 6c 74 7d 29 3b 69 66 28 21 61 2e 63 6f 75 6e 74 72 79 26 26 21 61 2e 73 74 61 74 65 29 72 65 74 75 72 6e 20 6f 26 26 30 3c 6f 2e 6c 65 6e 67 74 68 3f 6f 5b 30 5d 3a 6e 75 6c 6c 3b 66 6f 72 28 76 61 72 20 73 3d 61 2e 73 74 61 74 65 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 2c 72 3d 61 2e 63 6f 75 6e 74 72 79 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 2c 75 3d 30 3b 75 3c 74 2e 52 75 6c 65 53 65 74 2e 6c 65 6e 67 74 68 3b 75 2b 2b 29 69 66 28 21 30 3d 3d 3d 74 2e 52 75 6c 65 Data Ascii: gionSet=function(t){var e,i,n,a=p.userLocation,o=t.RuleSet.filter(function(t){return!0===t.Default});if(!a.country&&!a.state)return o&&0<o.length?o[0]:null;for(var s=a.state.toLowerCase(),r=a.country.toLowerCase(),u=0;u<t.RuleSet.length;u++)if(!0===t.Rule
2024-04-23 20:28:21 UTC	1369	IN	Data Raw: 61 73 49 41 42 47 6c 6f 62 61 6c 53 63 6f 70 65 3d 21 31 2c 70 2e 49 41 42 43 6f 6f 6b 69 65 56 61 6c 75 65 3d 74 68 69 73 2e 67 65 74 43 6f 6f 6b 69 65 28 70 2e 6f 6e 65 54 72 75 73 74 49 41 42 43 6f 6f 6b 69 65 4e 61 6d 65 29 29 3a 70 2e 69 73 53 74 75 62 52 65 61 64 79 3d 21 31 7d 2c 68 2e 70 72 6f 74 6f 74 79 70 65 2e 76 61 6c 69 64 61 74 65 49 41 42 47 44 50 52 41 70 70 6c 69 65 64 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 74 3d 74 68 69 73 2e 72 65 61 64 43 6f 6f 6b 69 65 50 61 72 61 6d 28 70 2e 6f 70 74 61 6e 6f 6e 43 6f 6f 6b 69 65 4e 61 6d 65 2c 70 2e 67 65 6f 6c 6f 63 61 74 69 6f 6e 43 6f 6f 6b 69 65 73 50 61 72 61 6d 29 2e 73 70 6c 69 74 28 22 3b 22 29 5b 30 5d 3b 74 3f 74 68 69 73 2e 69 73 42 6f 6f 6c 65 61 6e 28 74 29 3f 70 2e 6f 6e 65 Data Ascii: asIABGlobalScope=!1,p.IABCookieValue=this.getCookie(p.oneTrustIABCookieName)):p.isStubReady=!1},h.prototype.validateIABGDPRApplied=function(){var t=this.readCookieParam(p.optanonCookieName,p.geolocationCookiesParam).split(";")[0];t?this.isBoolean(t)?p.one

Timestamp	Bytes transferred	Direction	Data
2024-04-23 20:28:21 UTC	979	OUT	GET /Osler/js/bower_components/modernizr/modernizr.js HTTP/1.1 Host: www.osler.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.osler.com/en/home Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: CMSPreferredCulture=en-CA; lang=en-ca; ARRAffinity=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ARRAffinitySameSite=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ASLBSA=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASLBSACORS=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASP.NET_SessionId=wxt4gdhqkvddfgmpog4lnvg3
2024-04-23 20:28:21 UTC	389	IN	HTTP/1.1 200 OK Date: Tue, 23 Apr 2024 20:28:21 GMT Content-Type: application/x-javascript Content-Length: 52757 Connection: close ETag: "09e76b69f86da1:0" Last-Modified: Thu, 04 Apr 2024 14:52:28 GMT X-Frame-Options: SAMEORIGIN X-Powered-By: ASP.NET x-azure-ref: 20240423T202821Z-16f56cb894fm2nn6atvm3qhr2s000000013g00000000uwra X-Cache: CONFIG_NOCACHE Accept-Ranges: bytes
2024-04-23 20:28:21 UTC	15891	IN	Data Raw: 2f 2a 21 0d 0a 20 2a 20 4d 6f 64 65 72 6e 69 7a 72 20 76 32 2e 38 2e 33 0d 0a 20 2a 20 77 77 77 2e 6d 6f 64 65 72 6e 69 7a 72 2e 63 6f 6d 0d 0a 20 2a 0d 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 63 29 20 46 61 72 75 6b 20 41 74 65 73 2c 20 50 61 75 6c 20 49 72 69 73 68 2c 20 41 6c 65 78 20 53 65 78 74 6f 6e 0d 0a 20 2a 20 41 76 61 69 6c 61 62 6c 65 20 75 6e 64 65 72 20 74 68 65 20 42 53 44 20 61 6e 64 20 4d 49 54 20 6c 69 63 65 6e 73 65 73 3a 20 77 77 77 2e 6d 6f 64 65 72 6e 69 7a 72 2e 63 6f 6d 2f 6c 69 63 65 6e 73 65 2f 0d 0a 20 2a 2f 0d 0a 0d 0a 2f 2a 0d 0a 20 2a 20 4d 6f 64 65 72 6e 69 7a 72 20 74 65 73 74 73 20 77 68 69 63 68 20 6e 61 74 69 76 65 20 43 53 53 33 20 61 6e 64 20 48 54 4d 4c 35 20 66 65 61 74 75 72 65 73 20 61 72 65 20 61 76 61 69 6c Data Ascii: /! Modernizr v2.8.3 * www.modernizr.com * * Copyright (c) Faruk Ates, Paul Irish, Alex Sexton * Available under the BSD and MIT licenses: www.modernizr.com/license/ // * Modernizr tests which native CSS3 and HTML5 features are avail
2024-04-23 20:28:21 UTC	16384	IN	Data Raw: 72 69 63 6b 79 20 74 6f 20 67 65 74 20 72 69 67 68 74 3a 0d 0a 20 20 20 20 2f 2f 0d 0a 20 20 20 20 2f 2f 20 55 73 69 6e 67 20 21 21 6e 61 76 69 67 61 74 6f 72 2e 67 65 6f 6c 6f 63 61 74 69 6f 6e 20 64 6f 65 73 20 74 77 6f 20 74 68 69 6e 67 73 20 77 65 20 64 6f 6e 27 74 20 77 61 6e 74 2e 20 49 74 3a 0d 0a 20 20 20 20 2f 2f 20 20 20 31 2e 20 4c 65 61 6b 73 20 6d 65 6d 6f 72 79 20 69 6e 20 49 45 39 3a 20 67 69 74 68 75 62 2e 63 6f 6d 2f 4d 6f 64 65 72 6e 69 7a 72 2f 4d 6f 64 65 72 6e 69 7a 72 2f 69 73 73 75 65 73 2f 35 31 33 0d 0a 20 20 20 20 2f 2f 20 20 20 32 2e 20 44 69 73 61 62 6c 65 73 20 70 61 67 65 20 63 61 63 68 69 6e 67 20 69 6e 20 57 65 62 4b 69 74 3a 20 77 65 62 6b 2e 69 74 2f 34 33 39 35 36 0d 0a 20 20 20 20 2f 2f 0d 0a 20 20 20 20 2f 2f 20 4d 65 Data Ascii: ricky to get right: // // Using !!navigator.geolocation does two things we don't want. It: // 1. Leaks memory in IE9: github.com/Modernizr/Modernizr/issues/513 // 2. Disables page caching in WebKit: webk.it/43956 // // Me
2024-04-23 20:28:21 UTC	12288	IN	Data Raw: 61 6c 69 64 2e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 2f 2f 20 49 66 20 74 68 65 20 76 61 6c 75 65 20 64 6f 65 73 6e 27 74 20 73 74 69 63 6b 2c 20 77 65 20 6b 6e 6f 77 20 74 68 65 72 65 27 73 20 69 6e 70 75 74 20 73 61 6e 69 74 69 7a 61 74 69 6f 6e 20 77 68 69 63 68 20 69 6e 66 65 72 73 20 61 20 63 75 73 74 6f 6d 20 55 49 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 69 66 20 28 20 62 6f 6f 6c 20 29 20 7b 0d 0a 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 69 6e 70 75 74 45 6c 65 6d 2e 76 61 6c 75 65 20 20 20 20 20 20 20 20 20 3d 20 73 6d 69 6c 65 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 69 6e 70 75 74 45 6c 65 6d 2e 73 74 79 6c 65 2e 63 73 73 54 65 78 74 20 3d 20 27 70 6f 73 69 74 69 Data Ascii: alid. // If the value doesn't stick, we know there's input sanitization which infers a custom UI if ( bool ) { inputElem.value = smile; inputElem.style.cssText = 'positi
2024-04-23 20:28:21 UTC	4096	IN	Data Raw: 20 2b 20 27 22 29 27 3b 0d 0a 20 20 20 20 20 20 20 20 20 20 7d 29 20 2b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 27 29 3b 72 65 74 75 72 6e 20 6e 7d 27 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 29 28 68 74 6d 6c 35 2c 20 64 61 74 61 2e 66 72 61 67 29 3b 0d 0a 20 20 20 20 20 20 20 20 7d 0d 0a 0d 0a 20 20 20 20 20 20 20 20 2f 2a 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2a 2f 0d 0a 0d 0a 20 20 20 20 20 20 20 20 2f 2a 2a 0d 0a 20 20 20 20 20 20 20 Data Ascii: + '")'; }) + ');return n}' )(html5, data.frag); } /--------------------------------------------------------------------------/ /**
2024-04-23 20:28:21 UTC	4098	IN	Data Raw: 72 6f 70 65 72 74 69 65 73 20 74 6f 20 74 68 65 20 72 65 74 75 72 6e 20 6f 62 6a 65 63 74 20 77 69 74 68 20 70 72 65 66 69 78 0d 0a 20 20 20 20 4d 6f 64 65 72 6e 69 7a 72 2e 5f 76 65 72 73 69 6f 6e 20 20 20 20 20 20 3d 20 76 65 72 73 69 6f 6e 3b 0d 0a 0d 0a 20 20 20 20 2f 2f 20 65 78 70 6f 73 65 20 74 68 65 73 65 20 66 6f 72 20 74 68 65 20 70 6c 75 67 69 6e 20 41 50 49 2e 20 4c 6f 6f 6b 20 69 6e 20 74 68 65 20 73 6f 75 72 63 65 20 66 6f 72 20 68 6f 77 20 74 6f 20 6a 6f 69 6e 28 29 20 74 68 65 6d 20 61 67 61 69 6e 73 74 20 79 6f 75 72 20 69 6e 70 75 74 0d 0a 20 20 20 20 2f 2a 3e 3e 70 72 65 66 69 78 65 73 2a 2f 0d 0a 20 20 20 20 4d 6f 64 65 72 6e 69 7a 72 2e 5f 70 72 65 66 69 78 65 73 20 20 20 20 20 3d 20 70 72 65 66 69 78 65 73 3b 0d 0a 20 20 20 20 2f 2a Data Ascii: roperties to the return object with prefix Modernizr._version = version; // expose these for the plugin API. Look in the source for how to join() them against your input />>prefixes/ Modernizr._prefixes = prefixes; /*

Timestamp	Bytes transferred	Direction	Data
2024-04-23 20:28:21 UTC	1057	OUT	GET /WebResource.axd?d=pynGkmcFUV13He1Qd6_TZMakmllNIbNVJUHTDPpvzmJhtQwH6GTOa46RoBltd7k6KymeJGxkWxehYM52nU-nmQ2&t=638399175142847209 HTTP/1.1 Host: www.osler.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.osler.com/en/home Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: CMSPreferredCulture=en-CA; lang=en-ca; ARRAffinity=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ARRAffinitySameSite=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ASLBSA=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASLBSACORS=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASP.NET_SessionId=wxt4gdhqkvddfgmpog4lnvg3
2024-04-23 20:28:21 UTC	455	IN	HTTP/1.1 200 OK Date: Tue, 23 Apr 2024 20:28:21 GMT Content-Type: application/x-javascript Content-Length: 23063 Connection: close Cache-Control: public Expires: Wed, 23 Apr 2025 20:26:38 GMT Last-Modified: Thu, 04 Jan 2024 03:25:14 GMT X-Frame-Options: SAMEORIGIN X-AspNet-Version: 4.0.30319 X-Powered-By: ASP.NET x-azure-ref: 20240423T202821Z-16f7b4795d45gcwcnfmc7gcw3g00000002kg0000000077zu X-Cache: CONFIG_NOCACHE Accept-Ranges: bytes
2024-04-23 20:28:21 UTC	15818	IN	Data Raw: 66 75 6e 63 74 69 6f 6e 20 57 65 62 46 6f 72 6d 5f 50 6f 73 74 42 61 63 6b 4f 70 74 69 6f 6e 73 28 65 76 65 6e 74 54 61 72 67 65 74 2c 20 65 76 65 6e 74 41 72 67 75 6d 65 6e 74 2c 20 76 61 6c 69 64 61 74 69 6f 6e 2c 20 76 61 6c 69 64 61 74 69 6f 6e 47 72 6f 75 70 2c 20 61 63 74 69 6f 6e 55 72 6c 2c 20 74 72 61 63 6b 46 6f 63 75 73 2c 20 63 6c 69 65 6e 74 53 75 62 6d 69 74 29 20 7b 0d 0a 20 20 20 20 74 68 69 73 2e 65 76 65 6e 74 54 61 72 67 65 74 20 3d 20 65 76 65 6e 74 54 61 72 67 65 74 3b 0d 0a 20 20 20 20 74 68 69 73 2e 65 76 65 6e 74 41 72 67 75 6d 65 6e 74 20 3d 20 65 76 65 6e 74 41 72 67 75 6d 65 6e 74 3b 0d 0a 20 20 20 20 74 68 69 73 2e 76 61 6c 69 64 61 74 69 6f 6e 20 3d 20 76 61 6c 69 64 61 74 69 6f 6e 3b 0d 0a 20 20 20 20 74 68 69 73 2e 76 61 6c Data Ascii: function WebForm_PostBackOptions(eventTarget, eventArgument, validation, validationGroup, actionUrl, trackFocus, clientSubmit) { this.eventTarget = eventTarget; this.eventArgument = eventArgument; this.validation = validation; this.val
2024-04-23 20:28:21 UTC	7245	IN	Data Raw: 20 69 66 20 28 64 65 66 61 75 6c 74 42 75 74 74 6f 6e 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 72 65 74 75 72 6e 20 57 65 62 46 6f 72 6d 5f 53 69 6d 75 6c 61 74 65 43 6c 69 63 6b 28 64 65 66 61 75 6c 74 42 75 74 74 6f 6e 2c 20 65 76 65 6e 74 29 3b 0d 0a 20 20 20 20 20 20 20 20 7d 20 0d 0a 20 20 20 20 7d 0d 0a 20 20 20 20 72 65 74 75 72 6e 20 74 72 75 65 3b 0d 0a 7d 0d 0a 66 75 6e 63 74 69 6f 6e 20 57 65 62 46 6f 72 6d 5f 47 65 74 53 63 72 6f 6c 6c 58 28 29 20 7b 0d 0a 20 20 20 20 69 66 20 28 5f 5f 6e 6f 6e 4d 53 44 4f 4d 42 72 6f 77 73 65 72 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 72 65 74 75 72 6e 20 77 69 6e 64 6f 77 2e 70 61 67 65 58 4f 66 66 73 65 74 3b 0d 0a 20 20 20 20 7d 0d 0a 20 20 20 20 65 6c 73 65 20 7b 0d 0a 20 20 20 20 20 20 20 20 69 Data Ascii: if (defaultButton) { return WebForm_SimulateClick(defaultButton, event); } } return true;}function WebForm_GetScrollX() { if (__nonMSDOMBrowser) { return window.pageXOffset; } else { i

Timestamp	Bytes transferred	Direction	Data
2024-04-23 20:28:21 UTC	1004	OUT	GET /CMSPages/GetResource.ashx?scriptfile=%7e%2fCMSScripts%2fWebServiceCall.js HTTP/1.1 Host: www.osler.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.osler.com/en/home Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: CMSPreferredCulture=en-CA; lang=en-ca; ARRAffinity=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ARRAffinitySameSite=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ASLBSA=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASLBSACORS=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASP.NET_SessionId=wxt4gdhqkvddfgmpog4lnvg3
2024-04-23 20:28:21 UTC	551	IN	HTTP/1.1 200 OK Date: Tue, 23 Apr 2024 20:28:21 GMT Content-Type: application/x-javascript Content-Length: 326 Connection: close Cache-Control: public ETag: "file\|4/4/2024 10:52:28 AM" Expires: Tue, 30 Apr 2024 20:28:21 GMT Last-Modified: Thu, 04 Apr 2024 14:52:28 GMT X-Frame-Options: SAMEORIGIN X-AspNet-Version: 4.0.30319 X-Powered-By: ASP.NET Content-Disposition: attachment; filename="WebServiceCall.js" x-azure-ref: 20240423T202821Z-16f56cb894fsrrwtv9xx2sy9ns000000014g00000000k0dh X-Cache: CONFIG_NOCACHE Accept-Ranges: bytes
2024-04-23 20:28:21 UTC	326	IN	Data Raw: 76 61 72 20 57 65 62 53 65 72 76 69 63 65 43 61 6c 6c 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 66 75 6e 63 74 69 6f 6e 20 6e 28 29 7b 74 72 79 7b 72 65 74 75 72 6e 20 6e 65 77 20 58 4d 4c 48 74 74 70 52 65 71 75 65 73 74 7d 63 61 74 63 68 28 6e 29 7b 7d 74 72 79 7b 72 65 74 75 72 6e 20 6e 65 77 20 41 63 74 69 76 65 58 4f 62 6a 65 63 74 28 22 4d 73 78 6d 6c 32 2e 58 4d 4c 48 54 54 50 22 29 7d 63 61 74 63 68 28 74 29 7b 7d 72 65 74 75 72 6e 20 6e 75 6c 6c 7d 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 74 2c 69 2c 72 29 7b 76 61 72 20 75 3d 6e 28 29 3b 75 2e 6f 70 65 6e 28 22 50 4f 53 54 22 2c 74 2b 22 2f 22 2b 69 2c 21 30 29 3b 75 2e 73 65 74 52 65 71 75 65 73 74 48 65 61 64 65 72 28 22 43 6f 6e 74 65 6e 74 2d 74 79 70 65 22 2c 22 61 70 70 6c 69 63 61 74 69 Data Ascii: var WebServiceCall=function(){function n(){try{return new XMLHttpRequest}catch(n){}try{return new ActiveXObject("Msxml2.XMLHTTP")}catch(t){}return null}return function(t,i,r){var u=n();u.open("POST",t+"/"+i,!0);u.setRequestHeader("Content-type","applicati

Timestamp	Bytes transferred	Direction	Data
2024-04-23 20:28:21 UTC	627	OUT	GET /consent/25c02da3-4d83-47e6-b080-f533c2d99f75/25c02da3-4d83-47e6-b080-f533c2d99f75.json HTTP/1.1 Host: cdn.cookielaw.org Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Origin: https://www.osler.com Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://www.osler.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-23 20:28:21 UTC	901	IN	HTTP/1.1 200 OK Date: Tue, 23 Apr 2024 20:28:21 GMT Content-Type: application/x-javascript Transfer-Encoding: chunked Connection: close CF-Ray: 8790997bdf85138b-ATL CF-Cache-Status: HIT Access-Control-Allow-Origin: * Age: 1929 Cache-Control: public, max-age=86400 Expires: Wed, 24 Apr 2024 20:28:21 GMT Last-Modified: Tue, 19 Sep 2023 09:22:10 GMT Strict-Transport-Security: max-age=31536000; includeSubDomains; preload Vary: Accept-Encoding Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding Content-MD5: ug7sJEH2YU+R6vsUNeAhQQ== X-Content-Type-Options: nosniff x-ms-blob-type: BlockBlob x-ms-lease-status: unlocked x-ms-request-id: 72fd054d-201e-0091-059e-0b5c31000000 x-ms-version: 2009-09-19 Server: cloudflare
2024-04-23 20:28:21 UTC	468	IN	Data Raw: 31 30 32 30 0d 0a 7b 22 43 6f 6f 6b 69 65 53 50 41 45 6e 61 62 6c 65 64 22 3a 66 61 6c 73 65 2c 22 43 6f 6f 6b 69 65 53 61 6d 65 53 69 74 65 4e 6f 6e 65 45 6e 61 62 6c 65 64 22 3a 66 61 6c 73 65 2c 22 43 6f 6f 6b 69 65 56 32 43 53 50 45 6e 61 62 6c 65 64 22 3a 66 61 6c 73 65 2c 22 4d 75 6c 74 69 56 61 72 69 61 6e 74 54 65 73 74 69 6e 67 45 6e 61 62 6c 65 64 22 3a 66 61 6c 73 65 2c 22 55 73 65 56 32 22 3a 74 72 75 65 2c 22 4d 6f 62 69 6c 65 53 44 4b 22 3a 66 61 6c 73 65 2c 22 53 6b 69 70 47 65 6f 6c 6f 63 61 74 69 6f 6e 22 3a 66 61 6c 73 65 2c 22 53 63 72 69 70 74 54 79 70 65 22 3a 22 50 52 4f 44 55 43 54 49 4f 4e 22 2c 22 56 65 72 73 69 6f 6e 22 3a 22 32 30 32 33 30 38 2e 31 2e 30 22 2c 22 4f 70 74 61 6e 6f 6e 44 61 74 61 4a 53 4f 4e 22 3a 22 32 35 63 30 Data Ascii: 1020{"CookieSPAEnabled":false,"CookieSameSiteNoneEnabled":false,"CookieV2CSPEnabled":false,"MultiVariantTestingEnabled":false,"UseV2":true,"MobileSDK":false,"SkipGeolocation":false,"ScriptType":"PRODUCTION","Version":"202308.1.0","OptanonDataJSON":"25c0
2024-04-23 20:28:21 UTC	1369	IN	Data Raw: 22 3a 5b 7b 22 49 64 22 3a 22 62 31 62 63 36 36 39 63 2d 34 61 35 39 2d 34 34 38 63 2d 38 64 66 64 2d 62 36 36 65 35 33 65 30 34 66 34 64 22 2c 22 4e 61 6d 65 22 3a 22 51 75 65 62 65 63 22 2c 22 43 6f 75 6e 74 72 69 65 73 22 3a 5b 5d 2c 22 53 74 61 74 65 73 22 3a 7b 22 63 61 22 3a 5b 22 71 63 22 5d 7d 2c 22 4c 61 6e 67 75 61 67 65 53 77 69 74 63 68 65 72 50 6c 61 63 65 68 6f 6c 64 65 72 22 3a 7b 22 64 65 66 61 75 6c 74 22 3a 22 65 6e 22 2c 22 66 72 22 3a 22 66 72 22 7d 2c 22 42 61 6e 6e 65 72 50 75 73 68 65 73 44 6f 77 6e 22 3a 66 61 6c 73 65 2c 22 44 65 66 61 75 6c 74 22 3a 66 61 6c 73 65 2c 22 47 6c 6f 62 61 6c 22 3a 66 61 6c 73 65 2c 22 54 79 70 65 22 3a 22 47 45 4e 45 52 49 43 22 2c 22 55 73 65 47 6f 6f 67 6c 65 56 65 6e 64 6f 72 73 22 3a 66 61 6c 73 Data Ascii: ":[{"Id":"b1bc669c-4a59-448c-8dfd-b66e53e04f4d","Name":"Quebec","Countries":[],"States":{"ca":["qc"]},"LanguageSwitcherPlaceholder":{"default":"en","fr":"fr"},"BannerPushesDown":false,"Default":false,"Global":false,"Type":"GENERIC","UseGoogleVendors":fals
2024-04-23 20:28:21 UTC	1369	IN	Data Raw: 22 2c 22 6c 73 22 2c 22 6c 79 22 2c 22 6d 61 22 2c 22 6d 64 22 2c 22 6d 65 22 2c 22 6d 67 22 2c 22 6d 68 22 2c 22 6d 6b 22 2c 22 6d 6c 22 2c 22 6d 6d 22 2c 22 6d 6e 22 2c 22 6d 6f 22 2c 22 6d 70 22 2c 22 6d 72 22 2c 22 6d 73 22 2c 22 6d 75 22 2c 22 6d 76 22 2c 22 6d 77 22 2c 22 6d 78 22 2c 22 6d 79 22 2c 22 6d 7a 22 2c 22 6e 61 22 2c 22 6e 63 22 2c 22 6e 65 22 2c 22 6e 66 22 2c 22 6e 67 22 2c 22 6e 69 22 2c 22 6e 70 22 2c 22 6e 72 22 2c 22 6e 75 22 2c 22 6e 7a 22 2c 22 6f 6d 22 2c 22 70 61 22 2c 22 70 65 22 2c 22 70 66 22 2c 22 70 67 22 2c 22 70 68 22 2c 22 70 6b 22 2c 22 70 6d 22 2c 22 70 6e 22 5d 2c 22 53 74 61 74 65 73 22 3a 7b 7d 2c 22 4c 61 6e 67 75 61 67 65 53 77 69 74 63 68 65 72 50 6c 61 63 65 68 6f 6c 64 65 72 22 3a 7b 22 64 65 66 61 75 6c 74 22 Data Ascii: ","ls","ly","ma","md","me","mg","mh","mk","ml","mm","mn","mo","mp","mr","ms","mu","mv","mw","mx","my","mz","na","nc","ne","nf","ng","ni","np","nr","nu","nz","om","pa","pe","pf","pg","ph","pk","pm","pn"],"States":{},"LanguageSwitcherPlaceholder":{"default"
2024-04-23 20:28:21 UTC	930	IN	Data Raw: 75 61 67 65 22 3a 6e 75 6c 6c 2c 22 76 65 6e 64 6f 72 4c 69 73 74 56 65 72 73 69 6f 6e 22 3a 30 2c 22 6d 61 78 56 65 6e 64 6f 72 49 64 22 3a 30 2c 22 65 6e 63 6f 64 69 6e 67 54 79 70 65 22 3a 22 30 22 2c 22 67 6c 6f 62 61 6c 56 65 6e 64 6f 72 4c 69 73 74 55 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 63 64 6e 2e 63 6f 6f 6b 69 65 6c 61 77 2e 6f 72 67 2f 76 65 6e 64 6f 72 6c 69 73 74 2f 69 61 62 32 56 32 44 61 74 61 2e 6a 73 6f 6e 22 7d 2c 22 47 6f 6f 67 6c 65 44 61 74 61 22 3a 7b 22 76 65 6e 64 6f 72 4c 69 73 74 56 65 72 73 69 6f 6e 22 3a 31 2c 22 67 6f 6f 67 6c 65 56 65 6e 64 6f 72 4c 69 73 74 55 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 63 64 6e 2e 63 6f 6f 6b 69 65 6c 61 77 2e 6f 72 67 2f 76 65 6e 64 6f 72 6c 69 73 74 2f 67 6f 6f 67 6c 65 44 61 74 61 2e 6a 73 Data Ascii: uage":null,"vendorListVersion":0,"maxVendorId":0,"encodingType":"0","globalVendorListUrl":"https://cdn.cookielaw.org/vendorlist/iab2V2Data.json"},"GoogleData":{"vendorListVersion":1,"googleVendorListUrl":"https://cdn.cookielaw.org/vendorlist/googleData.js
2024-04-23 20:28:21 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report https://na2.docusign.net/Member/EmailStart.aspx?a=a80ac213-4c4b-4d94-8447-7b8ec8afda1c&r=2c2e6bab-d126-49a4-9fae-66272ce3bf00

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Signatures

Sigma Signatures

Snort Signatures

Joe Sandbox Signatures

Compliance

Networking

System Summary

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Simulations

Behavior and APIs

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

Chrome Cache Entry: 177

Chrome Cache Entry: 178

Chrome Cache Entry: 179

Chrome Cache Entry: 180

Chrome Cache Entry: 181

Chrome Cache Entry: 182

Chrome Cache Entry: 183

Chrome Cache Entry: 184

Chrome Cache Entry: 185

Chrome Cache Entry: 186

Chrome Cache Entry: 187

Chrome Cache Entry: 188

Chrome Cache Entry: 189

Chrome Cache Entry: 190

Chrome Cache Entry: 191

Chrome Cache Entry: 192

Chrome Cache Entry: 193

Chrome Cache Entry: 194

Chrome Cache Entry: 195

Chrome Cache Entry: 196

Chrome Cache Entry: 197

Chrome Cache Entry: 198

Chrome Cache Entry: 199

Chrome Cache Entry: 200

Chrome Cache Entry: 201

Chrome Cache Entry: 202

Chrome Cache Entry: 203

Chrome Cache Entry: 204

Chrome Cache Entry: 205

Chrome Cache Entry: 206

Windows Analysis Report
https://na2.docusign.net/Member/EmailStart.aspx?a=a80ac213-4c4b-4d94-8447-7b8ec8afda1c&r=2c2e6bab-d126-49a4-9fae-66272ce3bf00

Timestamp	Bytes transferred	Direction	Data
2024-04-23 20:28:21 UTC	1135	OUT	GET /ScriptResource.axd?d=uHIkleVeDJf4xS50Krz-yND2uNShhTUBAP5n7Xu_4VEl-p2v7XApT3Wzf25zNj8jfHNT4wEsGAA2Kw1gCxln6iOKKZKXd_VfM8hBCSVnU9G4mkKk8MEcUDtNc08T0CzJigFOUXvGgrseIpqSzLM-sUZdqwGIcIt8aEKbHu1vqV81&t=722fe453 HTTP/1.1 Host: www.osler.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.osler.com/en/home Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: CMSPreferredCulture=en-CA; lang=en-ca; ARRAffinity=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ARRAffinitySameSite=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ASLBSA=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASLBSACORS=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASP.NET_SessionId=wxt4gdhqkvddfgmpog4lnvg3
2024-04-23 20:28:22 UTC	471	IN	HTTP/1.1 200 OK Date: Tue, 23 Apr 2024 20:28:22 GMT Content-Type: application/x-javascript; charset=utf-8 Content-Length: 102801 Connection: close Cache-Control: public Expires: Wed, 23 Apr 2025 20:28:22 GMT Last-Modified: Tue, 23 Apr 2024 20:28:22 GMT X-Frame-Options: SAMEORIGIN X-AspNet-Version: 4.0.30319 X-Powered-By: ASP.NET x-azure-ref: 20240423T202821Z-16f56cb894f4g6rbudmdpega90000000016g00000000dafb X-Cache: CONFIG_NOCACHE Accept-Ranges: bytes
2024-04-23 20:28:22 UTC	3525	IN	Data Raw: 2f 2f 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 0d 0a 2f 2f 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 2e 20 41 6c 6c 20 72 69 67 68 74 73 20 72 65 73 65 72 76 65 64 2e 0d 0a 2f 2f 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 0d 0a 2f 2f 20 4d 69 63 72 6f 73 6f 66 74 41 6a 61 78 2e 6a 73 0d 0a 46 75 6e 63 74 69 6f 6e 2e 5f 5f 74 79 70 65 4e 61 6d 65 3d 22 46 75 6e 63 74 69 6f 6e 22 3b 46 75 6e 63 74 69 6f 6e 2e 5f 5f 63 6c 61 73 73 3d Data Ascii: //----------------------------------------------------------// Copyright (C) Microsoft Corporation. All rights reserved.//----------------------------------------------------------// MicrosoftAjax.jsFunction.__typeName="Function";Function.__class=
2024-04-23 20:28:22 UTC	12288	IN	Data Raw: 63 2c 61 2c 64 29 7b 76 61 72 20 62 3d 22 53 79 73 2e 41 72 67 75 6d 65 6e 74 4f 75 74 4f 66 52 61 6e 67 65 45 78 63 65 70 74 69 6f 6e 3a 20 22 2b 28 64 3f 64 3a 53 79 73 2e 52 65 73 2e 61 72 67 75 6d 65 6e 74 4f 75 74 4f 66 52 61 6e 67 65 29 3b 69 66 28 63 29 62 2b 3d 22 5c 6e 22 2b 53 74 72 69 6e 67 2e 66 6f 72 6d 61 74 28 53 79 73 2e 52 65 73 2e 70 61 72 61 6d 4e 61 6d 65 2c 63 29 3b 69 66 28 74 79 70 65 6f 66 20 61 21 3d 3d 22 75 6e 64 65 66 69 6e 65 64 22 26 26 61 21 3d 3d 6e 75 6c 6c 29 62 2b 3d 22 5c 6e 22 2b 53 74 72 69 6e 67 2e 66 6f 72 6d 61 74 28 53 79 73 2e 52 65 73 2e 61 63 74 75 61 6c 56 61 6c 75 65 2c 61 29 3b 76 61 72 20 65 3d 45 72 72 6f 72 2e 63 72 65 61 74 65 28 62 2c 7b 6e 61 6d 65 3a 22 53 79 73 2e 41 72 67 75 6d 65 6e 74 4f 75 74 4f Data Ascii: c,a,d){var b="Sys.ArgumentOutOfRangeException: "+(d?d:Sys.Res.argumentOutOfRange);if(c)b+="\n"+String.format(Sys.Res.paramName,c);if(typeof a!=="undefined"&&a!==null)b+="\n"+String.format(Sys.Res.actualValue,a);var e=Error.create(b,{name:"Sys.ArgumentOutO
2024-04-23 20:28:22 UTC	8192	IN	Data Raw: 70 72 6f 74 6f 74 79 70 65 3d 7b 5f 61 70 70 65 6e 64 43 6f 6e 73 6f 6c 65 3a 66 75 6e 63 74 69 6f 6e 28 61 29 7b 69 66 28 74 79 70 65 6f 66 20 44 65 62 75 67 21 3d 3d 22 75 6e 64 65 66 69 6e 65 64 22 26 26 44 65 62 75 67 2e 77 72 69 74 65 6c 6e 29 44 65 62 75 67 2e 77 72 69 74 65 6c 6e 28 61 29 3b 69 66 28 77 69 6e 64 6f 77 2e 63 6f 6e 73 6f 6c 65 26 26 77 69 6e 64 6f 77 2e 63 6f 6e 73 6f 6c 65 2e 6c 6f 67 29 77 69 6e 64 6f 77 2e 63 6f 6e 73 6f 6c 65 2e 6c 6f 67 28 61 29 3b 69 66 28 77 69 6e 64 6f 77 2e 6f 70 65 72 61 29 77 69 6e 64 6f 77 2e 6f 70 65 72 61 2e 70 6f 73 74 45 72 72 6f 72 28 61 29 3b 69 66 28 77 69 6e 64 6f 77 2e 64 65 62 75 67 53 65 72 76 69 63 65 29 77 69 6e 64 6f 77 2e 64 65 62 75 67 53 65 72 76 69 63 65 2e 74 72 61 63 65 28 61 29 7d 2c Data Ascii: prototype={_appendConsole:function(a){if(typeof Debug!=="undefined"&&Debug.writeln)Debug.writeln(a);if(window.console&&window.console.log)window.console.log(a);if(window.opera)window.opera.postError(a);if(window.debugService)window.debugService.trace(a)},
2024-04-23 20:28:22 UTC	16384	IN	Data Raw: 28 61 3e 2d 31 26 26 61 3c 62 2e 6c 65 6e 67 74 68 29 7b 76 61 72 20 63 3d 62 5b 61 5d 3b 41 72 72 61 79 2e 72 65 6d 6f 76 65 41 74 28 62 2c 61 29 3b 53 79 73 2e 4f 62 73 65 72 76 65 72 2e 5f 63 6f 6c 6c 65 63 74 69 6f 6e 43 68 61 6e 67 65 28 62 2c 6e 65 77 20 53 79 73 2e 43 6f 6c 6c 65 63 74 69 6f 6e 43 68 61 6e 67 65 28 53 79 73 2e 4e 6f 74 69 66 79 43 6f 6c 6c 65 63 74 69 6f 6e 43 68 61 6e 67 65 64 41 63 74 69 6f 6e 2e 72 65 6d 6f 76 65 2c 6e 75 6c 6c 2c 2d 31 2c 5b 63 5d 2c 61 29 29 7d 7d 3b 53 79 73 2e 4f 62 73 65 72 76 65 72 2e 72 61 69 73 65 43 6f 6c 6c 65 63 74 69 6f 6e 43 68 61 6e 67 65 64 3d 66 75 6e 63 74 69 6f 6e 28 62 2c 61 29 7b 53 79 73 2e 4f 62 73 65 72 76 65 72 2e 72 61 69 73 65 45 76 65 6e 74 28 62 2c 22 63 6f 6c 6c 65 63 74 69 6f 6e 43 Data Ascii: (a>-1&&a<b.length){var c=b[a];Array.removeAt(b,a);Sys.Observer._collectionChange(b,new Sys.CollectionChange(Sys.NotifyCollectionChangedAction.remove,null,-1,[c],a))}};Sys.Observer.raiseCollectionChanged=function(b,a){Sys.Observer.raiseEvent(b,"collectionC
2024-04-23 20:28:22 UTC	8192	IN	Data Raw: 72 65 74 75 72 6e 20 41 72 72 61 79 2e 69 6e 64 65 78 4f 66 28 74 68 69 73 2e 5f 75 70 70 65 72 41 62 62 72 44 61 79 73 2c 74 68 69 73 2e 5f 74 6f 55 70 70 65 72 28 61 29 29 7d 2c 5f 74 6f 55 70 70 65 72 41 72 72 61 79 3a 66 75 6e 63 74 69 6f 6e 28 63 29 7b 76 61 72 20 62 3d 5b 5d 3b 66 6f 72 28 76 61 72 20 61 3d 30 2c 64 3d 63 2e 6c 65 6e 67 74 68 3b 61 3c 64 3b 61 2b 2b 29 62 5b 61 5d 3d 74 68 69 73 2e 5f 74 6f 55 70 70 65 72 28 63 5b 61 5d 29 3b 72 65 74 75 72 6e 20 62 7d 2c 5f 74 6f 55 70 70 65 72 3a 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 61 2e 73 70 6c 69 74 28 22 5c 75 30 30 61 30 22 29 2e 6a 6f 69 6e 28 22 20 22 29 2e 74 6f 55 70 70 65 72 43 61 73 65 28 29 7d 7d 3b 53 79 73 2e 43 75 6c 74 75 72 65 49 6e 66 6f 2e 72 65 67 69 73 74 Data Ascii: return Array.indexOf(this._upperAbbrDays,this._toUpper(a))},_toUpperArray:function(c){var b=[];for(var a=0,d=c.length;a<d;a++)b[a]=this._toUpper(c[a]);return b},_toUpper:function(a){return a.split("\u00a0").join(" ").toUpperCase()}};Sys.CultureInfo.regist
2024-04-23 20:28:22 UTC	8192	IN	Data Raw: 46 69 72 65 46 6f 78 29 61 3d 61 2e 73 70 6c 69 74 28 62 29 2e 6a 6f 69 6e 28 53 79 73 2e 53 65 72 69 61 6c 69 7a 61 74 69 6f 6e 2e 4a 61 76 61 53 63 72 69 70 74 53 65 72 69 61 6c 69 7a 65 72 2e 5f 65 73 63 61 70 65 43 68 61 72 73 5b 62 5d 29 3b 65 6c 73 65 20 61 3d 61 2e 72 65 70 6c 61 63 65 28 53 79 73 2e 53 65 72 69 61 6c 69 7a 61 74 69 6f 6e 2e 4a 61 76 61 53 63 72 69 70 74 53 65 72 69 61 6c 69 7a 65 72 2e 5f 63 68 61 72 73 54 6f 45 73 63 61 70 65 52 65 67 45 78 73 5b 62 5d 2c 53 79 73 2e 53 65 72 69 61 6c 69 7a 61 74 69 6f 6e 2e 4a 61 76 61 53 63 72 69 70 74 53 65 72 69 61 6c 69 7a 65 72 2e 5f 65 73 63 61 70 65 43 68 61 72 73 5b 62 5d 29 7d 7d 63 2e 61 70 70 65 6e 64 28 61 29 3b 63 2e 61 70 70 65 6e 64 28 27 22 27 29 7d 3b 53 79 73 2e 53 65 72 69 61 Data Ascii: FireFox)a=a.split(b).join(Sys.Serialization.JavaScriptSerializer._escapeChars[b]);else a=a.replace(Sys.Serialization.JavaScriptSerializer._charsToEscapeRegExs[b],Sys.Serialization.JavaScriptSerializer._escapeChars[b])}}c.append(a);c.append('"')};Sys.Seria
2024-04-23 20:28:22 UTC	16384	IN	Data Raw: 61 2e 6f 66 66 73 65 74 58 3b 74 68 69 73 2e 6f 66 66 73 65 74 59 3d 61 2e 6f 66 66 73 65 74 59 7d 65 6c 73 65 20 69 66 28 74 68 69 73 2e 74 61 72 67 65 74 26 26 74 68 69 73 2e 74 61 72 67 65 74 2e 6e 6f 64 65 54 79 70 65 21 3d 3d 33 26 26 74 79 70 65 6f 66 20 61 2e 63 6c 69 65 6e 74 58 3d 3d 3d 22 6e 75 6d 62 65 72 22 29 7b 76 61 72 20 63 3d 53 79 73 2e 55 49 2e 44 6f 6d 45 6c 65 6d 65 6e 74 2e 67 65 74 4c 6f 63 61 74 69 6f 6e 28 74 68 69 73 2e 74 61 72 67 65 74 29 2c 64 3d 53 79 73 2e 55 49 2e 44 6f 6d 45 6c 65 6d 65 6e 74 2e 5f 67 65 74 57 69 6e 64 6f 77 28 74 68 69 73 2e 74 61 72 67 65 74 29 3b 74 68 69 73 2e 6f 66 66 73 65 74 58 3d 28 64 2e 70 61 67 65 58 4f 66 66 73 65 74 7c 7c 30 29 2b 61 2e 63 6c 69 65 6e 74 58 2d 63 2e 78 3b 74 68 69 73 2e 6f 66 Data Ascii: a.offsetX;this.offsetY=a.offsetY}else if(this.target&&this.target.nodeType!==3&&typeof a.clientX==="number"){var c=Sys.UI.DomElement.getLocation(this.target),d=Sys.UI.DomElement._getWindow(this.target);this.offsetX=(d.pageXOffset\|\|0)+a.clientX-c.x;this.of
2024-04-23 20:28:22 UTC	16384	IN	Data Raw: 75 6e 63 74 69 6f 6e 28 29 7b 69 66 28 74 68 69 73 2e 5f 6e 61 6d 65 29 72 65 74 75 72 6e 20 74 68 69 73 2e 5f 6e 61 6d 65 3b 76 61 72 20 61 3d 4f 62 6a 65 63 74 2e 67 65 74 54 79 70 65 4e 61 6d 65 28 74 68 69 73 29 2c 62 3d 61 2e 6c 61 73 74 49 6e 64 65 78 4f 66 28 22 2e 22 29 3b 69 66 28 62 21 3d 3d 2d 31 29 61 3d 61 2e 73 75 62 73 74 72 28 62 2b 31 29 3b 69 66 28 21 74 68 69 73 2e 67 65 74 5f 69 73 49 6e 69 74 69 61 6c 69 7a 65 64 28 29 29 74 68 69 73 2e 5f 6e 61 6d 65 3d 61 3b 72 65 74 75 72 6e 20 61 7d 2c 73 65 74 5f 6e 61 6d 65 3a 66 75 6e 63 74 69 6f 6e 28 61 29 7b 74 68 69 73 2e 5f 6e 61 6d 65 3d 61 7d 2c 69 6e 69 74 69 61 6c 69 7a 65 3a 66 75 6e 63 74 69 6f 6e 28 29 7b 53 79 73 2e 55 49 2e 42 65 68 61 76 69 6f 72 2e 63 61 6c 6c 42 61 73 65 4d 65 Data Ascii: unction(){if(this._name)return this._name;var a=Object.getTypeName(this),b=a.lastIndexOf(".");if(b!==-1)a=a.substr(b+1);if(!this.get_isInitialized())this._name=a;return a},set_name:function(a){this._name=a},initialize:function(){Sys.UI.Behavior.callBaseMe
2024-04-23 20:28:22 UTC	13260	IN	Data Raw: 61 6c 6c 65 64 3d 66 61 6c 73 65 3b 74 68 69 73 2e 5f 74 69 6d 65 6f 75 74 3d 30 7d 3b 53 79 73 2e 4e 65 74 2e 57 65 62 52 65 71 75 65 73 74 2e 70 72 6f 74 6f 74 79 70 65 3d 7b 61 64 64 5f 63 6f 6d 70 6c 65 74 65 64 3a 66 75 6e 63 74 69 6f 6e 28 61 29 7b 74 68 69 73 2e 5f 67 65 74 5f 65 76 65 6e 74 48 61 6e 64 6c 65 72 4c 69 73 74 28 29 2e 61 64 64 48 61 6e 64 6c 65 72 28 22 63 6f 6d 70 6c 65 74 65 64 22 2c 61 29 7d 2c 72 65 6d 6f 76 65 5f 63 6f 6d 70 6c 65 74 65 64 3a 66 75 6e 63 74 69 6f 6e 28 61 29 7b 74 68 69 73 2e 5f 67 65 74 5f 65 76 65 6e 74 48 61 6e 64 6c 65 72 4c 69 73 74 28 29 2e 72 65 6d 6f 76 65 48 61 6e 64 6c 65 72 28 22 63 6f 6d 70 6c 65 74 65 64 22 2c 61 29 7d 2c 63 6f 6d 70 6c 65 74 65 64 3a 66 75 6e 63 74 69 6f 6e 28 62 29 7b 76 61 72 20 Data Ascii: alled=false;this._timeout=0};Sys.Net.WebRequest.prototype={add_completed:function(a){this._get_eventHandlerList().addHandler("completed",a)},remove_completed:function(a){this._get_eventHandlerList().removeHandler("completed",a)},completed:function(b){var

Timestamp	Bytes transferred	Direction	Data
2024-04-23 20:28:21 UTC	1135	OUT	GET /ScriptResource.axd?d=Jw6tUGWnA15YEa3ai3FadJaKr3VMEUCzTcVUg3yR_61yWBgJoleXt-5Wzlb_DbMqUsLvg1hc9B9Cbq075jVgMxR2b_4e3El0QfSbhYiSO0Zck-SkUtK5a0ahJ4I80fD0ivUmZ29GXEQmkrFUXLiggKgpiZLo68rZ0QbCQ6QY_s81&t=722fe453 HTTP/1.1 Host: www.osler.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.osler.com/en/home Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: CMSPreferredCulture=en-CA; lang=en-ca; ARRAffinity=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ARRAffinitySameSite=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ASLBSA=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASLBSACORS=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASP.NET_SessionId=wxt4gdhqkvddfgmpog4lnvg3
2024-04-23 20:28:22 UTC	470	IN	HTTP/1.1 200 OK Date: Tue, 23 Apr 2024 20:28:22 GMT Content-Type: application/x-javascript; charset=utf-8 Content-Length: 40326 Connection: close Cache-Control: public Expires: Wed, 23 Apr 2025 20:28:22 GMT Last-Modified: Tue, 23 Apr 2024 20:28:22 GMT X-Frame-Options: SAMEORIGIN X-AspNet-Version: 4.0.30319 X-Powered-By: ASP.NET x-azure-ref: 20240423T202821Z-16f56cb894fsdl45k3m180w6b0000000018000000000afnr X-Cache: CONFIG_NOCACHE Accept-Ranges: bytes
2024-04-23 20:28:22 UTC	13530	IN	Data Raw: 2f 2f 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 0d 0a 2f 2f 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 2e 20 41 6c 6c 20 72 69 67 68 74 73 20 72 65 73 65 72 76 65 64 2e 0d 0a 2f 2f 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 0d 0a 2f 2f 20 4d 69 63 72 6f 73 6f 66 74 41 6a 61 78 57 65 62 46 6f 72 6d 73 2e 6a 73 0d 0a 54 79 70 65 2e 5f 72 65 67 69 73 74 65 72 53 63 72 69 70 74 28 22 4d 69 63 72 6f 73 6f 66 74 41 6a 61 78 57 65 62 46 6f Data Ascii: //----------------------------------------------------------// Copyright (C) Microsoft Corporation. All rights reserved.//----------------------------------------------------------// MicrosoftAjaxWebForms.jsType._registerScript("MicrosoftAjaxWebFo
2024-04-23 20:28:22 UTC	4096	IN	Data Raw: 2e 5f 61 73 79 6e 63 50 6f 73 74 42 61 63 6b 43 6f 6e 74 72 6f 6c 49 44 73 3d 6e 75 6c 6c 3b 74 68 69 73 2e 5f 61 73 79 6e 63 50 6f 73 74 42 61 63 6b 43 6f 6e 74 72 6f 6c 43 6c 69 65 6e 74 49 44 73 3d 6e 75 6c 6c 3b 74 68 69 73 2e 5f 70 6f 73 74 42 61 63 6b 43 6f 6e 74 72 6f 6c 49 44 73 3d 6e 75 6c 6c 3b 74 68 69 73 2e 5f 70 6f 73 74 42 61 63 6b 43 6f 6e 74 72 6f 6c 43 6c 69 65 6e 74 49 44 73 3d 6e 75 6c 6c 3b 74 68 69 73 2e 5f 61 73 79 6e 63 50 6f 73 74 42 61 63 6b 54 69 6d 65 6f 75 74 3d 6e 75 6c 6c 3b 74 68 69 73 2e 5f 73 63 72 6f 6c 6c 50 6f 73 69 74 69 6f 6e 3d 6e 75 6c 6c 3b 74 68 69 73 2e 5f 61 63 74 69 76 65 45 6c 65 6d 65 6e 74 3d 6e 75 6c 6c 7d 2c 5f 64 6f 43 61 6c 6c 62 61 63 6b 3a 66 75 6e 63 74 69 6f 6e 28 64 2c 62 2c 63 2c 66 2c 61 2c 65 29 Data Ascii: ._asyncPostBackControlIDs=null;this._asyncPostBackControlClientIDs=null;this._postBackControlIDs=null;this._postBackControlClientIDs=null;this._asyncPostBackTimeout=null;this._scrollPosition=null;this._activeElement=null},_doCallback:function(d,b,c,f,a,e)
2024-04-23 20:28:22 UTC	16384	IN	Data Raw: 72 65 74 75 72 6e 20 66 61 6c 73 65 7d 7d 7d 72 65 74 75 72 6e 20 74 72 75 65 7d 2c 5f 67 65 74 50 61 67 65 4c 6f 61 64 65 64 45 76 65 6e 74 41 72 67 73 3a 66 75 6e 63 74 69 6f 6e 28 6e 2c 63 29 7b 76 61 72 20 6d 3d 5b 5d 2c 6c 3d 5b 5d 2c 6b 3d 63 3f 63 2e 76 65 72 73 69 6f 6e 34 3a 66 61 6c 73 65 2c 64 3d 63 3f 63 2e 75 70 64 61 74 65 50 61 6e 65 6c 44 61 74 61 3a 6e 75 6c 6c 2c 65 2c 67 2c 68 2c 62 3b 69 66 28 21 64 29 7b 65 3d 74 68 69 73 2e 5f 75 70 64 61 74 65 50 61 6e 65 6c 49 44 73 3b 67 3d 74 68 69 73 2e 5f 75 70 64 61 74 65 50 61 6e 65 6c 43 6c 69 65 6e 74 49 44 73 3b 68 3d 6e 75 6c 6c 3b 62 3d 6e 75 6c 6c 7d 65 6c 73 65 7b 65 3d 64 2e 75 70 64 61 74 65 50 61 6e 65 6c 49 44 73 3b 67 3d 64 2e 75 70 64 61 74 65 50 61 6e 65 6c 43 6c 69 65 6e 74 49 Data Ascii: return false}}}return true},_getPageLoadedEventArgs:function(n,c){var m=[],l=[],k=c?c.version4:false,d=c?c.updatePanelData:null,e,g,h,b;if(!d){e=this._updatePanelIDs;g=this._updatePanelClientIDs;h=null;b=null}else{e=d.updatePanelIDs;g=d.updatePanelClientI
2024-04-23 20:28:22 UTC	6316	IN	Data Raw: 6c 29 7d 2c 5f 73 63 72 69 70 74 49 6e 63 6c 75 64 65 73 4c 6f 61 64 46 61 69 6c 65 64 3a 66 75 6e 63 74 69 6f 6e 28 64 2c 63 2c 62 2c 61 29 7b 61 2e 73 63 72 69 70 74 73 46 61 69 6c 65 64 3d 7b 73 72 63 3a 63 2e 73 72 63 2c 6d 75 6c 74 69 70 6c 65 43 61 6c 6c 62 61 63 6b 73 3a 62 7d 3b 74 68 69 73 2e 5f 73 63 72 69 70 74 49 6e 63 6c 75 64 65 73 4c 6f 61 64 43 6f 6d 70 6c 65 74 65 28 64 2c 61 29 7d 2c 5f 73 63 72 69 70 74 73 4c 6f 61 64 43 6f 6d 70 6c 65 74 65 3a 66 75 6e 63 74 69 6f 6e 28 66 2c 63 29 7b 76 61 72 20 65 3d 63 2e 65 78 65 63 75 74 6f 72 3b 69 66 28 77 69 6e 64 6f 77 2e 5f 5f 74 68 65 46 6f 72 6d 50 6f 73 74 44 61 74 61 29 77 69 6e 64 6f 77 2e 5f 5f 74 68 65 46 6f 72 6d 50 6f 73 74 44 61 74 61 3d 22 22 3b 69 66 28 77 69 6e 64 6f 77 2e 5f 5f Data Ascii: l)},_scriptIncludesLoadFailed:function(d,c,b,a){a.scriptsFailed={src:c.src,multipleCallbacks:b};this._scriptIncludesLoadComplete(d,a)},_scriptsLoadComplete:function(f,c){var e=c.executor;if(window.__theFormPostData)window.__theFormPostData="";if(window.__

Timestamp	Bytes transferred	Direction	Data
2024-04-23 20:28:21 UTC	1018	OUT	GET /Osler/images/logos/logo.png HTTP/1.1 Host: www.osler.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.osler.com/en/home Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: CMSPreferredCulture=en-CA; lang=en-ca; ARRAffinity=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ARRAffinitySameSite=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ASLBSA=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASLBSACORS=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASP.NET_SessionId=wxt4gdhqkvddfgmpog4lnvg3
2024-04-23 20:28:22 UTC	373	IN	HTTP/1.1 200 OK Date: Tue, 23 Apr 2024 20:28:22 GMT Content-Type: image/png Content-Length: 4052 Connection: close ETag: "09e76b69f86da1:0" Last-Modified: Thu, 04 Apr 2024 14:52:28 GMT X-Frame-Options: SAMEORIGIN X-Powered-By: ASP.NET x-azure-ref: 20240423T202821Z-16f56cb894f7gqnz50s8mzsvyg000000014000000000mhh0 X-Cache: CONFIG_NOCACHE Accept-Ranges: bytes
2024-04-23 20:28:22 UTC	4052	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 ad 00 00 00 31 08 06 00 00 00 a8 0b 29 7b 00 00 00 19 74 45 58 74 53 6f 66 74 77 61 72 65 00 41 64 6f 62 65 20 49 6d 61 67 65 52 65 61 64 79 71 c9 65 3c 00 00 03 21 69 54 58 74 58 4d 4c 3a 63 6f 6d 2e 61 64 6f 62 65 2e 78 6d 70 00 00 00 00 00 3c 3f 78 70 61 63 6b 65 74 20 62 65 67 69 6e 3d 22 ef bb bf 22 20 69 64 3d 22 57 35 4d 30 4d 70 43 65 68 69 48 7a 72 65 53 7a 4e 54 63 7a 6b 63 39 64 22 3f 3e 20 3c 78 3a 78 6d 70 6d 65 74 61 20 78 6d 6c 6e 73 3a 78 3d 22 61 64 6f 62 65 3a 6e 73 3a 6d 65 74 61 2f 22 20 78 3a 78 6d 70 74 6b 3d 22 41 64 6f 62 65 20 58 4d 50 20 43 6f 72 65 20 35 2e 35 2d 63 30 32 31 20 37 39 2e 31 35 34 39 31 31 2c 20 32 30 31 33 2f 31 30 2f 32 39 2d 31 31 3a 34 37 3a 31 36 20 20 Data Ascii: PNGIHDR1){tEXtSoftwareAdobe ImageReadyqe<!iTXtXML:com.adobe.xmp<?xpacket begin="" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.5-c021 79.154911, 2013/10/29-11:47:16

Timestamp	Bytes transferred	Direction	Data
2024-04-23 20:28:21 UTC	1077	OUT	GET /osler/media/Osler/Content/Images/Tile-700x350/Federal-Budget-2024-700x350.jpg?ext=.jpg HTTP/1.1 Host: www.osler.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.osler.com/en/home Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: CMSPreferredCulture=en-CA; lang=en-ca; ARRAffinity=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ARRAffinitySameSite=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ASLBSA=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASLBSACORS=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASP.NET_SessionId=wxt4gdhqkvddfgmpog4lnvg3
2024-04-23 20:28:22 UTC	377	IN	HTTP/1.1 200 OK Date: Tue, 23 Apr 2024 20:28:22 GMT Content-Type: image/jpeg Content-Length: 249722 Connection: close ETag: "41919cb18390da1:0" Last-Modified: Wed, 17 Apr 2024 04:57:05 GMT X-Frame-Options: SAMEORIGIN X-Powered-By: ASP.NET x-azure-ref: 20240423T202821Z-16f56cb894f4hxjjs88cmwhuqs00000001dg000000000mnz X-Cache: CONFIG_NOCACHE Accept-Ranges: bytes
2024-04-23 20:28:22 UTC	13619	IN	Data Raw: ff d8 ff e2 0c 58 49 43 43 5f 50 52 4f 46 49 4c 45 00 01 01 00 00 0c 48 4c 69 6e 6f 02 10 00 00 6d 6e 74 72 52 47 42 20 58 59 5a 20 07 ce 00 02 00 09 00 06 00 31 00 00 61 63 73 70 4d 53 46 54 00 00 00 00 49 45 43 20 73 52 47 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f6 d6 00 01 00 00 00 00 d3 2d 48 50 20 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 11 63 70 72 74 00 00 01 50 00 00 00 33 64 65 73 63 00 00 01 84 00 00 00 6c 77 74 70 74 00 00 01 f0 00 00 00 14 62 6b 70 74 00 00 02 04 00 00 00 14 72 58 59 5a 00 00 02 18 00 00 00 14 67 58 59 5a 00 00 02 2c 00 00 00 14 62 58 59 5a 00 00 02 40 00 00 00 14 64 6d 6e 64 00 00 02 54 00 00 00 70 64 6d 64 64 00 00 02 Data Ascii: XICC_PROFILEHLinomntrRGB XYZ 1acspMSFTIEC sRGB-HP cprtP3desclwtptbkptrXYZgXYZ,bXYZ@dmndTpdmdd
2024-04-23 20:28:22 UTC	4096	IN	Data Raw: e1 ae 51 19 93 13 29 68 fd 36 38 5e 68 e4 81 5e 19 7c a9 93 57 de d3 d7 6d 04 06 02 ce 95 f2 a9 9a 8f 7e 67 e2 2c 92 55 96 47 51 c5 6c 10 12 6d 6e 11 52 9a fa 07 62 d5 b9 0f f2 e1 15 17 b7 70 29 d1 f4 9c d9 04 32 c6 20 37 aa 85 24 47 03 48 89 e8 26 35 2f 9b f7 87 89 64 eb 7a ad fe cd 25 b8 66 ee d9 c5 e7 e5 b6 e7 65 d6 ec 51 27 9b ba a4 d4 ee 2d f5 c3 9f 3d 72 d8 71 9b a6 fb c7 1c 2d 94 12 70 5d 01 a6 97 37 b7 3d 6f 9b 16 cd 56 69 7a 3a 73 28 8d 69 36 dd 69 c9 f6 ea a2 7e b2 43 ef c4 7d fc c1 66 3f 2c 43 d5 68 7c b1 8b 85 99 37 5a 9e 50 8a c7 62 2a 3f 35 3a db 1e 8b 44 f2 32 35 55 ea ee d5 6b 2e cf ee e6 9e b9 a4 e5 d9 b2 af e3 bd 72 68 9b c3 07 6f 83 cb 3a 34 73 ed 13 98 78 73 d7 77 64 2f 63 d2 2d f4 d5 79 12 b1 87 76 44 14 a4 47 dd 37 ab 9b b8 81 42 a7 Data Ascii: Q)h68^h^\|Wm~g,UGQlmnRbp)2 7$GH&5/dz%feQ'-=rq-p]7=oViz:s(i6i~C}f?,Ch\|7ZPb*?5:D25Uk.rho:4sxswd/c-yvDG7B
2024-04-23 20:28:22 UTC	16384	IN	Data Raw: 3c 55 e7 94 f0 e2 f8 53 15 79 fe 55 57 c7 3b c9 95 36 1e 22 47 39 53 1e 72 12 37 4f 6f 3e 5c 64 8f e1 1f f9 57 27 0c bf 82 4b f1 c2 3d 53 85 2a 39 0a 4e 4c 7a 38 6d 95 f1 19 b2 d7 ca 4c 5f 36 d3 95 cf 8f 31 de 81 95 e5 ad 96 d6 34 73 16 6c bb 3b 34 8e 2a 18 0e 44 63 bd 78 c2 fe 58 f5 4e 31 ee 7b a3 a7 e4 4a aa a3 54 f0 8b e7 8d 72 a7 11 51 50 6e fc f3 f1 c2 18 60 16 fe dd 00 cc f3 20 65 21 bd 0b 00 8f 6c c0 35 43 43 91 25 55 c9 0b ef c5 3a 22 e4 25 12 cc f7 17 b3 91 51 ce 5f cd 67 c8 b1 6c 2b dc ae 88 36 c8 29 86 e5 72 0d 55 6e 18 e7 4b f2 e3 f1 e3 73 1e 88 bc 85 21 f1 9c 22 16 1b 8a 80 91 1e 2b 8d 1a 67 f5 2e 97 6f 2b 1c b0 9a 57 63 61 63 5f 02 74 56 18 70 26 3a 4d 33 5a 24 30 dd 1a 24 c7 08 b7 91 c6 c3 b8 88 29 40 3b 91 6c 82 d4 33 06 a8 d0 bd a6 ad af Data Ascii: <USyUW;6"G9Sr7Oo>\dW'K=S9NLz8mL_614sl;4DcxXN1{JTrQPn` e!l5CC%U:"%Q_gl+6)rUnKs!"+g.o+Wcac_tVp&:M3Z$0$)@;l3
2024-04-23 20:28:22 UTC	8192	IN	Data Raw: b7 c1 61 e3 12 1c f7 b9 b6 36 5f a8 2c f4 c9 38 87 ca 6e 6b 09 66 d0 4d 25 cc 71 cb a5 d7 b8 9d 99 24 ee dc 20 fa c7 6d 99 fe 1a 72 af 97 97 db 8a ef c2 3b cf 1c 46 b7 94 97 87 a0 bf b6 70 67 57 c7 20 e5 21 da 8f 5d ed 82 ba fb 17 47 2a a3 fd 97 8d 6f aa 3f c2 b7 8a e5 4e 54 bb ff 00 cf fe 1e 8e 55 5e 4b ac 3c 13 31 ae 5e 0d ee 0c 26 cd 72 28 e6 14 8e a5 96 d5 02 22 b4 96 11 19 30 45 bc 2d 34 71 15 1e 02 c3 1d 90 48 69 9e 1a e4 4e 22 ab 91 c3 6f c4 80 72 71 c2 90 af f8 86 e1 24 19 64 6a 18 82 67 ab 1c f0 4f 3c 51 8b 24 49 a9 09 05 fa 44 62 ff 00 63 23 c3 1f 50 57 7c ef 22 a2 cb 37 cc ce db 52 40 b3 8c ac f5 47 8f d5 57 ca f1 7c a2 7f 9e 31 89 cf ca 71 11 5d cd 19 8d b3 03 d3 fa 23 13 91 87 9b 22 fd b7 56 8c 04 03 71 c7 f9 b8 b9 9e 19 0e 98 a8 a7 79 9e 50 Data Ascii: a6_,8nkfM%q$ mr;FpgW !]G*o?NTU^K<1^&r("0E-4qHiN"orq$djgO<Q$IDbc#PW\|"7R@GW\|1q]#"VqyP
2024-04-23 20:28:22 UTC	8192	IN	Data Raw: 09 f2 9d 17 83 7a 2b 76 5e b4 7e 49 94 33 4f c5 11 1f ac 68 85 c5 d7 74 a2 59 58 55 3f c7 6b 8a 49 86 b5 02 8c 49 45 f7 72 78 ff 00 9c 50 65 cb 43 45 8e 1e 0d a6 91 c4 02 31 bf c9 88 28 ee 7b 45 1d c8 bd 70 ca d4 6f de 18 80 f2 6c 6c 31 dc d4 64 24 54 04 44 44 fd 61 f8 eb ce b9 97 b3 37 27 5e f0 0d 75 d7 5c 1a 05 4a dd 2b e6 fe a8 e4 62 79 0d 92 66 f3 f1 ea 67 c0 95 69 71 3b e7 a4 c8 20 76 3e 5c 3b 7d fa 1f 0c 6f e5 57 52 e5 56 9f bc f1 42 b1 04 de b1 e1 fb b6 be bc 37 50 40 47 2b 5a aa d6 27 96 fc 91 e5 a1 18 f4 32 b5 88 d4 57 a3 90 4c 6b db 1c 25 47 a3 0c aa aa 51 31 ee 88 c2 2a 7e e0 b8 c3 b1 49 38 6b 2e 2b 5c ff 00 1e 15 55 5d e1 b4 6d 1b a3 fc 03 6b 09 0e 3a f1 f4 a0 33 cf 48 24 1a d9 10 cf 92 67 c6 8f 42 af 1d 71 0b eb 0a 3a a9 0f 1c c5 c7 55 d9 ce Data Ascii: z+v^~I3OhtYXU?kIIErxPeCE1({Epoll1d$TDDa7'^u\J+byfgiq; v>\;}oWRVB7P@G+Z'2WLk%GQ1*~I8k.+\U]mk:3H$gBq:U
2024-04-23 20:28:22 UTC	8192	IN	Data Raw: c3 95 aa ab e3 86 6f 94 c0 32 83 61 39 af 66 f5 d5 7e eb d0 fd be d0 b2 3a f9 b5 61 99 44 fd 6f 97 5c e2 39 0e 85 da f5 3b cb 55 28 17 9f 07 3e 12 71 e3 72 72 d9 aa 90 7d 57 db 76 68 ca fc ea a9 b1 b3 ea 78 c6 88 af 16 5d 26 e7 11 c6 e1 6d 3c b0 4b 07 69 e5 d7 0e eb 16 dc c4 76 46 29 95 e5 56 8e b5 df 7b 7f 0d fa f0 d2 36 07 b3 97 27 5e 67 d9 6e a8 cb b4 86 f2 d5 dd b9 c4 b2 8b 2c 1b 5d 5a 12 83 57 6c 86 bb 49 5c e3 e7 71 f7 05 33 6c ac 75 3d c1 5d a6 e0 d8 45 9b 85 e6 34 cd 1b 62 c3 76 39 5f 2e c1 45 8c 41 bf 6b ba d9 ad 71 d8 5b 53 43 e7 58 4b 6f 70 cc b7 1d c7 6c 23 e2 94 cd 1d ad 44 ab 5d 33 b1 23 61 f2 b2 bd f7 ac 29 e1 d5 ec 4c 57 63 65 1f 51 f7 b8 e6 3d f5 bd ba 23 6a 3e c0 e1 19 7c 3a 9a d9 96 61 31 4e 95 a7 5e 45 12 04 7f 23 88 b1 5a e7 12 34 67 Data Ascii: o2a9f~:aDo\9;U(>qrr}Wvhx]&m<KivF)V{6'^gn,]ZWlI\q3lu=]E4bv9_.EAkq[SCXKopl#D]3#a)LWceQ=#j>\|:a1N^E#Z4g
2024-04-23 20:28:22 UTC	16384	IN	Data Raw: 45 c7 eb 85 f6 21 92 b2 1e 33 de 78 85 ec 76 39 b8 c3 57 89 c9 25 8d 7c c3 21 03 bc b1 c5 15 6f fd 19 87 ff 00 de 64 86 76 95 18 f1 48 bd a3 8a 6e 64 3a 44 2e b3 65 f6 c3 c6 64 60 9b 73 12 c8 4f 49 90 a0 15 b7 55 12 50 04 07 ee 56 e6 53 a3 42 a1 c8 aa a7 bf b2 e6 a5 c4 f7 61 36 0d 64 77 9b 62 bb d0 1b 32 cd c4 d6 9b 4b 2d 15 98 76 06 3e e4 4c 8f 0d b0 74 74 89 20 13 23 e5 32 22 6e 18 fa ee d3 ae 97 12 43 13 45 75 96 35 7c 5c 67 b0 db 0f 36 dd b9 37 4e fa b1 9f 76 cf 39 fb 48 dc 3b 13 59 ea 1c eb b2 59 ae 69 a1 3a 79 a9 b6 2e 1f d0 60 db 64 6e bf e9 ce 0b b3 71 cf a7 5d ef 85 e4 ba 17 e9 f7 a8 59 86 63 9e f5 f1 83 55 e4 18 3f ba eb e9 59 04 3d d7 3b 1c b0 c8 6a d5 d9 76 2b 71 f5 72 92 2e b4 6e e4 a8 b2 d6 dd 0b d5 18 f4 dc 0b 77 e0 fd 5e d3 5a 8b 57 ef 28 Data Ascii: E!3xv9W%\|!odvHnd:D.ed`sOIUPVSBa6dwb2K-v>Ltt #2"nCEu5\|\g67Nv9H;YYi:y.`dnq]YcU?Y=;jv+qr.nw^ZW(
2024-04-23 20:28:22 UTC	16384	IN	Data Raw: ca 35 08 0a 2d 91 14 a3 7e 54 7f 61 a6 3c ef db 72 1a 9a 48 b9 c3 1b 65 52 36 76 23 1c 49 0e 1f 49 fb 0f 51 bd 33 9a ef 23 25 80 a4 6c 01 4c 8f 3f 48 43 d7 f3 39 54 9b bd c8 0e e6 f3 e2 0a e9 68 18 34 70 6b 47 79 38 e3 48 f2 7c c0 4a 94 c4 e3 ef a7 32 46 fe 59 38 1c fe c2 32 22 e2 8e e2 07 ab 3b ed d4 f4 4b 1c 88 45 c9 0a 81 e6 40 ff 00 12 78 9a ec 5a eb 03 73 8b 78 38 a5 ac 6f 5e 67 88 14 b1 c8 f6 11 6a d1 34 6d 7d f1 22 fe d0 84 7b 69 1a d7 46 47 0b f4 f6 d2 b5 ec 90 7b 0f bd 0f b2 92 46 b9 88 b7 45 a2 e6 96 b9 c3 0c bd dd 55 bb 73 a2 d2 4b 06 58 9d 43 ec a7 ab 54 11 8a 7c 38 1a f3 18 ad 95 a8 55 aa 09 1f 88 b8 83 8e 09 86 06 9f 04 1b c6 33 6f 1a b5 ae 91 0e b7 36 ee 24 90 7c 28 a9 96 57 26 bf 4f bd db 18 e6 60 f1 bd a9 a0 27 e2 23 20 7b c5 32 1d 86 f1 Data Ascii: 5-~Ta<rHeR6v#IIQ3#%lL?HC9Th4pkGy8H\|J2FY82";KE@xZsx8o^gj4m}"{iFG{FEUsKXCT\|8U3o6$\|(W&O`'# {2
2024-04-23 20:28:22 UTC	16384	IN	Data Raw: 3d b3 84 32 16 b1 f3 b5 da a5 77 84 82 48 79 11 a8 2a 0c 76 23 3d 86 e3 99 ef df b8 e7 5b 49 64 82 77 bc 82 f2 5a e2 e8 dc ec 15 62 73 02 e6 41 cc 1f e1 ba 8c 06 bb 4f 2e da 02 09 2d fc 0e 70 f1 04 36 ba 69 c1 54 d7 3f 8e 5d a7 96 ac 88 0d 2f 24 9f 32 50 01 53 64 29 82 2f f5 22 d6 d7 69 b6 db be 47 03 18 3f 4a 34 06 82 e7 3b 50 ea 40 97 53 8a 56 cf 6d 23 59 ad d2 87 28 70 50 0d 85 85 9c 38 67 ec ad ba 4c d6 44 35 29 2f 00 92 85 a8 1a aa e0 05 f0 38 a7 6c 0c 0e 6b dc 1e 14 b4 92 a4 9b 5c 20 37 38 9e f3 4d 73 e4 69 94 46 e5 28 8e 73 4a 69 0f ff 00 08 e0 4d 3d 4d ac 2f 9d 46 98 69 c2 a3 23 fa 6b 7e 98 1d f3 ff 00 fa 51 51 fe 0a 69 05 25 20 c6 b1 a4 07 3a 45 a3 7a 77 2f f5 7f 26 64 cf 0d 46 4a d3 a2 78 d7 fa 25 6f 89 3f b4 ab 4e 6d ad c4 fe 88 f5 ec 0c da 3b Data Ascii: =2wHy*v#=[IdwZbsAO.-p6iT?]/$2PSd)/"iG?J4;P@SVm#Y(pP8gLD5)/8lk\ 78MsiF(sJiM=M/Fi#k~QQi% :Ezw/&dFJx%o?Nm;
2024-04-23 20:28:22 UTC	9216	IN	Data Raw: 3e 5b 4a 6a d2 41 03 b7 31 95 3a 48 4e a6 62 a3 0e 83 ae f5 85 fa 67 d3 ae 8f 96 14 66 3e ca 31 09 40 e7 bb 66 78 5c 4a 19 98 30 0e e2 40 08 1c 30 44 2a 2a 4d 8e e9 a5 92 b5 c8 e8 dd 62 d3 d3 0c 88 b8 af 57 fe de c9 14 7f f9 a1 91 1d df 29 99 c2 f0 f3 18 1a e7 44 8e 3f 4c 7b 81 ab 6d 37 f6 4a 4a 2b 42 73 0e 51 cc f6 af 83 99 6d 67 7c 52 c6 e0 43 d9 24 6e 2c 91 8e 06 e1 cd 78 20 8c 88 a5 25 49 a2 3f 0d 01 92 74 e9 ef a2 4d 64 95 81 d3 4a a8 2a c7 c3 5c 8e 66 bb c1 16 fe 78 5c b8 06 bc 31 f6 e3 77 2f 55 79 60 82 08 c1 2c 5b 81 ee 20 df 8d 73 0d 9c 0c 4e 5d 31 f3 61 24 7e 07 fe 11 97 80 ab 7b 2a e0 f6 51 37 cb f9 76 56 26 b9 74 7b 8e 63 36 e7 d3 4c 8d d0 b5 c5 64 9f 68 c9 10 38 c4 1c 40 7b 1a 8b e5 38 87 00 be 5b 9a a5 a7 6a 37 bc fb 69 16 fe 58 c4 62 5d 6d Data Ascii: >[JjA1:HNbgf>1@fx\J0@0D*MbW)D?L{m7JJ+BsQmg\|RC$n,x %I?tMdJ\fx\1w/Uy`,[ sN]1a$~{*Q7vV&t{c6Ldh8@{8[j7iXb]m

Timestamp	Bytes transferred	Direction	Data
2024-04-23 20:28:22 UTC	593	OUT	GET /cookieconsentpub/v1/geo/location HTTP/1.1 Host: geolocation.onetrust.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" accept: application/json sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Origin: https://www.osler.com Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://www.osler.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-23 20:28:22 UTC	370	IN	HTTP/1.1 200 OK Date: Tue, 23 Apr 2024 20:28:22 GMT Content-Type: application/json Content-Length: 68 Connection: close Access-Control-Allow-Origin: * Access-Control-Allow-Headers: Content-Type Access-Control-Allow-Methods: GET, OPTIONS Strict-Transport-Security: max-age=31536000; includeSubDomains; preload Server: cloudflare CF-RAY: 8790997fad891d72-ATL
2024-04-23 20:28:22 UTC	68	IN	Data Raw: 7b 22 63 6f 75 6e 74 72 79 22 3a 22 55 53 22 2c 22 73 74 61 74 65 22 3a 22 47 41 22 2c 22 73 74 61 74 65 4e 61 6d 65 22 3a 22 47 65 6f 72 67 69 61 22 2c 22 63 6f 6e 74 69 6e 65 6e 74 22 3a 22 4e 41 22 7d Data Ascii: {"country":"US","state":"GA","stateName":"Georgia","continent":"NA"}

Timestamp	Bytes transferred	Direction	Data
2024-04-23 20:28:22 UTC	1027	OUT	GET /Osler/fonts/celeste-sans/CelesteSansWeb.woff HTTP/1.1 Host: www.osler.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Origin: https://www.osler.com sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: font Referer: https://www.osler.com/Osler/css/styles.min.css?v=11.0.4 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: CMSPreferredCulture=en-CA; lang=en-ca; ARRAffinity=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ARRAffinitySameSite=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ASLBSA=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASLBSACORS=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASP.NET_SessionId=wxt4gdhqkvddfgmpog4lnvg3
2024-04-23 20:28:22 UTC	388	IN	HTTP/1.1 200 OK Date: Tue, 23 Apr 2024 20:28:22 GMT Content-Type: application/x-font-woff Content-Length: 38948 Connection: close ETag: "09e76b69f86da1:0" Last-Modified: Thu, 04 Apr 2024 14:52:28 GMT X-Frame-Options: SAMEORIGIN X-Powered-By: ASP.NET x-azure-ref: 20240423T202822Z-16f56cb894fkhtg8srtqvg1hnw00000001f00000000078zd X-Cache: CONFIG_NOCACHE Accept-Ranges: bytes
2024-04-23 20:28:22 UTC	15892	IN	Data Raw: 77 4f 46 46 00 01 00 00 00 00 98 24 00 14 00 00 00 01 66 04 00 07 01 f8 00 00 96 70 00 00 01 93 00 00 03 dc 00 00 98 04 00 00 00 20 44 53 49 47 00 00 88 c8 00 00 0d a8 00 00 15 84 e6 dc 46 eb 47 50 4f 53 00 00 85 b0 00 00 02 9f 00 00 04 6c bd f0 f2 ac 47 53 55 42 00 00 88 50 00 00 00 76 00 00 00 a4 7c 8f 8d 0b 4c 54 53 48 00 00 05 64 00 00 00 77 00 00 01 3c 78 18 78 8a 4f 53 2f 32 00 00 02 38 00 00 00 59 00 00 00 60 80 7b 55 32 56 44 4d 58 00 00 05 dc 00 00 03 7e 00 00 0b ba e6 94 d0 e3 63 6d 61 70 00 00 14 a8 00 00 02 bb 00 00 03 de 12 57 8b 95 63 76 74 20 00 00 18 cc 00 00 00 24 00 00 00 24 08 47 01 0d 66 70 67 6d 00 00 17 64 00 00 01 02 00 00 01 73 06 59 9c 37 67 61 73 70 00 00 85 a0 00 00 00 10 00 00 00 10 00 67 00 0a 67 6c 79 66 00 00 1b 64 00 00 64 Data Ascii: wOFF$fp DSIGFGPOSlGSUBPv\|LTSHdw<xxOS/28Y`{U2VDMX~cmapWcvt $$GfpgmdsY7gaspgglyfdd
2024-04-23 20:28:22 UTC	16384	IN	Data Raw: e1 f0 2f c1 5e 86 8c 8b ce d5 09 dc cf 70 c3 00 68 a4 37 d7 ad 8f 81 3b 2e 7c c3 05 ee b8 c0 1d 17 b8 e3 02 77 5c 60 b1 0b 2c 76 81 c5 2e b0 d8 05 16 53 97 d3 05 16 bb c0 62 17 58 ec e2 ec 47 11 aa c8 ab fa 74 0d 48 31 4a 11 82 80 ef 9d 1a 6f b2 9e 6c cf 46 75 bb 74 ee 74 34 54 4a b8 77 ed 22 d7 eb c3 21 4f a4 ba 20 21 62 f2 84 27 a2 76 9a 96 f2 13 0c 5b ce 41 c6 cf 87 f8 77 a2 df 76 2e 3f 38 bf 3e e4 69 59 e8 03 8b b2 e7 7f 20 41 51 80 e5 7b 28 ea f1 46 a3 00 c1 f9 7b f8 ab 3c d1 a8 c7 13 8b 9d 7a 0d 79 b4 bb 95 be c3 b6 6c e4 1e 65 ef 08 ac 7c 87 42 ba 21 25 6a 18 7a 87 9a d5 ea 6c 3c aa be ca e2 4f 97 bd 11 7b d8 67 db d5 7f e7 54 a2 5d 88 59 92 d6 70 aa 1c 27 3f 52 78 fc 39 0c d6 c6 5d ce 8d ab 0a 30 c4 e3 a1 39 91 fe d8 69 0e 2a c6 a4 c4 a7 ea 9d 4d Data Ascii: /^ph7;.\|w\`,v.SbXGtH1JolFutt4TJw"!O !b'v[Awv.?8>iY AQ{(F{<zyle\|B!%jzl<O{gT]Yp'?Rx9]09i*M
2024-04-23 20:28:22 UTC	6672	IN	Data Raw: 49 9c dd 88 ab 37 a2 7b 30 61 79 af 02 3a 26 01 60 12 d0 31 09 f0 7f 73 a0 36 68 0b 74 1b e8 1e d0 83 a0 47 40 97 40 97 41 57 41 cf 81 be 07 7a 15 f4 2b 90 86 c9 fe 8d 30 5d ee 19 ad 59 df 67 3b 5b a1 0d f0 b9 72 64 ce 6f 59 0a 2d a7 18 5f a9 72 76 84 b3 ee 60 d8 56 9c 57 38 1f bb 27 e9 c3 3d 5e fe 10 bc 4c 90 5f 90 e1 c8 ff 3e 2f b5 83 1a d2 68 10 fe 9e a3 34 87 1c 99 1b 64 6e 98 e7 2b d3 58 69 00 2b df b8 7c 65 8e 03 1b 61 e2 6d e5 89 6e 18 aa 2e 20 2a b1 6d e3 61 09 1e 92 f1 96 3b 45 ff c6 5b e1 dc 84 c4 f6 d8 2c 37 03 67 ce 08 f7 5a 9d 7d 09 ed f1 d8 32 63 bb 7e 8b ae 5b 5e 07 5f 4b 64 99 26 c9 70 a6 ed 43 e2 03 f6 70 76 4f e2 c4 25 76 63 e9 30 39 1e 4c 4a c5 6f 14 d8 8d 82 7a 63 6e 8f 60 33 9b 50 cf ed 97 d4 51 49 02 95 a4 8e 4a 92 57 99 9a 03 b5 41 Data Ascii: I7{0ay:&`1s6htG@@AWAz+0]Yg;[rdoY-_rv`VW8'=^L_>/h4dn+Xi+\|eamn. *ma;E[,7gZ}2c~[^_Kd&pCpvO%vc09LJozcn`3PQIJWA

Timestamp	Bytes transferred	Direction	Data
2024-04-23 20:28:22 UTC	1072	OUT	GET /osler/media/Osler/Content/Images/Tile-300x300/300x300-Elizabeth-Sale.png?ext=.png HTTP/1.1 Host: www.osler.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8 Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: image Referer: https://www.osler.com/en/home Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: CMSPreferredCulture=en-CA; lang=en-ca; ARRAffinity=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ARRAffinitySameSite=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ASLBSA=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASLBSACORS=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASP.NET_SessionId=wxt4gdhqkvddfgmpog4lnvg3
2024-04-23 20:28:22 UTC	375	IN	HTTP/1.1 200 OK Date: Tue, 23 Apr 2024 20:28:22 GMT Content-Type: image/png Content-Length: 157684 Connection: close ETag: "14ccce10f90da1:0" Last-Modified: Tue, 16 Apr 2024 15:02:14 GMT X-Frame-Options: SAMEORIGIN X-Powered-By: ASP.NET x-azure-ref: 20240423T202822Z-16f56cb894f659cp1btp5a7rgc00000001g0000000000qf1 X-Cache: CONFIG_NOCACHE Accept-Ranges: bytes
2024-04-23 20:28:22 UTC	15905	IN	Data Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 01 2c 00 00 01 2c 08 02 00 00 00 f6 1f 19 22 00 00 00 19 74 45 58 74 53 6f 66 74 77 61 72 65 00 41 64 6f 62 65 20 49 6d 61 67 65 52 65 61 64 79 71 c9 65 3c 00 00 03 26 69 54 58 74 58 4d 4c 3a 63 6f 6d 2e 61 64 6f 62 65 2e 78 6d 70 00 00 00 00 00 3c 3f 78 70 61 63 6b 65 74 20 62 65 67 69 6e 3d 22 ef bb bf 22 20 69 64 3d 22 57 35 4d 30 4d 70 43 65 68 69 48 7a 72 65 53 7a 4e 54 63 7a 6b 63 39 64 22 3f 3e 20 3c 78 3a 78 6d 70 6d 65 74 61 20 78 6d 6c 6e 73 3a 78 3d 22 61 64 6f 62 65 3a 6e 73 3a 6d 65 74 61 2f 22 20 78 3a 78 6d 70 74 6b 3d 22 41 64 6f 62 65 20 58 4d 50 20 43 6f 72 65 20 39 2e 31 2d 63 30 30 32 20 37 39 2e 66 33 35 34 65 66 63 37 30 2c 20 32 30 32 33 2f 31 31 2f 30 39 2d 31 32 3a 30 35 3a 35 Data Ascii: PNGIHDR,,"tEXtSoftwareAdobe ImageReadyqe<&iTXtXML:com.adobe.xmp<?xpacket begin="" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 9.1-c002 79.f354efc70, 2023/11/09-12:05:5
2024-04-23 20:28:22 UTC	16384	IN	Data Raw: a1 72 d0 51 62 50 10 dd 91 2a 72 92 58 ab 2d c5 d3 90 5f 89 55 50 b9 b3 16 83 3e c9 01 45 b1 d1 04 e4 da 2d ba 5a 33 72 85 b5 e2 1f 36 5d 02 0e aa d4 5c a0 7b df a1 f0 12 0d f2 bc 43 48 c3 cf ac ad 20 b2 84 d0 7e 9b 78 df c8 65 d1 5b 48 78 7b 37 d1 43 fc 4e 8c 70 42 bf 95 26 06 55 48 26 c7 a8 0b 94 bc 40 0e 07 ad b6 11 a2 83 10 aa 31 4d c4 94 41 d5 6c 42 a0 52 d0 d4 f4 a6 85 3a 94 2d ab a2 b6 43 54 13 19 86 40 5a a7 83 bb 59 22 17 c1 c8 bb 60 20 5b 54 47 19 00 b1 d3 ca 1b f4 39 13 02 ad 5a d0 c9 15 c0 56 b1 05 bd 5d 80 1e 31 92 2d d9 47 c0 69 93 2b 17 ee 60 24 a8 0d fa 8e 19 aa ee 46 8a b1 16 cb 83 d2 b2 c0 17 b2 a5 b3 f9 6c 17 e2 97 5f bf a5 d8 7e f5 fa ed 2f 3e fb bb 6a b3 a9 42 5e d8 aa b1 f9 56 76 a0 50 03 ba 4a 59 fe ed 6f 7e e7 d7 be fd f1 c7 f2 c5 Data Ascii: rQbP*rX-_UP>E-Z3r6]\{CH ~xe[Hx{7CNpB&UH&@1MAlBR:-CT@ZY"` [TG9ZV]1-Gi+`$Fl_~/>jB^VvPJYo~
2024-04-23 20:28:22 UTC	12288	IN	Data Raw: f0 f9 7d 8f 66 b1 e2 ce be 28 f0 54 03 ce cd e5 19 1b 4e 27 74 c6 d6 3c ba c3 88 16 6d 4c 24 c0 01 1b 7d 41 03 a0 82 5c 5a 48 7a ae e3 56 50 c9 31 15 00 ba d8 cd 9f 25 d8 a6 28 4a 8c ad e8 75 98 bb c4 13 42 28 97 ca 78 74 7c b2 a2 87 12 ea de 2c d2 84 4e 20 34 f6 59 de 93 ef 87 9c d5 d6 14 9b 49 78 0b 9d 0b 94 17 8e 2d 60 e8 b9 b4 2c 8d 4a c1 0e 01 0b 2c cb e3 07 c1 1b 4f 78 0f 12 b3 40 78 ad 19 2a 53 bd a3 a8 cd 94 b2 41 ee c7 11 68 4e 65 d1 5b 37 4d dd 34 5d 53 52 db 6c 28 10 aa b4 ec 36 37 df 3c ff 63 95 65 fd d0 2d 18 93 df f4 ee f0 68 a5 08 b1 4b bf 71 ce ec c7 03 aa 85 a8 3e b6 76 47 9f db c1 3c 18 7e 51 fb 7d 69 d0 40 d6 54 61 2a 71 b6 3a c8 96 a5 6b bb 9b ce 37 ce ff 24 17 9f d7 f9 51 61 0e 0e 4f 16 ab 35 58 3c ce d2 1b d3 b9 e6 61 90 d0 59 11 58 Data Ascii: }f(TN't<mL$}A\ZHzVP1%(JuB(xt\|,N 4YIx-`,J,Ox@xSAhNe[7M4]SRl(67<ce-hKq>vG<~Q}i@Taq:k7$QaO5X<aYX
2024-04-23 20:28:22 UTC	4096	IN	Data Raw: 93 15 4f e2 54 bc 27 c8 1f a4 9d 10 5f 13 e3 fd 22 27 83 e0 84 19 cb 59 15 79 ca 4d b6 de 36 a3 39 44 fc e5 cb 17 9f 3e 7a f2 42 d9 27 ad de 77 94 8b ea d6 d1 19 c1 0c 46 9d f0 f7 de ff da e6 b3 67 57 bb 5d c6 d9 be b7 ab 61 9f e7 79 05 15 0d 3e d5 71 6f 5a 93 88 d6 8a 81 f2 3c e3 6a fa 3f 81 17 6d 65 ca 6e 7a 33 f7 04 27 d8 18 b1 49 df ba 6a f6 62 d5 ad af ae 2e cf 96 32 8a 97 e4 13 d2 bc 57 8a 87 ce 61 18 52 44 51 20 20 a0 cf 4f fc af 46 9b 57 33 63 9f 57 54 d9 e7 15 ca 5f 34 ee 7f 69 fd e9 55 cb fe f3 c8 c7 7e 25 ac bd 1a c8 be 35 e2 b0 48 75 dc f8 bf 5d f6 f7 af ba 8b b7 b3 e0 c7 59 50 17 de 87 bd b2 f0 5f 9e da 01 45 28 8b 8e ab 0b 9f cf c0 e1 e2 28 82 81 fc 0e 74 4d 84 d6 75 12 18 03 c9 61 e3 88 fb a8 a4 53 1a 87 81 d1 28 f0 11 86 9e 47 ca 08 6c f9 Data Ascii: OT'_"'YyM69D>zB'wFgW]ay>qoZ<j?menz3'Ijb.2WaRDQ OFW3cWT_4iU~%5Hu]YP_E((tMuaS(Gl
2024-04-23 20:28:22 UTC	16384	IN	Data Raw: cf 38 46 40 c5 f5 b3 ab 3f f8 b5 77 df a8 93 1f 3c 79 96 c1 19 c6 8f ae d7 ed 30 fe da 9d 89 57 dd cb 56 a5 19 db ec 21 b8 06 c1 e6 38 60 29 24 83 58 02 ed 40 cf ec 6b 8b e1 ac 0d 3d fa 32 3f 61 91 ee a0 cb 93 8a b8 c0 e8 2a a7 a4 74 d7 1f 26 f3 f9 62 79 66 ac a5 a8 4b 3e a2 ed 47 2c 9e 48 86 a2 12 0f b4 d0 a8 96 23 19 a3 d3 4f 4f 73 30 3e 88 2a 04 35 a1 db 65 22 04 46 0b b5 59 ec 79 63 18 c1 46 61 63 38 0e 55 96 a3 6c c9 51 3a c8 fb 57 92 2d c7 09 52 7a 22 94 3a 60 bc 11 63 83 48 8b e2 57 29 27 e4 37 79 9c 4b 2c b8 b5 a3 51 58 58 88 27 60 04 8c 1b 65 06 74 11 e2 0c a2 f3 a0 79 a1 34 8d 82 db 61 f0 bd 86 cd 55 68 cc 32 ca f5 f7 0a 62 3c 58 ae 51 64 b8 e0 25 c3 88 a6 8f 6d 89 2d 05 b9 75 be 40 b5 c6 d7 68 b8 f3 83 21 8f 15 55 a1 d1 de fb 68 8e f1 85 40 78 Data Ascii: 8F@?w<y0WV!8`)$X@k=2?at&byfK>G,H#OOs0>5e"FYycFac8UlQ:W-Rz":`cHW)'7yK,QXX'`ety4aUh2b<XQd%m-u@h!Uh@x
2024-04-23 20:28:22 UTC	16384	IN	Data Raw: bd f7 3f ac 6a 20 bf 7c 18 4f 0f 1f ff e8 e9 d2 8a 92 04 ff ee 38 7d dc 77 ab f5 ba 6d 5a 4e 00 1e 47 ad 4d a2 6f 5f 1c 07 4a a9 0f 15 53 5e 17 52 5d 3f 75 a6 af b9 61 b0 c1 27 a6 c0 ab d0 10 32 c5 30 ce ae 64 a5 45 d1 78 42 62 d4 5e 12 7d 5b 6a 22 ca 4c 5e 37 91 c2 3f 49 85 aa c4 b0 96 06 72 52 04 fa 44 a6 c8 91 cf 39 11 ab b2 12 4b 84 aa 3e 0d f1 90 39 0a 9f 26 2e 93 93 3f f9 8b 5f c1 5b af 64 5a e0 93 d9 7a 89 6d 96 9f c8 4d 9f 95 ec 3a 33 80 2a a2 22 02 04 9f 09 93 ea b7 b8 e4 2e 20 bb 51 3a 2d 84 84 5c 39 11 ea 40 9a 60 24 0d 38 71 55 9a 85 c7 77 59 7e 31 87 2a c9 a8 9d 33 20 24 c9 34 0e 0d 00 7f 77 b4 3e 8f c0 72 ff fc 59 53 d5 73 aa 12 14 69 41 cb f2 fb 9c 91 24 06 62 c2 34 f2 84 9e 3e bc 3b bc 7f 27 00 cf ba fe d0 cd fa ee ee bb f7 6f a7 cb 53 55 Data Ascii: ?j \|O8}wmZNGMo_JS^R]?ua'20dExBb^}[j"L^7?IrRD9K>9&.?_[dZzmM:3". Q:-\9@`$8qUwY~13 $4w>rYSsiA$b4>;'oSU
2024-04-23 20:28:22 UTC	16384	IN	Data Raw: 20 53 8a a9 20 fb 37 4b 30 91 93 d0 c8 18 9c 98 28 67 92 34 c0 34 d9 4e 58 a7 6d 90 a8 33 17 12 3b 91 21 51 1f 38 b2 15 56 2c a8 fb 3e 53 b5 2a 6e b2 fc 10 08 64 1d b5 46 8b 55 6e cd 48 76 0d 8e 40 f2 f2 11 e7 1c 1c db 2e cc 87 b4 cb 57 c9 38 fa b8 a2 df f2 53 2a 3d d2 6d 15 64 c6 aa 12 03 05 d5 16 24 60 0b 3d 2f a5 91 48 36 e3 27 bf 14 f0 7c 2a 6b e1 09 72 00 dd 65 5d 71 92 88 9d dc 9c 03 b4 25 47 a5 58 5c e4 07 26 07 0a 4b 56 29 cb 44 ca 99 94 98 ae d2 a0 e9 0c 24 75 d0 a4 31 9a a5 f7 c8 5f d9 80 a7 ce 9f d2 ec 25 29 1b e3 a1 9b e5 0f 7f f1 cb 44 81 98 95 52 70 f1 3c e9 09 e2 ee 6b 2e 6d 31 c3 a1 88 c0 82 f7 96 32 6c c9 4d 55 91 88 7f 93 3a 0f 9b 1e 36 b1 82 cf a4 70 cb 4b f2 ef e4 e9 9a d3 b8 69 ce 83 b2 16 b2 cb 98 f0 18 0a 59 e6 36 81 65 3c 7d 32 25 Data Ascii: S 7K0(g44NXm3;!Q8V,>SndFUnHv@.W8S=md$`=/H6'\|*kre]q%GX\&KV)D$u1_%)DRp<k.m12lMU:6pKiY6e<}2%
2024-04-23 20:28:22 UTC	13312	IN	Data Raw: 93 34 5c 2b c9 75 5c 1b a4 85 ce 39 f8 9b 46 b3 9c 8f 70 9f ac f6 4d df 31 14 47 c0 bc 55 ef 71 03 10 2d 0f f8 a4 ae 20 d3 0e bc 55 62 4b 1b b2 d3 ff f5 dd ef 39 d1 5b 68 3c 84 13 6a 35 f7 61 bc a4 2a 04 2b b7 e5 a6 0a 94 ea 28 2b 5f bc 75 6d 57 4b d3 b3 04 27 e4 74 eb 2c 2c 45 df 4a 02 ea 23 1e 2e e2 33 7d 0e 99 24 b7 24 ee c0 8d 91 94 80 57 38 e9 a2 47 fc 02 4e 8a 71 14 78 93 75 c1 8f 15 91 05 d9 02 f1 6a c6 63 e4 28 0b 47 b2 db ea 86 19 08 d5 1a da 48 72 b6 0d 41 8c de 94 47 95 3b d6 68 e9 0f f1 e6 c9 1a 6e 66 07 57 06 58 d0 16 62 8f 58 e3 fb 9e 0e a0 65 61 25 01 50 9a 93 8f e0 9a 88 92 00 04 5c 6e d5 5c 46 31 75 24 90 ae 3c 84 cf 59 d6 7b ef 24 0e 21 0b 54 b6 ae 62 bc 4b e5 f6 1d 6f c3 e6 11 74 5b b2 c5 d8 d5 cd 85 b5 e0 70 12 15 6c 4a 9e f0 80 45 59 Data Ascii: 4\+u\9FpM1GUq- UbK9[h<j5a*+(+_umWK't,,EJ#.3}$$W8GNqxujc(GHrAG;hnfWXbXea%P\n\F1u$<Y{$!TbKot[plJEY
2024-04-23 20:28:22 UTC	16384	IN	Data Raw: 8c cf 1d 11 fc 80 e0 6c c7 d5 2e 9a fc 50 cb 09 d7 80 2c c3 b2 b4 5d c7 d9 9a 98 1a 13 1d ad a3 de 96 40 f7 41 fc 30 db f4 40 ed 8d fb d3 69 fe c3 47 dc 05 81 c0 a7 14 e7 07 b1 e2 e6 54 2b 9e 1d 95 32 79 be c6 ba 34 48 7f 80 ca e1 47 2a 45 ec 1e 10 b5 05 97 2d 0f 95 b2 97 9c 1e b2 79 67 3a e4 e1 59 73 f4 da 6a fa c0 59 72 12 04 a2 67 34 76 24 b3 09 f7 07 81 98 02 32 d6 b6 08 8e 63 29 b7 78 2a 5a af 75 3f fb 94 cb a4 c4 ad 20 b3 1b 69 15 11 70 cf 2a c1 e0 62 3c 27 71 4c a8 28 4b fd 34 dc 6e d7 64 23 a0 14 73 14 31 29 71 2e 92 0d 2e 22 75 dd d4 fd 59 24 92 95 46 0f b1 50 fd 04 1f 25 51 eb 5a d9 b0 5c 3d de a4 b3 78 39 91 8c a7 ac e2 ba 84 cd 65 7c 2f 44 5e 8f 60 59 4c f3 d5 67 9f e3 f2 73 07 b7 ee d1 9b ba c7 db 54 0b f7 b1 b5 bd 55 1b 11 4b f9 72 6c 70 2d Data Ascii: l.P,]@A0@iGT+2y4HGE-yg:YsjYrg4v$2c)xZu? ip*b<'qL(K4nd#s1)q.."uY$FP%QZ\=x9e\|/D^`YLgsTUKrlp-
2024-04-23 20:28:22 UTC	16384	IN	Data Raw: b3 48 03 d5 c1 05 b0 e7 26 b6 c9 e8 8d 46 36 9a 15 8e ba 7b 48 ed b9 9b e2 9e d9 d0 e5 c2 39 2a 94 a6 da 0a ec e0 18 c7 31 45 04 eb f5 51 ec d2 24 58 4b 56 1d ad a1 d0 32 32 72 3b fc e3 0f bf ff 87 df fc ae ef 1d 56 51 4f aa c7 da 3a b0 0b bb 5a f6 d6 70 8f 64 b6 eb 33 ad 6c 17 02 c0 96 26 28 f9 26 2a 3f 51 e8 fb 2e 11 64 f7 39 0d 42 1f 5a c7 d0 01 c8 2b ea 61 49 fa 9b 52 ba 38 52 d0 8a 53 15 47 a3 ae cb 0a ae d3 f3 10 08 24 a5 f6 95 e7 b7 23 15 a4 0c d9 7b d9 5e b1 ea 38 88 e7 e4 61 40 da ed 73 8d a6 de f7 44 0c 62 38 e1 db f2 82 7d bd 91 af 24 70 68 47 d7 eb 70 c1 fd 37 ac 3a 8c 48 2f 45 9f 8a 98 8c 45 12 ee 58 f7 64 e3 2e de 50 23 36 20 99 a6 b0 b3 df 0a fa d8 ce 58 7c 81 72 13 20 fc 0a 5b 00 e0 17 0b 26 03 2f d1 24 da 19 ec 52 36 fb 64 a6 5c 7a f5 72 Data Ascii: H&F6{H91EQ$XKV22r;VQO:Zpd3l&(&?Q.d9BZ+aIR8RSG$#{^8a@sDb8}$phGp7:H/EEXd.P#6 X\|r [&/$R6d\zr

Timestamp	Bytes transferred	Direction	Data
2024-04-23 20:28:22 UTC	1062	OUT	GET /Osler/fonts/font-awesome/fonts/fontawesome-webfont.woff?v=4.2.0 HTTP/1.1 Host: www.osler.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Origin: https://www.osler.com sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: font Referer: https://www.osler.com/Osler/fonts/font-awesome/css/font-awesome.min.css Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: CMSPreferredCulture=en-CA; lang=en-ca; ARRAffinity=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ARRAffinitySameSite=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ASLBSA=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASLBSACORS=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASP.NET_SessionId=wxt4gdhqkvddfgmpog4lnvg3
2024-04-23 20:28:22 UTC	388	IN	HTTP/1.1 200 OK Date: Tue, 23 Apr 2024 20:28:22 GMT Content-Type: application/x-font-woff Content-Length: 65452 Connection: close ETag: "09e76b69f86da1:0" Last-Modified: Thu, 04 Apr 2024 14:52:28 GMT X-Frame-Options: SAMEORIGIN X-Powered-By: ASP.NET x-azure-ref: 20240423T202822Z-16f7b4795d4d49mrgyqqa182d000000005n0000000001k2d X-Cache: CONFIG_NOCACHE Accept-Ranges: bytes
2024-04-23 20:28:22 UTC	15892	IN	Data Raw: 77 4f 46 46 00 01 00 00 00 00 ff ac 00 0e 00 00 00 01 b6 20 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 46 46 54 4d 00 00 01 44 00 00 00 1c 00 00 00 1c 67 b3 29 9d 47 44 45 46 00 00 01 60 00 00 00 1f 00 00 00 20 02 2d 00 04 4f 53 2f 32 00 00 01 80 00 00 00 3e 00 00 00 60 8b 02 7a 4c 63 6d 61 70 00 00 01 c0 00 00 01 47 00 00 02 b2 d4 93 ac 5c 67 61 73 70 00 00 03 08 00 00 00 08 00 00 00 08 ff ff 00 03 67 6c 79 66 00 00 03 10 00 00 e8 36 00 01 8d bc 4d 52 20 8a 68 65 61 64 00 00 eb 48 00 00 00 31 00 00 00 36 08 66 11 da 68 68 65 61 00 00 eb 7c 00 00 00 1f 00 00 00 24 0f 02 09 db 68 6d 74 78 00 00 eb 9c 00 00 02 47 00 00 07 fc 1c 24 14 7a 6c 6f 63 61 00 00 ed e4 00 00 03 f4 00 00 04 02 01 7f 9d fa 6d 61 78 70 00 00 f1 d8 00 00 00 Data Ascii: wOFF FFTMDg)GDEF` -OS/2>`zLcmapG\gaspglyf6MR headH16fhhea\|$hmtxG$zlocamaxp
2024-04-23 20:28:22 UTC	16384	IN	Data Raw: 04 2b dc 48 e1 e8 a2 44 b1 e0 0f fb 2f 98 eb e9 f3 98 e3 f3 e6 fa 67 cf 0d 04 e6 bd fc ed 25 c7 4b 5c 48 d4 0f 90 f8 f0 15 c7 f8 20 e3 44 7e e2 f8 a7 3b 4b 6c c8 80 c1 ed 71 d6 5a 3c 78 46 c8 1c 6f 68 ed 8d de f2 94 0b dd 50 cd 8c 74 4c 4f 2f 6b 9e d9 7d f7 14 67 6e c9 92 9a e9 c5 7c 2e 57 cd 84 1c 48 5f 71 b8 67 ba c6 81 9c dd a9 b1 d2 f4 8a ec b3 fa c8 82 ac 73 69 4f 2e 74 c7 ce 59 5d 87 b9 aa f1 c9 c2 ce 71 3d 50 85 49 59 c3 65 30 63 24 52 5b 5b f4 d4 c3 4e f6 e5 33 d8 3e 28 46 e3 16 e9 65 21 23 81 7b d0 38 1a 85 a1 f0 bd 48 bb c9 d0 f0 f8 64 50 c3 09 a8 2c 9b db 2f 32 b4 67 30 10 08 cd e8 8a d7 61 22 e0 79 71 8b 07 29 76 97 53 37 f7 02 18 b1 62 21 b1 68 20 85 fa 35 ee 24 7f f1 ca e5 af bc 8c 36 6a 94 4c 7f 5a 1d ee fc f4 cb bb ee 7d 0e a1 6e 12 e4 8f Data Ascii: +HD/g%K\H D~;KlqZ<xFohPtLO/k}gn\|.WH_qgsiO.tY]q=PIYe0c$R[[N3>(Fe!#{8HdP,/2g0a"yq)vS7b!h 5$6jLZ}n
2024-04-23 20:28:23 UTC	16384	IN	Data Raw: 81 b9 e7 a7 53 d5 98 12 90 49 7f ad 14 7f 85 a3 23 c4 14 b6 c4 a5 48 fc 0a 0e 75 e9 48 3f 05 36 ab 15 98 3c 4e cd 7f 72 0e 8c 8b 57 cb 74 2a ad c2 f4 dd 1b e2 d0 f4 aa 7f 55 4d 17 3f 9c fc f1 9d 1f 33 7d 7f aa d2 33 46 e0 55 1f 77 66 81 9e f4 82 91 25 f0 1a c7 06 f9 8b 3f 5d 02 0d bc 42 41 03 7a eb df 16 a7 bf 94 f3 2a 08 e1 0e fa a2 fe fe 03 07 fa fb e1 a1 74 bf e4 fb 29 ac 77 2d ae 77 20 5f 6f f6 a4 f5 06 a3 6a 46 9f b2 1d 7e 40 bd 6f 1b 51 3b e1 a4 ad 90 ab f6 7f 8d 57 6b 71 38 5f 3d e6 c2 31 4d a0 44 f2 d7 0e d4 7f bd 19 6c 34 ac 97 d5 53 9d 18 27 2e 70 8a 57 3c d2 62 40 ff 87 db 70 68 fc 2a 33 ee 42 cb 02 56 f5 93 a4 23 27 c9 86 28 11 4e a4 c8 c6 09 8a 6c a0 df de f1 6a 5d 00 81 ff cf d3 ac 4a d3 5d b6 fe ba 7c fd 47 d7 32 70 8a 57 3f ca 82 72 9a 6d Data Ascii: SI#HuH?6<NrWtUM?3}3FUwf%?]BAzt)w-w _ojF~@oQ;Wkq8_=1MDl4S'.pW<b@ph*3BV#'(Nlj]J]\|G2pW?rm
2024-04-23 20:28:23 UTC	16384	IN	Data Raw: bc 19 30 f2 40 e6 ec ce b1 3d d3 27 3c f9 c7 b4 0e 02 27 cc 6b 22 4a 8a b8 28 2d e2 a6 2d 18 63 42 07 34 3e 36 1e 90 00 df e0 26 b9 04 98 34 ac 0f 51 26 1a 7d da e1 1b e6 45 04 b6 ff 4f 70 02 7f 94 7f ec d9 67 e9 30 0a 7d cd 1f 6d 05 6a b4 78 7d 71 15 68 4b dd c1 bc f6 2c ff 18 50 a4 ee a0 c3 ee 81 d7 0c b9 86 81 d7 dc 6e 3a 8c 02 28 01 2c e6 17 81 d9 1f 78 b7 6c 19 78 0f ec 39 f6 c1 65 c7 8f 1f 9f f4 01 98 cd 2f e2 3f df 02 a0 f7 18 d8 c3 df 90 93 7a 3f cb 94 7a 5f a1 80 6e 53 16 74 67 99 a0 1b 91 f0 ef 9b 86 b0 74 c5 14 bb 06 f5 cb 1e a1 4f 92 9d 46 8f 2b 07 12 a9 cc 10 10 0c b6 b9 d0 a2 4c 40 18 7e ac 5d 31 88 e5 ee 60 c3 e9 9d 47 8c 58 99 d6 5a f3 b8 05 9f 67 e2 c5 3b 3f bd 8b 51 d1 e7 1a 00 64 ef fd 74 d1 44 f9 91 95 53 5a 47 82 c0 a3 77 02 f3 ed e0 Data Ascii: 0@='<'k"J(--cB4>6&4Q&}EOpg0}mjx}qhK,Pn:(,xlx9e/?z?z_nStgtOF+L@~]1`GXZg;?QdtDSZGw
2024-04-23 20:28:23 UTC	408	IN	Data Raw: 4d 81 11 4e 91 99 a6 c6 b5 c5 ef 4f bb 54 d4 9c d0 f3 97 86 74 63 f4 1c 20 aa 38 99 2e a5 65 4b a4 b8 e1 02 1e 98 6e d2 0f f9 6a 9b cd 2c ff b8 31 27 44 52 0b 7b 38 d1 4f 4f 0a 53 73 e8 87 83 4d ff 68 41 ab 3a 22 cf ae 0c 0f cf 73 f5 95 22 93 86 35 d7 8a 6a 0e 7f 6a 8e 74 9c 60 d6 07 9e 1b 2f 4d d0 53 9c 5e a5 d2 26 9a 19 1f 2b 47 95 4d 4e 28 0e 4f 55 b9 a9 71 c3 77 35 de e0 a6 c9 4d 8b 9b 71 6e e4 cf b6 c5 95 85 63 e4 6b b5 42 33 6d 06 b5 6b 3c 64 50 9b 41 6d 06 b5 19 d4 66 50 bb 9d 52 ea 63 12 a1 b1 54 e5 a6 c6 4d 3d da 6d 87 0a 0f 9a dc b4 b8 19 e7 86 41 95 31 6e f8 6b 85 41 15 06 55 ea dc 34 b8 61 44 85 11 15 46 54 62 db 76 1c 8b 7b c6 55 19 57 65 5c 95 71 55 c6 55 19 57 65 5c 95 71 55 d6 54 63 4d 35 46 d4 18 51 63 44 2d 36 6f 51 bc e1 a2 4a dc cb 15 Data Ascii: MNOTtc 8.eKnj,1'DR{8OOSsMhA:"s"5jjt`/MS^&+GMN(OUqw5MqnckB3mk<dPAmfPRcTM=mA1nkAU4aDFTbv{UWe\qUUWe\qUTcM5FQcD-6oQJ

Timestamp	Bytes transferred	Direction	Data
2024-04-23 20:28:22 UTC	1019	OUT	GET /Osler/fonts/celeste/CelesteWeb.woff? HTTP/1.1 Host: www.osler.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Origin: https://www.osler.com sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: font Referer: https://www.osler.com/Osler/css/styles.min.css?v=11.0.4 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: CMSPreferredCulture=en-CA; lang=en-ca; ARRAffinity=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ARRAffinitySameSite=a46222d174c7a4c9d75efbc2f711104d8aca19111fb596d3f24e68bf8f7552fd; ASLBSA=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASLBSACORS=0003a097cf7d2980e237bcf076b1a44d5f982803db454ed49f448e10ec6f1531e70c; ASP.NET_SessionId=wxt4gdhqkvddfgmpog4lnvg3
2024-04-23 20:28:22 UTC	388	IN	HTTP/1.1 200 OK Date: Tue, 23 Apr 2024 20:28:22 GMT Content-Type: application/x-font-woff Content-Length: 47896 Connection: close ETag: "09e76b69f86da1:0" Last-Modified: Thu, 04 Apr 2024 14:52:28 GMT X-Frame-Options: SAMEORIGIN X-Powered-By: ASP.NET x-azure-ref: 20240423T202822Z-16f56cb894fsrrwtv9xx2sy9ns000000016g00000000e0hu X-Cache: CONFIG_NOCACHE Accept-Ranges: bytes
2024-04-23 20:28:22 UTC	3738	IN	Data Raw: 77 4f 46 46 00 01 00 00 00 00 bb 18 00 13 00 00 00 01 71 c8 00 07 01 f8 00 00 b9 70 00 00 01 86 00 00 03 aa 00 00 ba f8 00 00 00 20 44 53 49 47 00 00 a8 9c 00 00 10 d2 00 00 19 44 43 2b c2 97 47 50 4f 53 00 00 91 ec 00 00 0e 71 00 00 24 2a a0 fc 6e 38 47 53 55 42 00 00 a0 60 00 00 08 3c 00 00 10 da 0f a4 f9 ad 4c 54 53 48 00 00 06 d0 00 00 00 92 00 00 01 fd c6 74 b0 50 4f 53 2f 32 00 00 02 24 00 00 00 5c 00 00 00 60 82 af 58 a6 63 6d 61 70 00 00 17 fc 00 00 03 e6 00 00 06 2e f6 ac cd 3b 63 76 74 20 00 00 1d 58 00 00 00 22 00 00 00 22 00 e9 07 fa 66 70 67 6d 00 00 1b e4 00 00 01 02 00 00 01 73 06 57 9c 35 67 61 73 70 00 00 91 d8 00 00 00 14 00 00 00 14 00 7c 00 2e 67 6c 79 66 00 00 21 58 00 00 67 ba 00 00 d4 a4 bf 0e 29 f5 68 64 6d 78 00 00 07 64 00 00 10 Data Ascii: wOFFqp DSIGDC+GPOSq$*n8GSUB`<LTSHtPOS/2$\`Xcmap.;cvt X""fpgmsW5gasp\|.glyf!Xg)hdmxd
2024-04-23 20:28:23 UTC	12288	IN	Data Raw: c0 7b 49 2a 74 81 7d 4b 6f 05 43 e8 ba 6e 61 8d 35 c4 a9 e9 1d c4 c6 64 29 c8 8b 5d c7 7a 85 d4 53 a8 50 e2 50 d1 6b 38 6f b0 d1 1a d8 65 c1 1e 51 8e 22 0f 91 54 d7 a0 ca 0e 69 58 f3 7f 1b 65 09 43 a0 ba b1 25 53 aa 4d dc fa 95 6a ab 3a 98 7b f2 f0 59 c1 6e ff e4 00 0b ab aa aa 8a 38 f8 ec b6 2e 68 6f 88 7f ac 27 b8 76 be 66 bf fa 1a 79 cd 22 f4 20 a9 e5 59 62 0c b6 50 41 67 e3 c5 c1 bf 1b ab 9c 04 15 58 5b 61 fa d8 39 07 3f ee 11 fb 95 0e b6 c6 78 cb f3 c7 e8 28 3b a0 16 14 91 32 91 d6 1d 54 73 68 96 f3 92 0d a0 27 38 8a 09 d6 1b a8 ec 2a 67 c7 a6 8e d6 46 22 af 64 17 1a 47 79 b9 eb 94 2b 45 eb 94 a4 3b 1b 3f 61 77 98 61 07 82 4f 4c fe 5a 94 5c f1 8c b6 5c c7 18 2b 55 c5 fb 09 2a 76 80 fd 60 c9 b3 54 61 db b6 37 8c 70 3a a1 d9 05 5e 6a d6 65 29 c8 cb a5 Data Ascii: {It}KoCna5d)]zSPPk8oeQ"TiXeC%SMj:{Yn8.ho'vfy" YbPAgX[a9?x(;2Tsh'8gF"dGy+E;?awaOLZ\\+U*v`Ta7p:^je)
2024-04-23 20:28:23 UTC	16384	IN	Data Raw: 25 61 55 01 7f a1 b8 29 fb 01 46 4a 05 ef 08 68 23 a4 28 1b dd b5 2b 40 87 e6 cc c8 6c a4 6e c9 d6 27 43 72 80 e0 57 c6 b8 36 7f de 87 46 ab 65 f0 27 b3 8e b4 39 9e af b8 74 0a aa 18 ed 1d 07 89 8f e8 b7 e0 bb e0 19 32 87 ad ae 4b 7a 33 b2 5d 9d 3c 03 65 fe e2 3b 4e 2c 45 3b ae d0 26 85 cd 23 01 ef f0 96 6a 65 4b cd 1b 68 2c 5e ea 48 36 22 91 91 94 24 a5 46 22 91 46 d2 01 9e 09 37 77 14 0b db 26 a2 d1 89 6d 85 e2 8e 66 f8 bf a3 d3 65 bf bf 3c 1d 8d 4c 96 7c be d2 24 f1 23 bf 04 be 09 af 47 70 a6 4f b0 2f b3 17 4e a1 23 27 01 75 f0 2f 87 93 57 60 d4 20 18 c9 0e a6 bf e4 16 ea 7e 6b 76 db cc cc b6 ac d5 5f df 98 0f 16 83 1c 6d b4 fb d2 3e f4 bf dd 48 73 c1 22 bc 3e bd e9 c0 6c e9 ea 4b e6 e7 2f b9 ba 34 7b 60 53 fa f8 3b 8a db f7 8f 09 a3 33 d3 d5 50 a8 3a Data Ascii: %aU)FJh#(+@ln'CrW6Fe'9t2Kz3]<e;N,E;&#jeKh,^H6"$F"F7w&mfe<L\|$#GpO/N#'u/W` ~kv_m>Hs">lK/4{`S;3P:
2024-04-23 20:28:23 UTC	15486	IN	Data Raw: 54 4a 69 7b 98 f3 84 32 3e a9 12 8c 4e ba 7d 2c 38 98 29 29 83 09 5f 21 9f 75 0b 95 7c ca e9 f5 78 7d e5 75 55 80 64 f1 26 d1 1b f2 38 1d 9c df e5 8d d5 92 91 aa 22 3b c4 81 14 8e 9b dd 5c 12 09 06 fb fb f2 0e be 16 e1 0a 29 01 f8 fc fd 29 41 59 ea 89 4a 1c f6 42 a1 ee 02 17 42 96 a9 a2 dd cd 12 66 3b 83 55 6c b5 f9 a5 77 bb 94 31 a3 3c 3b c8 2b 35 1f 0f 32 95 2e 13 9d 25 3a 6f 09 b5 ef e7 89 fa 00 1e 38 2d 04 3b 78 8e 91 d4 c3 3a 6f 98 d5 fc bb c7 68 60 0d 07 31 70 d0 02 e5 a0 ae 97 e3 35 b3 06 b4 1c 91 48 33 26 71 28 95 a5 06 0b c3 68 a2 d1 0e a9 35 40 0d 1b 9e ca 4d f9 25 1b 2f c7 fd e1 c1 82 b4 76 3c 52 59 27 c5 6d 72 32 1d 80 56 18 2c 67 65 3e dd 1f 8b 24 cb 3e 21 ec 89 c4 0a 6e 4e f2 82 a7 03 ae 7e 7b 90 75 83 2f da b8 44 3d 3d 31 6d 3b eb 2c 20 73 Data Ascii: TJi{2>N},8))_!u\|x}uUd&8";\))AYJBBf;Ulw1<;+52.%:o8-;x:oh`1p5H3&q(h5@M%/v<RY'mr2V,ge>$>!nN~{u/D==1m;, s

Timestamp	Bytes transferred	Direction	Data
2024-04-23 20:28:22 UTC	555	OUT	GET /scripttemplates/202308.1.0/otBannerSdk.js HTTP/1.1 Host: cdn.cookielaw.org Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.osler.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-04-23 20:28:22 UTC	815	IN	HTTP/1.1 200 OK Date: Tue, 23 Apr 2024 20:28:22 GMT Content-Type: application/javascript Transfer-Encoding: chunked Connection: close Content-MD5: 2+I2Cj649lHjQKiedh8F2Q== Last-Modified: Wed, 25 Oct 2023 03:55:47 GMT x-ms-request-id: 722cf87a-c01e-0042-458a-2f8003000000 x-ms-version: 2009-09-19 x-ms-lease-status: unlocked x-ms-blob-type: BlockBlob Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding Access-Control-Allow-Origin: * Cache-Control: max-age=86400 CF-Cache-Status: HIT Age: 78972 Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-Content-Type-Options: nosniff Server: cloudflare CF-RAY: 879099832b906769-ATL
2024-04-23 20:28:22 UTC	554	IN	Data Raw: 37 63 37 30 0d 0a 2f 2a 2a 20 0a 20 2a 20 6f 6e 65 74 72 75 73 74 2d 62 61 6e 6e 65 72 2d 73 64 6b 0a 20 2a 20 76 32 30 32 33 30 38 2e 31 2e 30 0a 20 2a 20 62 79 20 4f 6e 65 54 72 75 73 74 20 4c 4c 43 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 32 30 32 33 20 0a 20 2a 2f 0a 21 66 75 6e 63 74 69 6f 6e 28 29 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 76 61 72 20 4e 3d 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 72 65 74 75 72 6e 28 4e 3d 4f 62 6a 65 63 74 2e 73 65 74 50 72 6f 74 6f 74 79 70 65 4f 66 7c 7c 28 7b 5f 5f 70 72 6f 74 6f 5f 5f 3a 5b 5d 7d 69 6e 73 74 61 6e 63 65 6f 66 20 41 72 72 61 79 3f 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 65 2e 5f 5f 70 72 6f 74 6f 5f 5f 3d 74 7d 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 66 6f 72 28 76 61 72 20 6f 20 69 6e Data Ascii: 7c70/** * onetrust-banner-sdk * v202308.1.0 * by OneTrust LLC * Copyright 2023 */!function(){"use strict";var N=function(e,t){return(N=Object.setPrototypeOf\|\|({__proto__:[]}instanceof Array?function(e,t){e.__proto__=t}:function(e,t){for(var o in
2024-04-23 20:28:22 UTC	1369	IN	Data Raw: 6f 74 79 70 65 2c 6e 65 77 20 6f 29 7d 76 61 72 20 48 2c 46 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 28 46 3d 4f 62 6a 65 63 74 2e 61 73 73 69 67 6e 7c 7c 66 75 6e 63 74 69 6f 6e 28 65 29 7b 66 6f 72 28 76 61 72 20 74 2c 6f 3d 31 2c 6e 3d 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 3b 6f 3c 6e 3b 6f 2b 2b 29 66 6f 72 28 76 61 72 20 72 20 69 6e 20 74 3d 61 72 67 75 6d 65 6e 74 73 5b 6f 5d 29 4f 62 6a 65 63 74 2e 70 72 6f 74 6f 74 79 70 65 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 2e 63 61 6c 6c 28 74 2c 72 29 26 26 28 65 5b 72 5d 3d 74 5b 72 5d 29 3b 72 65 74 75 72 6e 20 65 7d 29 2e 61 70 70 6c 79 28 74 68 69 73 2c 61 72 67 75 6d 65 6e 74 73 29 7d 3b 66 75 6e 63 74 69 6f 6e 20 52 28 65 2c 73 2c 61 2c 6c 29 7b 72 65 74 75 72 6e 20 6e 65 Data Ascii: otype,new o)}var H,F=function(){return(F=Object.assign\|\|function(e){for(var t,o=1,n=arguments.length;o<n;o++)for(var r in t=arguments[o])Object.prototype.hasOwnProperty.call(t,r)&&(e[r]=t[r]);return e}).apply(this,arguments)};function R(e,s,a,l){return ne
2024-04-23 20:28:22 UTC	1369	IN	Data Raw: 6c 2e 6c 61 62 65 6c 3c 61 5b 32 5d 29 29 7b 61 5b 32 5d 26 26 6c 2e 6f 70 73 2e 70 6f 70 28 29 2c 6c 2e 74 72 79 73 2e 70 6f 70 28 29 3b 63 6f 6e 74 69 6e 75 65 7d 6c 2e 6c 61 62 65 6c 3d 61 5b 32 5d 2c 6c 2e 6f 70 73 2e 70 75 73 68 28 74 29 7d 7d 74 3d 72 2e 63 61 6c 6c 28 6e 2c 6c 29 7d 63 61 74 63 68 28 65 29 7b 74 3d 5b 36 2c 65 5d 2c 73 3d 30 7d 66 69 6e 61 6c 6c 79 7b 69 3d 61 3d 30 7d 69 66 28 35 26 74 5b 30 5d 29 74 68 72 6f 77 20 74 5b 31 5d 3b 72 65 74 75 72 6e 7b 76 61 6c 75 65 3a 74 5b 30 5d 3f 74 5b 31 5d 3a 76 6f 69 64 20 30 2c 64 6f 6e 65 3a 21 30 7d 7d 7d 7d 66 75 6e 63 74 69 6f 6e 20 4d 28 29 7b 66 6f 72 28 76 61 72 20 65 3d 30 2c 74 3d 30 2c 6f 3d 61 72 67 75 6d 65 6e 74 73 2e 6c 65 6e 67 74 68 3b 74 3c 6f 3b 74 2b 2b 29 65 2b 3d 61 72 Data Ascii: l.label<a[2])){a[2]&&l.ops.pop(),l.trys.pop();continue}l.label=a[2],l.ops.push(t)}}t=r.call(n,l)}catch(e){t=[6,e],s=0}finally{i=a=0}if(5&t[0])throw t[1];return{value:t[0]?t[1]:void 0,done:!0}}}}function M(){for(var e=0,t=0,o=arguments.length;t<o;t++)e+=ar
2024-04-23 20:28:22 UTC	1369	IN	Data Raw: 63 65 6f 66 20 4b 29 72 65 74 75 72 6e 20 74 2e 5f 73 74 61 74 65 3d 33 2c 74 2e 5f 76 61 6c 75 65 3d 65 2c 76 6f 69 64 20 58 28 74 29 3b 69 66 28 22 66 75 6e 63 74 69 6f 6e 22 3d 3d 74 79 70 65 6f 66 20 6f 29 72 65 74 75 72 6e 20 76 6f 69 64 20 24 28 28 6e 3d 6f 2c 72 3d 65 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 6e 2e 61 70 70 6c 79 28 72 2c 61 72 67 75 6d 65 6e 74 73 29 7d 29 2c 74 29 7d 74 2e 5f 73 74 61 74 65 3d 31 2c 74 2e 5f 76 61 6c 75 65 3d 65 2c 58 28 74 29 7d 63 61 74 63 68 28 65 29 7b 59 28 74 2c 65 29 7d 76 61 72 20 6e 2c 72 7d 66 75 6e 63 74 69 6f 6e 20 59 28 65 2c 74 29 7b 65 2e 5f 73 74 61 74 65 3d 32 2c 65 2e 5f 76 61 6c 75 65 3d 74 2c 58 28 65 29 7d 66 75 6e 63 74 69 6f 6e 20 58 28 65 29 7b 32 3d 3d 3d 65 2e 5f 73 74 61 74 65 26 26 30 3d 3d Data Ascii: ceof K)return t._state=3,t._value=e,void X(t);if("function"==typeof o)return void $((n=o,r=e,function(){n.apply(r,arguments)}),t)}t._state=1,t._value=e,X(t)}catch(e){Y(t,e)}var n,r}function Y(e,t){e._state=2,e._value=t,X(e)}function X(e){2===e._state&&0==
2024-04-23 20:28:22 UTC	1369	IN	Data Raw: 65 74 75 72 6e 20 76 6f 69 64 20 6e 2e 63 61 6c 6c 28 65 2c 66 75 6e 63 74 69 6f 6e 28 65 29 7b 74 28 6f 2c 65 29 7d 2c 69 29 7d 73 5b 6f 5d 3d 65 2c 30 3d 3d 2d 2d 61 26 26 72 28 73 29 7d 63 61 74 63 68 28 65 29 7b 69 28 65 29 7d 7d 28 65 2c 73 5b 65 5d 29 7d 29 7d 2c 4b 2e 72 65 73 6f 6c 76 65 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 20 74 26 26 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 74 26 26 74 2e 63 6f 6e 73 74 72 75 63 74 6f 72 3d 3d 3d 4b 3f 74 3a 6e 65 77 20 4b 28 66 75 6e 63 74 69 6f 6e 28 65 29 7b 65 28 74 29 7d 29 7d 2c 4b 2e 72 65 6a 65 63 74 3d 66 75 6e 63 74 69 6f 6e 28 6f 29 7b 72 65 74 75 72 6e 20 6e 65 77 20 4b 28 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 74 28 6f 29 7d 29 7d 2c 4b 2e 72 61 63 65 3d 66 75 6e 63 Data Ascii: eturn void n.call(e,function(e){t(o,e)},i)}s[o]=e,0==--a&&r(s)}catch(e){i(e)}}(e,s[e])})},K.resolve=function(t){return t&&"object"==typeof t&&t.constructor===K?t:new K(function(e){e(t)})},K.reject=function(o){return new K(function(e,t){t(o)})},K.race=func
2024-04-23 20:28:22 UTC	1369	IN	Data Raw: 65 3a 21 30 2c 63 6f 6e 66 69 67 75 72 61 62 6c 65 3a 21 30 7d 29 7d 2c 5a 2e 70 72 6f 74 6f 74 79 70 65 2e 69 6e 69 74 45 6e 64 73 57 69 74 68 50 6f 6c 79 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 53 74 72 69 6e 67 2e 70 72 6f 74 6f 74 79 70 65 2e 65 6e 64 73 57 69 74 68 7c 7c 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 79 28 53 74 72 69 6e 67 2e 70 72 6f 74 6f 74 79 70 65 2c 22 65 6e 64 73 57 69 74 68 22 2c 7b 76 61 6c 75 65 3a 66 75 6e 63 74 69 6f 6e 28 65 2c 74 29 7b 72 65 74 75 72 6e 28 76 6f 69 64 20 30 3d 3d 3d 74 7c 7c 74 3e 74 68 69 73 2e 6c 65 6e 67 74 68 29 26 26 28 74 3d 74 68 69 73 2e 6c 65 6e 67 74 68 29 2c 74 68 69 73 2e 73 75 62 73 74 72 69 6e 67 28 74 2d 65 2e 6c 65 6e 67 74 68 2c 74 29 3d 3d 3d 65 7d 2c 77 72 69 74 61 62 6c 65 Data Ascii: e:!0,configurable:!0})},Z.prototype.initEndsWithPoly=function(){String.prototype.endsWith\|\|Object.defineProperty(String.prototype,"endsWith",{value:function(e,t){return(void 0===t\|\|t>this.length)&&(t=this.length),this.substring(t-e.length,t)===e},writable
2024-04-23 20:28:22 UTC	1369	IN	Data Raw: 2e 69 6e 69 74 41 72 72 61 79 46 69 6c 6c 50 6f 6c 79 66 69 6c 6c 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 41 72 72 61 79 2e 70 72 6f 74 6f 74 79 70 65 2e 66 69 6c 6c 7c 7c 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 79 28 41 72 72 61 79 2e 70 72 6f 74 6f 74 79 70 65 2c 22 66 69 6c 6c 22 2c 7b 76 61 6c 75 65 3a 66 75 6e 63 74 69 6f 6e 28 65 29 7b 69 66 28 6e 75 6c 6c 3d 3d 74 68 69 73 29 74 68 72 6f 77 20 6e 65 77 20 54 79 70 65 45 72 72 6f 72 28 22 74 68 69 73 20 69 73 20 6e 75 6c 6c 20 6f 72 20 6e 6f 74 20 64 65 66 69 6e 65 64 22 29 3b 66 6f 72 28 76 61 72 20 74 3d 4f 62 6a 65 63 74 28 74 68 69 73 29 2c 6f 3d 74 2e 6c 65 6e 67 74 68 3e 3e 3e 30 2c 6e 3d 61 72 67 75 6d 65 6e 74 73 5b 31 5d 3e 3e 30 2c 72 3d 6e 3c 30 3f 4d 61 74 68 2e 6d 61 78 Data Ascii: .initArrayFillPolyfill=function(){Array.prototype.fill\|\|Object.defineProperty(Array.prototype,"fill",{value:function(e){if(null==this)throw new TypeError("this is null or not defined");for(var t=Object(this),o=t.length>>>0,n=arguments[1]>>0,r=n<0?Math.max
2024-04-23 20:28:22 UTC	1369	IN	Data Raw: 65 5b 65 2e 43 6f 6e 74 69 6e 75 65 57 69 74 68 6f 75 74 41 63 63 65 70 74 69 6e 67 42 75 74 74 6f 6e 3d 36 5d 3d 22 43 6f 6e 74 69 6e 75 65 57 69 74 68 6f 75 74 41 63 63 65 70 74 69 6e 67 42 75 74 74 6f 6e 22 2c 28 65 3d 74 65 3d 74 65 7c 7c 7b 7d 29 5b 65 2e 42 61 6e 6e 65 72 3d 31 5d 3d 22 42 61 6e 6e 65 72 22 2c 65 5b 65 2e 50 43 3d 32 5d 3d 22 50 43 22 2c 65 5b 65 2e 41 50 49 3d 33 5d 3d 22 41 50 49 22 2c 28 65 3d 6f 65 3d 6f 65 7c 7c 7b 7d 29 2e 41 63 63 65 70 74 41 6c 6c 3d 22 41 63 63 65 70 74 41 6c 6c 22 2c 65 2e 52 65 6a 65 63 74 41 6c 6c 3d 22 52 65 6a 65 63 74 41 6c 6c 22 2c 65 2e 55 70 64 61 74 65 43 6f 6e 73 65 6e 74 3d 22 55 70 64 61 74 65 43 6f 6e 73 65 6e 74 22 2c 28 65 3d 6e 65 3d 6e 65 7c 7c 7b 7d 29 5b 65 2e 50 75 72 70 6f 73 65 3d 31 Data Ascii: e[e.ContinueWithoutAcceptingButton=6]="ContinueWithoutAcceptingButton",(e=te=te\|\|{})[e.Banner=1]="Banner",e[e.PC=2]="PC",e[e.API=3]="API",(e=oe=oe\|\|{}).AcceptAll="AcceptAll",e.RejectAll="RejectAll",e.UpdateConsent="UpdateConsent",(e=ne=ne\|\|{})[e.Purpose=1
2024-04-23 20:28:22 UTC	1369	IN	Data Raw: 5b 22 50 72 65 66 65 72 65 6e 63 65 20 43 65 6e 74 65 72 20 2d 20 43 6f 6e 66 69 72 6d 22 5d 3d 36 5d 3d 22 50 72 65 66 65 72 65 6e 63 65 20 43 65 6e 74 65 72 20 2d 20 43 6f 6e 66 69 72 6d 22 2c 65 5b 65 5b 22 47 50 43 20 76 61 6c 75 65 20 63 68 61 6e 67 65 64 22 5d 3d 37 5d 3d 22 47 50 43 20 76 61 6c 75 65 20 63 68 61 6e 67 65 64 22 2c 28 65 3d 68 65 3d 68 65 7c 7c 7b 7d 29 2e 41 63 74 69 76 65 3d 22 31 22 2c 65 2e 49 6e 41 63 74 69 76 65 3d 22 30 22 2c 28 65 3d 43 65 3d 43 65 7c 7c 7b 7d 29 2e 48 6f 73 74 3d 22 48 6f 73 74 22 2c 65 2e 47 65 6e 56 65 6e 64 6f 72 3d 22 47 65 6e 56 65 6e 22 2c 28 65 3d 79 65 3d 79 65 7c 7c 7b 7d 29 5b 65 2e 48 6f 73 74 3d 31 5d 3d 22 48 6f 73 74 22 2c 65 5b 65 2e 47 65 6e 56 65 6e 3d 32 5d 3d 22 47 65 6e 56 65 6e 22 2c 65 Data Ascii: ["Preference Center - Confirm"]=6]="Preference Center - Confirm",e[e["GPC value changed"]=7]="GPC value changed",(e=he=he\|\|{}).Active="1",e.InActive="0",(e=Ce=Ce\|\|{}).Host="Host",e.GenVendor="GenVen",(e=ye=ye\|\|{})[e.Host=1]="Host",e[e.GenVen=2]="GenVen",e
2024-04-23 20:28:22 UTC	1369	IN	Data Raw: 65 67 61 6c 42 61 73 69 73 22 2c 28 65 3d 5f 65 3d 5f 65 7c 7c 7b 7d 29 2e 63 6f 6f 6b 69 65 73 3d 22 63 6f 6f 6b 69 65 73 22 2c 65 2e 76 65 6e 64 6f 72 73 3d 22 76 65 6e 64 6f 72 73 22 2c 28 65 3d 45 65 3d 45 65 7c 7c 7b 7d 29 2e 47 44 50 52 3d 22 47 44 50 52 22 2c 65 2e 49 41 42 3d 22 49 41 42 22 2c 65 2e 43 43 50 41 3d 22 43 43 50 41 22 2c 65 2e 49 41 42 32 3d 22 49 41 42 32 22 2c 65 2e 49 41 42 32 56 32 3d 22 49 41 42 32 56 32 22 2c 65 2e 47 45 4e 45 52 49 43 3d 22 47 45 4e 45 52 49 43 22 2c 65 2e 4c 47 50 44 3d 22 4c 47 50 44 22 2c 65 2e 47 45 4e 45 52 49 43 5f 50 52 4f 4d 50 54 3d 22 47 45 4e 45 52 49 43 5f 50 52 4f 4d 50 54 22 2c 65 2e 43 50 52 41 3d 22 43 50 52 41 22 2c 65 2e 43 44 50 41 3d 22 43 44 50 41 22 2c 65 2e 55 53 4e 41 54 49 4f 4e 41 4c Data Ascii: egalBasis",(e=_e=_e\|\|{}).cookies="cookies",e.vendors="vendors",(e=Ee=Ee\|\|{}).GDPR="GDPR",e.IAB="IAB",e.CCPA="CCPA",e.IAB2="IAB2",e.IAB2V2="IAB2V2",e.GENERIC="GENERIC",e.LGPD="LGPD",e.GENERIC_PROMPT="GENERIC_PROMPT",e.CPRA="CPRA",e.CDPA="CDPA",e.USNATIONAL