Tests whether browser-generated telemetry reports can reach external endpoints. Unlike JS-initiated requests, these POSTs are sent by browser internals (CSP enforcement engine, Reporting API, NEL subsystem) and may follow a different code path through the network stack. All report endpoints point to https://httpbin.org/post which is a non-whitelisted external destination. Any delivery = filter bypass. The CORS oracle to the same domain confirms whether the domain is reachable at all (validates the oracle itself is meaningful).