urlscan.io logo urlscan.io
SecurityTrails logo

authentication.td.com Open in urlscan Pro
184.51.148.153  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://etransfer.interac.ca/redirectFromShortcutToFi.do?pID=CAJTJKeA&lvt=4FFD5643AE6CE7D4887920A327BB94B6D58A159164441E5ACCA...
Effective URL: https://authentication.td.com/uap-ui/?consumer=easyweb&locale=en_CA
Submission: On August 04 via api from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 1 countries across 11 domains to perform 95 HTTP transactions. The main IP is 184.51.148.153, located in Secaucus, United States and belongs to AKAMAI-ASN1, NL. The main domain is authentication.td.com. The Cisco Umbrella rank of the primary domain is 93768.
TLS certificate: Issued by Entrust Certification Authority - L1M on December 28th 2022. Valid for: a year.
This is the only time authentication.td.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

4    199.83.128.144 (United States)

ASN19551 (INCAPSULA, US)
PTR: 199.83.128.144.ip.incapdns.net
etransfer.interac.ca
1    172.217.13.104 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s04-in-f8.1e100.net
www.googletagmanager.com
32    192.225.158.252 (United States)

ASN30286 (THM, US)
content.etransfer.interac.ca
4    142.251.40.206 (Newark, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f14.1e100.net
www.google-analytics.com
3    142.250.81.230 (Staten Island, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f6.1e100.net
4168148.fls.doubleclick.net
1    172.253.115.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f155.1e100.net
stats.g.doubleclick.net
1    142.251.35.162 (Marriottsville, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f2.1e100.net
adservice.google.com
1    142.250.80.98 (Staten Island, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f2.1e100.net
adservice.google.ca
4    192.225.158.1 (United States)

ASN30286 (THM, US)
PTR: a-sac.h.online-metrix.net
h.online-metrix.net
2    192.225.158.3 (United States)

ASN30286 (THM, US)
PTR: d.aa.online-metrix.net
bzmgl3t1giljnu4dskziekazlxyrwnebf3dt66dtc01200eb9065595dsac.d.aa.online-metrix.net
bzmgl3t1giljnu4dskziekazlxyrwnebf3dt66dtb78b963d89edb0aesac.d.aa.online-metrix.net
4    142.251.40.98 (Newark, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s79-in-f2.1e100.net
www.googleadservices.com
3    142.250.65.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f2.1e100.net
googleads.g.doubleclick.net
3    142.251.40.164 (Newark, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f4.1e100.net
www.google.com
3    172.217.13.195 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f3.1e100.net
www.google.ca
3    184.51.148.170 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-51-148-170.deploy.static.akamaitechnologies.com
easyweb.td.com
28    184.51.148.153 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-51-148-153.deploy.static.akamaitechnologies.com
authentication.td.com
authorization.td.com
2    152.199.0.237 (None, )

ASN- ()
www.wcmcaas.td.com
1    151.101.65.108 (None, )

ASN- ()
acdn.adnxs.com
1    18.164.116.120 (None, )

ASN- ()
nexus.ensighten.com
1    13.225.214.96 (None, )

ASN- ()
bcdn.td.com
Apex Domain
Subdomains		 Transfer
36 interac.ca
etransfer.interac.ca — Cisco Umbrella Rank: 205248
content.etransfer.interac.ca — Cisco Umbrella Rank: 232955
296 KB
34 td.com
easyweb.td.com — Cisco Umbrella Rank: 146754
authentication.td.com — Cisco Umbrella Rank: 93768
authorization.td.com — Cisco Umbrella Rank: 446150
www.wcmcaas.td.com
bcdn.td.com
tmx.td.com Failed
1 MB
7 doubleclick.net
4168148.fls.doubleclick.net — Cisco Umbrella Rank: 294593
stats.g.doubleclick.net — Cisco Umbrella Rank: 115
googleads.g.doubleclick.net — Cisco Umbrella Rank: 54
5 KB
6 online-metrix.net
h.online-metrix.net — Cisco Umbrella Rank: 2932
bzmgl3t1giljnu4dskziekazlxyrwnebf3dt66dtc01200eb9065595dsac.d.aa.online-metrix.net
bzmgl3t1giljnu4dskziekazlxyrwnebf3dt66dtb78b963d89edb0aesac.d.aa.online-metrix.net
32 KB
4 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 166
24 KB
4 google.ca
adservice.google.ca — Cisco Umbrella Rank: 19700
www.google.ca — Cisco Umbrella Rank: 8480
1 KB
4 google.com
adservice.google.com — Cisco Umbrella Rank: 121
www.google.com — Cisco Umbrella Rank: 3
4 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 55
22 KB
1 ensighten.com
nexus.ensighten.com
108 KB
1 adnxs.com
acdn.adnxs.com
ib.adnxs.com Failed
34 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 73
85 KB
95 11
Domain Requested by
32 content.etransfer.interac.ca etransfer.interac.ca
content.etransfer.interac.ca
26 authentication.td.com 2 redirects easyweb.td.com
authentication.td.com
4 www.googleadservices.com 4168148.fls.doubleclick.net
www.googleadservices.com
4 h.online-metrix.net content.etransfer.interac.ca
etransfer.interac.ca
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 etransfer.interac.ca etransfer.interac.ca
3 easyweb.td.com etransfer.interac.ca
easyweb.td.com
3 www.google.ca 4168148.fls.doubleclick.net
3 www.google.com 3 redirects
3 googleads.g.doubleclick.net 3 redirects
3 4168148.fls.doubleclick.net 1 redirects www.googletagmanager.com
adservice.google.com
2 www.wcmcaas.td.com authentication.td.com
2 authorization.td.com easyweb.td.com
authorization.td.com
1 bcdn.td.com authentication.td.com
1 nexus.ensighten.com authentication.td.com
1 acdn.adnxs.com authentication.td.com
1 bzmgl3t1giljnu4dskziekazlxyrwnebf3dt66dtb78b963d89edb0aesac.d.aa.online-metrix.net etransfer.interac.ca
1 bzmgl3t1giljnu4dskziekazlxyrwnebf3dt66dtc01200eb9065595dsac.d.aa.online-metrix.net etransfer.interac.ca
1 adservice.google.ca 1 redirects
1 adservice.google.com 4168148.fls.doubleclick.net
1 stats.g.doubleclick.net www.google-analytics.com
1 www.googletagmanager.com etransfer.interac.ca
0 ib.adnxs.com Failed authentication.td.com
0 tmx.td.com Failed authentication.td.com
95 24

This site contains no links.

Subject Issuer Validity Valid
etransfer.interac.ca
Thawte RSA CA 2018		 2023-02-21 -
2024-03-16		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
content.etransfer.interac.ca
Thawte RSA CA 2018		 2023-02-13 -
2024-03-11		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
h.online-metrix.net
Trustwave Organization Validation SHA256 CA, Level 1		 2023-01-09 -
2024-01-23		 a year crt.sh
*.d.aa.online-metrix.net
Trustwave Organization Validation SHA256 CA, Level 1		 2023-03-03 -
2024-03-04		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
easyweb.td.com
Entrust Certification Authority - L1M		 2022-10-12 -
2023-10-12		 a year crt.sh
authentication.td.com
Entrust Certification Authority - L1M		 2022-12-28 -
2023-12-28		 a year crt.sh
www.wcmcaas.td.com
Entrust Certification Authority - L1M		 2022-12-30 -
2024-01-25		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
nexus.ensighten.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-07 -
2023-10-14		 a year crt.sh
bcdn.td.com
Entrust Certification Authority - L1K		 2023-04-14 -
2024-05-14		 a year crt.sh

This page contains 17 frames:

Primary Page: https://authentication.td.com/uap-ui/?consumer=easyweb&locale=en_CA
Frame ID: F6FE3F91B06A1CA7E5082463D446D685
Requests: 43 HTTP requests in this frame

Frame: https://content.etransfer.interac.ca/tags?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8
Frame ID: 89948E3AA0868604B2DF18E43C7FF0D0
Requests: 10 HTTP requests in this frame

Frame: https://content.etransfer.interac.ca/tags?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8
Frame ID: F1B52A06D8E15143024C079492DCE0C9
Requests: 10 HTTP requests in this frame

Frame: https://4168148.fls.doubleclick.net/activityi;dc_pre=CJHFoL7Tw4ADFUMJaAgdULAEEA;src=4168148;type=conve922;cat=Inter-;ord=8106035604330;auiddc=945677594.1691174373;gtm=45He3820;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fetransfer.interac.ca%2FredirectFromShortcutToFi.do%3FpID%3DCAJTJKeA%26lvt%3D4FFD5643AE6CE7D4887920A327BB94B6D58A159164441E5ACCA01C4E61E11D06%26fiID%3DCA000004%26lang%3Den
Frame ID: 4F49D5DD539D3C148261F85AD8185DEA
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CJHFoL7Tw4ADFUMJaAgdULAEEA;src=4168148;type=conve922;cat=Inter-;ord=8106035604330;auiddc=945677594.1691174373;gtm=45He3820;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fetransfer.interac.ca%2FredirectFromShortcutToFi.do%3FpID%3DCAJTJKeA%26lvt%3D4FFD5643AE6CE7D4887920A327BB94B6D58A159164441E5ACCA01C4E61E11D06%26fiID%3DCA000004%26lang%3Den
Frame ID: 3FD77E67B47337DBDB5D2633E593136E
Requests: 1 HTTP requests in this frame

Frame: https://4168148.fls.doubleclick.net/ddm/fls/r/dc_pre=CJHFoL7Tw4ADFUMJaAgdULAEEA;src=4168148;type=conve922;cat=Inter-;ord=8106035604330;auiddc=945677594.1691174373;gtm=45He3820;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fetransfer.interac.ca%2FredirectFromShortcutToFi.do%3FpID%3DCAJTJKeA%26lvt%3D4FFD5643AE6CE7D4887920A327BB94B6D58A159164441E5ACCA01C4E61E11D06%26fiID%3DCA000004%26lang%3Den
Frame ID: C7C78317672FDFAB26F4D495BC3F433E
Requests: 8 HTTP requests in this frame

Frame: https://content.etransfer.interac.ca/fp/HP?session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&org_id=bzmgl3t1&nonce=c01200eb9065595d&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Frame ID: 19B66DCE0FCA7B05E26D1CCEF071C29F
Requests: 3 HTTP requests in this frame

Frame: https://content.etransfer.interac.ca/fp/ls_fp.html;CIS3SID=65106E7214497A0A8B8078FE87164431?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&nonce=c01200eb9065595d
Frame ID: 700C5CF1A6E78B7F097F0E605D217FCE
Requests: 2 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=65106E7214497A0A8B8078FE87164431?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&nonce=c01200eb9065595d
Frame ID: AEDED2F5BA98B00562BC0E05A737F40C
Requests: 2 HTTP requests in this frame

Frame: https://content.etransfer.interac.ca/fp/top_fp.html;CIS3SID=65106E7214497A0A8B8078FE87164431?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&nonce=c01200eb9065595d
Frame ID: 5899F34C7A452AA3745DDD2D081B67E3
Requests: 2 HTTP requests in this frame

Frame: https://content.etransfer.interac.ca/fp/HP?session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&org_id=bzmgl3t1&nonce=b78b963d89edb0ae&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Frame ID: 0188777C300D1F04D97AC1AB304AA158
Requests: 3 HTTP requests in this frame

Frame: https://content.etransfer.interac.ca/fp/ls_fp.html;CIS3SID=B9EEDA2026D267DD7440DE2137501FEC?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&nonce=b78b963d89edb0ae
Frame ID: D92EB0358FFD134EEB9CE61F8BDA1075
Requests: 2 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=B9EEDA2026D267DD7440DE2137501FEC?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&nonce=b78b963d89edb0ae
Frame ID: 7447561DBAAA49C5A17113B67ECE80E6
Requests: 2 HTTP requests in this frame

Frame: https://content.etransfer.interac.ca/fp/top_fp.html;CIS3SID=B9EEDA2026D267DD7440DE2137501FEC?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&nonce=b78b963d89edb0ae
Frame ID: D53752CA33473C28382AB0FCAAD95A70
Requests: 2 HTTP requests in this frame

Frame: https://easyweb.td.com/waw/ezw/servlet/ca.tdbank.banking.servlet.DefaultServlet?referer=main&RID=CAJTJKeA
Frame ID: B128AD98E9115343C2C2BA88735601B3
Requests: 1 HTTP requests in this frame

Frame: https://easyweb.td.com/waw/ezw/blank.jsp
Frame ID: AF7989C526482B43B51A9718BFA0BB8C
Requests: 1 HTTP requests in this frame

Frame: https://authentication.td.com/uap-ui/login-initializer?ec=undefined&lang=en_CA&consumer=easyweb
Frame ID: B99D031498EBBE10A5B58BE3F2F43DD7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

EasyWeb Login

Page URL History Show full URLs

  1. https://etransfer.interac.ca/redirectFromShortcutToFi.do?pID=CAJTJKeA&lvt=4FFD5643AE6CE7D4887920A327BB94B... Page URL
  2. https://easyweb.td.com/waw/ezw/main.jsp?RID=CAJTJKeA Page URL
  3. https://authorization.td.com/as/authorization.oauth2?response_type=code%20id_token&client_id=11f15756-c10... Page URL
  4. https://authentication.td.com/uap-ui/initiate-sso HTTP 302
    https://authentication.td.com/uap-ui/index.html?consumer=easyweb&locale=en_CA HTTP 302
    https://authentication.td.com/uap-ui/?consumer=easyweb&locale=en_CA Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //nexus\.ensighten\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

95
Requests

94 %
HTTPS

0 %
IPv6

11
Domains

24
Subdomains

18
IPs

1
Countries

1759 kB
Transfer

6312 kB
Size

24
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://etransfer.interac.ca/redirectFromShortcutToFi.do?pID=CAJTJKeA&lvt=4FFD5643AE6CE7D4887920A327BB94B6D58A159164441E5ACCA01C4E61E11D06&fiID=CA000004&lang=en Page URL
  2. https://easyweb.td.com/waw/ezw/main.jsp?RID=CAJTJKeA Page URL
  3. https://authorization.td.com/as/authorization.oauth2?response_type=code%20id_token&client_id=11f15756-c106-4329-a7d8-053d348e8ca6&pfidpadapterid=uapdapter&scope=alev.altr.alev.w%20apay.bpapi.edd.r%20bt.bto.bt.w%20cca.crdsv.cca.r%20cca.crdsv.cca.w%20cca.tdc.cca.r%20cca.tdcbc.cca.r%20ce.oscce.ce.r%20ce.oscce.ce.w%20co.bto.co.r%20ctev.smsg.ctev.r%20debit.acs.debcrd.r%20docg.oscdd.docg.w%20docm.dom.docom.w%20docm.fn.repo.r%20docm.fn.repo.w%20enr.papi.enr.r%20enr.papi.enr.w%20enr.tdw.prdc.r%20enr.tdw.prdc.w%20ffc.woe.ff.r%20ffc.woe.ff.w%20ffc.woe.ffdoc.r%20frds.frd.frds.w%20ft.das.fts.r%20ft.elgty.ft.r%20ft.papi.ft.r%20ft.papi.ft.w%20ftq.papi.ftq.w%20inva.rpm.inva.r%20inva.wft.inva.r%20invp.wdsm.invp.r%20invp.wdsm.mktq.r%20km.kms.ce.w%20la.tdc.lag.r%20la.tdc.lag.rre.w%20lu.papi.lu.r%20mtag.mtg.mtag.r%20mtag.mtg.mtag.w%20notf.papi.ft.r%20notf.papi.ft.w%20prts.capa.prts.r%20prts.capd.prts.r%20prts.cif.prts.r%20prts.cif.prts.w%20prts.elgty.prts.r%20prts.radar.prts.r%20prts.radar.prts.w%20serreqs.ctssd.iss.w%20stmt.sdapi.estmt.r%20stmt.sdapi.estmt.w%20to.rpm.to.r%20vlet.dcc.vlet.w&nonce=8dd1b62f-5068-48be-8572-115129f3ef02&redirect_uri=https://easyweb.td.com/waw/ezw/initialize.jsp?RID=CAJTJKeA&state=EASYWEB Page URL
  4. https://authentication.td.com/uap-ui/initiate-sso HTTP 302
    https://authentication.td.com/uap-ui/index.html?consumer=easyweb&locale=en_CA HTTP 302
    https://authentication.td.com/uap-ui/?consumer=easyweb&locale=en_CA Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://4168148.fls.doubleclick.net/activityi;src=4168148;type=conve922;cat=Inter-;ord=8106035604330;auiddc=945677594.1691174373;gtm=45He3820;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fetransfer.interac.ca%2FredirectFromShortcutToFi.do%3FpID%3DCAJTJKeA%26lvt%3D4FFD5643AE6CE7D4887920A327BB94B6D58A159164441E5ACCA01C4E61E11D06%26fiID%3DCA000004%26lang%3Den HTTP 302
  • https://4168148.fls.doubleclick.net/activityi;dc_pre=CJHFoL7Tw4ADFUMJaAgdULAEEA;src=4168148;type=conve922;cat=Inter-;ord=8106035604330;auiddc=945677594.1691174373;gtm=45He3820;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fetransfer.interac.ca%2FredirectFromShortcutToFi.do%3FpID%3DCAJTJKeA%26lvt%3D4FFD5643AE6CE7D4887920A327BB94B6D58A159164441E5ACCA01C4E61E11D06%26fiID%3DCA000004%26lang%3Den
Request Chain 17
  • https://adservice.google.ca/ddm/fls/i/dc_pre=CJHFoL7Tw4ADFUMJaAgdULAEEA;src=4168148;type=conve922;cat=Inter-;ord=8106035604330;auiddc=945677594.1691174373;gtm=45He3820;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fetransfer.interac.ca%2FredirectFromShortcutToFi.do%3FpID%3DCAJTJKeA%26lvt%3D4FFD5643AE6CE7D4887920A327BB94B6D58A159164441E5ACCA01C4E61E11D06%26fiID%3DCA000004%26lang%3Den HTTP 302
  • https://4168148.fls.doubleclick.net/ddm/fls/r/dc_pre=CJHFoL7Tw4ADFUMJaAgdULAEEA;src=4168148;type=conve922;cat=Inter-;ord=8106035604330;auiddc=945677594.1691174373;gtm=45He3820;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fetransfer.interac.ca%2FredirectFromShortcutToFi.do%3FpID%3DCAJTJKeA%26lvt%3D4FFD5643AE6CE7D4887920A327BB94B6D58A159164441E5ACCA01C4E61E11D06%26fiID%3DCA000004%26lang%3Den
Request Chain 44
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/981124174/?random=353672883&cv=9&fst=1691174374579&num=1&label=T3JACK2A7mMQzojr0wM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F4168148.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCJHFoL7Tw4ADFUMJaAgdULAEEA%3Bsrc%3D4168148%3Btype%3Dconve922%3Bcat%3DInter-%3Bord%3D8106035604330%3Bauiddc%3D945677594.1691174373%3Bgtm%3D45He3820%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fetransfer.interac.ca%252FredirectFromShortcutToFi.do%253FpID%253DCAJTJKeA%2526lvt%253D4FFD5643AE6CE7D4887920A327BB94B6D58A159164441E5ACCA01C4E61E11D06%2526fiID%253DCA000004%2526lang%253Den&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=5kXNZOftJNmToPMPx4eu2As&sscte=1&crd=&pscrd=IhMI5_jnvtPDgAMV2QloCB3Hgwu7 HTTP 302
  • https://www.google.com/pagead/1p-conversion/981124174/?random=353672883&cv=9&fst=1691174374579&num=1&label=T3JACK2A7mMQzojr0wM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F4168148.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCJHFoL7Tw4ADFUMJaAgdULAEEA%3Bsrc%3D4168148%3Btype%3Dconve922%3Bcat%3DInter-%3Bord%3D8106035604330%3Bauiddc%3D945677594.1691174373%3Bgtm%3D45He3820%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fetransfer.interac.ca%252FredirectFromShortcutToFi.do%253FpID%253DCAJTJKeA%2526lvt%253D4FFD5643AE6CE7D4887920A327BB94B6D58A159164441E5ACCA01C4E61E11D06%2526fiID%253DCA000004%2526lang%253Den&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI5_jnvtPDgAMV2QloCB3Hgwu7&is_vtc=1&ocp_id=5kXNZOftJNmToPMPx4eu2As&cid=CAQSKQBpAlJWwt6eN_14-bjL1xhCtV9yT3RtGlV5PY1i7Hl2PPgXyK0tFJ1X&random=3551458289&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.ca/pagead/1p-conversion/981124174/?random=353672883&cv=9&fst=1691174374579&num=1&label=T3JACK2A7mMQzojr0wM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F4168148.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCJHFoL7Tw4ADFUMJaAgdULAEEA%3Bsrc%3D4168148%3Btype%3Dconve922%3Bcat%3DInter-%3Bord%3D8106035604330%3Bauiddc%3D945677594.1691174373%3Bgtm%3D45He3820%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fetransfer.interac.ca%252FredirectFromShortcutToFi.do%253FpID%253DCAJTJKeA%2526lvt%253D4FFD5643AE6CE7D4887920A327BB94B6D58A159164441E5ACCA01C4E61E11D06%2526fiID%253DCA000004%2526lang%253Den&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI5_jnvtPDgAMV2QloCB3Hgwu7&is_vtc=1&ocp_id=5kXNZOftJNmToPMPx4eu2As&cid=CAQSKQBpAlJWwt6eN_14-bjL1xhCtV9yT3RtGlV5PY1i7Hl2PPgXyK0tFJ1X&random=3551458289&resp=GooglemKTybQhCsO&ipr=y
Request Chain 45
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/954740125/?random=1137575108&cv=9&fst=1691174374579&num=2&label=0x9BCJvGwGMQndugxwM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F4168148.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCJHFoL7Tw4ADFUMJaAgdULAEEA%3Bsrc%3D4168148%3Btype%3Dconve922%3Bcat%3DInter-%3Bord%3D8106035604330%3Bauiddc%3D945677594.1691174373%3Bgtm%3D45He3820%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fetransfer.interac.ca%252FredirectFromShortcutToFi.do%253FpID%253DCAJTJKeA%2526lvt%253D4FFD5643AE6CE7D4887920A327BB94B6D58A159164441E5ACCA01C4E61E11D06%2526fiID%253DCA000004%2526lang%253Den&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=5kXNZOerKfKdoPMPv9CimAY&sscte=1&crd=&pscrd=IhMI57bsvtPDgAMV8g5oCB0_qAhj HTTP 302
  • https://www.google.com/pagead/1p-conversion/954740125/?random=1137575108&cv=9&fst=1691174374579&num=2&label=0x9BCJvGwGMQndugxwM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F4168148.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCJHFoL7Tw4ADFUMJaAgdULAEEA%3Bsrc%3D4168148%3Btype%3Dconve922%3Bcat%3DInter-%3Bord%3D8106035604330%3Bauiddc%3D945677594.1691174373%3Bgtm%3D45He3820%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fetransfer.interac.ca%252FredirectFromShortcutToFi.do%253FpID%253DCAJTJKeA%2526lvt%253D4FFD5643AE6CE7D4887920A327BB94B6D58A159164441E5ACCA01C4E61E11D06%2526fiID%253DCA000004%2526lang%253Den&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI57bsvtPDgAMV8g5oCB0_qAhj&is_vtc=1&ocp_id=5kXNZOerKfKdoPMPv9CimAY&cid=CAQSKQBpAlJWwFwauedC_6STegZC5DMtkv71Tqh8tGoa2egBmkN_DhLqUPA3&random=3435824971&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.ca/pagead/1p-conversion/954740125/?random=1137575108&cv=9&fst=1691174374579&num=2&label=0x9BCJvGwGMQndugxwM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F4168148.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCJHFoL7Tw4ADFUMJaAgdULAEEA%3Bsrc%3D4168148%3Btype%3Dconve922%3Bcat%3DInter-%3Bord%3D8106035604330%3Bauiddc%3D945677594.1691174373%3Bgtm%3D45He3820%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fetransfer.interac.ca%252FredirectFromShortcutToFi.do%253FpID%253DCAJTJKeA%2526lvt%253D4FFD5643AE6CE7D4887920A327BB94B6D58A159164441E5ACCA01C4E61E11D06%2526fiID%253DCA000004%2526lang%253Den&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI57bsvtPDgAMV8g5oCB0_qAhj&is_vtc=1&ocp_id=5kXNZOerKfKdoPMPv9CimAY&cid=CAQSKQBpAlJWwFwauedC_6STegZC5DMtkv71Tqh8tGoa2egBmkN_DhLqUPA3&random=3435824971&resp=GooglemKTybQhCsO&ipr=y
Request Chain 49
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/979606057/?random=979433869&cv=9&fst=1691174374579&num=3&label=USQkCKH7zmIQqbSO0wM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F4168148.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCJHFoL7Tw4ADFUMJaAgdULAEEA%3Bsrc%3D4168148%3Btype%3Dconve922%3Bcat%3DInter-%3Bord%3D8106035604330%3Bauiddc%3D945677594.1691174373%3Bgtm%3D45He3820%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fetransfer.interac.ca%252FredirectFromShortcutToFi.do%253FpID%253DCAJTJKeA%2526lvt%253D4FFD5643AE6CE7D4887920A327BB94B6D58A159164441E5ACCA01C4E61E11D06%2526fiID%253DCA000004%2526lang%253Den&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=5kXNZN3kKbWHoPMP-uu0wAc&sscte=1&crd=&pscrd=IhMI3e_svtPDgAMVtQNoCB36NQ14 HTTP 302
  • https://www.google.com/pagead/1p-conversion/979606057/?random=979433869&cv=9&fst=1691174374579&num=3&label=USQkCKH7zmIQqbSO0wM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F4168148.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCJHFoL7Tw4ADFUMJaAgdULAEEA%3Bsrc%3D4168148%3Btype%3Dconve922%3Bcat%3DInter-%3Bord%3D8106035604330%3Bauiddc%3D945677594.1691174373%3Bgtm%3D45He3820%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fetransfer.interac.ca%252FredirectFromShortcutToFi.do%253FpID%253DCAJTJKeA%2526lvt%253D4FFD5643AE6CE7D4887920A327BB94B6D58A159164441E5ACCA01C4E61E11D06%2526fiID%253DCA000004%2526lang%253Den&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI3e_svtPDgAMVtQNoCB36NQ14&is_vtc=1&ocp_id=5kXNZN3kKbWHoPMP-uu0wAc&cid=CAQSKQBpAlJWs0xuF6qZ24NeRea0B9F7D_uMLeSbIrIhKstVM8cz_MYf2XtC&random=1476936557&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.ca/pagead/1p-conversion/979606057/?random=979433869&cv=9&fst=1691174374579&num=3&label=USQkCKH7zmIQqbSO0wM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F4168148.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCJHFoL7Tw4ADFUMJaAgdULAEEA%3Bsrc%3D4168148%3Btype%3Dconve922%3Bcat%3DInter-%3Bord%3D8106035604330%3Bauiddc%3D945677594.1691174373%3Bgtm%3D45He3820%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fetransfer.interac.ca%252FredirectFromShortcutToFi.do%253FpID%253DCAJTJKeA%2526lvt%253D4FFD5643AE6CE7D4887920A327BB94B6D58A159164441E5ACCA01C4E61E11D06%2526fiID%253DCA000004%2526lang%253Den&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI3e_svtPDgAMVtQNoCB36NQ14&is_vtc=1&ocp_id=5kXNZN3kKbWHoPMP-uu0wAc&cid=CAQSKQBpAlJWs0xuF6qZ24NeRea0B9F7D_uMLeSbIrIhKstVM8cz_MYf2XtC&random=1476936557&resp=GooglemKTybQhCsO&ipr=y

95 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
redirectFromShortcutToFi.do
etransfer.interac.ca/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://etransfer.interac.ca/redirectFromShortcutToFi.do?pID=CAJTJKeA&lvt=4FFD5643AE6CE7D4887920A327BB94B6D58A159164441E5ACCA01C4E61E11D06&fiID=CA000004&lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.83.128.144 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
199.83.128.144.ip.incapdns.net
Software
Apache-Coyote/1.1 / JSP/2.2
Resource Hash
3a74d888d8047dc3ec33a7fecbae578ad225d55d079f68f8b5aec3999263af40

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-encoding
gzip
content-language
en
content-type
text/html;charset=UTF-8
date
Fri, 04 Aug 2023 18:39:32 GMT
server
Apache-Coyote/1.1
x-cdn
Imperva
x-iinfo
5-24178840-24178846 NNYN CT(26 32 0) RT(1691174372139 37) q(0 0 1 1) r(2 2) U12
x-powered-by
JSP/2.2
vendorJS.js
etransfer.interac.ca/gzip_5a5877ca34034008d7f643254180fd0e/gateway/ 		155 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://etransfer.interac.ca/gzip_5a5877ca34034008d7f643254180fd0e/gateway/vendorJS.js
Requested by
Host: etransfer.interac.ca
URL: https://etransfer.interac.ca/redirectFromShortcutToFi.do?pID=CAJTJKeA&lvt=4FFD5643AE6CE7D4887920A327BB94B6D58A159164441E5ACCA01C4E61E11D06&fiID=CA000004&lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.83.128.144 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
199.83.128.144.ip.incapdns.net
Software
/
Resource Hash
a3ee664b3de72360fba0c99ad23ab06aa48a477a4735f01c48ba1ff62d0f77f0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://etransfer.interac.ca/redirectFromShortcutToFi.do?pID=CAJTJKeA&lvt=4FFD5643AE6CE7D4887920A327BB94B6D58A159164441E5ACCA01C4E61E11D06&fiID=CA000004&lang=en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 18:39:32 GMT
content-encoding
gzip
last-modified
Sun, 06 Nov 2005 12:00:00 GMT
x-cdn
Imperva
etag
2740050219
content-type
text/javascript;charset=UTF-8
x-iinfo
5-24178840-0 0CNN RT(1691174372139 246) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=314298544, public
content-length
51093
expires
Wed, 20 Jul 2033 11:48:36 GMT
gatewayInitJS.js
etransfer.interac.ca/gzip_e3f8682a0138743a00ae4205532233e3/gateway/ 		1 KB
717 B 		Script
General
Check archive.org
Download Go to
Full URL
https://etransfer.interac.ca/gzip_e3f8682a0138743a00ae4205532233e3/gateway/gatewayInitJS.js
Requested by
Host: etransfer.interac.ca
URL: https://etransfer.interac.ca/redirectFromShortcutToFi.do?pID=CAJTJKeA&lvt=4FFD5643AE6CE7D4887920A327BB94B6D58A159164441E5ACCA01C4E61E11D06&fiID=CA000004&lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.83.128.144 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
199.83.128.144.ip.incapdns.net
Software
/
Resource Hash
d1edfc0790366f7ad281548a12707239fe8d54f5e5ec09e08471fc7f1e4faf65

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://etransfer.interac.ca/redirectFromShortcutToFi.do?pID=CAJTJKeA&lvt=4FFD5643AE6CE7D4887920A327BB94B6D58A159164441E5ACCA01C4E61E11D06&fiID=CA000004&lang=en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 18:39:32 GMT
content-encoding
gzip
last-modified
Sun, 06 Nov 2005 12:00:00 GMT
x-cdn
Imperva
etag
2740050219
content-type
text/javascript;charset=UTF-8
x-iinfo
5-24178840-0 0CNN RT(1691174372139 249) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=314298543, public
content-length
581
expires
Wed, 20 Jul 2033 11:48:35 GMT
TMHeader.js
etransfer.interac.ca/gzip_d41d8cd98f00b204e9800998ecf8427e/gateway/ 		0
111 B 		Script
General
Check archive.org
Download Go to
Full URL
https://etransfer.interac.ca/gzip_d41d8cd98f00b204e9800998ecf8427e/gateway/TMHeader.js
Requested by
Host: etransfer.interac.ca
URL: https://etransfer.interac.ca/redirectFromShortcutToFi.do?pID=CAJTJKeA&lvt=4FFD5643AE6CE7D4887920A327BB94B6D58A159164441E5ACCA01C4E61E11D06&fiID=CA000004&lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.83.128.144 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
199.83.128.144.ip.incapdns.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://etransfer.interac.ca/redirectFromShortcutToFi.do?pID=CAJTJKeA&lvt=4FFD5643AE6CE7D4887920A327BB94B6D58A159164441E5ACCA01C4E61E11D06&fiID=CA000004&lang=en
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 18:39:32 GMT
content-encoding
gzip
last-modified
Sun, 06 Nov 2005 12:00:00 GMT
x-cdn
Imperva
etag
2740050219
content-type
text/javascript;charset=UTF-8
x-iinfo
5-24178840-0 0CNN RT(1691174372139 253) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=314298543, public
content-length
20
expires
Wed, 20 Jul 2033 11:48:35 GMT
gtm.js
www.googletagmanager.com/ 		240 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5SR238
Requested by
Host: etransfer.interac.ca
URL: https://etransfer.interac.ca/redirectFromShortcutToFi.do?pID=CAJTJKeA&lvt=4FFD5643AE6CE7D4887920A327BB94B6D58A159164441E5ACCA01C4E61E11D06&fiID=CA000004&lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
69285b92666d771f3ad19cd7cd53fbb19aab38854847350772b1837a4a2e523c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://etransfer.interac.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 18:39:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
86679
x-xss-protection
0
last-modified
Fri, 04 Aug 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 04 Aug 2023 18:39:33 GMT
tags
content.etransfer.interac.ca/ Frame 8994 		785 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://content.etransfer.interac.ca/tags?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8
Requested by
Host: etransfer.interac.ca
URL: https://etransfer.interac.ca/redirectFromShortcutToFi.do?pID=CAJTJKeA&lvt=4FFD5643AE6CE7D4887920A327BB94B6D58A159164441E5ACCA01C4E61E11D06&fiID=CA000004&lang=en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.252 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
0f00822f9ece9b35119961e49841737b03773f49cb47f4c993058adbde334a41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://etransfer.interac.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Content-Encoding
gzip
Content-Language
en-CA
Content-Length
386
Content-Type
text/html;charset=UTF-8
Date
Fri, 04 Aug 2023 18:39:33 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=100
P3P
CP=IVAa PSAa
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Robots-Tag
noindex, nofollow
X-UA-Compatible
IE=Edge
X-XSS-Protection
1; mode=block
tags
content.etransfer.interac.ca/ Frame F1B5 		785 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://content.etransfer.interac.ca/tags?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8
Requested by
Host: etransfer.interac.ca
URL: https://etransfer.interac.ca/redirectFromShortcutToFi.do?pID=CAJTJKeA&lvt=4FFD5643AE6CE7D4887920A327BB94B6D58A159164441E5ACCA01C4E61E11D06&fiID=CA000004&lang=en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.252 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
872c51c692ea100c30d2dedef5de15cb7c8ffb721f754c9a1b5916c428320ec4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://etransfer.interac.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Content-Encoding
gzip
Content-Language
en-CA
Content-Length
387
Content-Type
text/html;charset=UTF-8
Date
Fri, 04 Aug 2023 18:39:33 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=100
P3P
CP=IVAa PSAa
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Robots-Tag
noindex, nofollow
X-UA-Compatible
IE=Edge
X-XSS-Protection
1; mode=block
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SR238
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.206 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://etransfer.interac.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 04 Aug 2023 18:27:56 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
697
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 04 Aug 2023 20:27:56 GMT
activityi;dc_pre=CJHFoL7Tw4ADFUMJaAgdULAEEA;src=4168148;type=conve922;cat=Inter-;ord=8106035604330;auiddc=945677594.1691174373;gtm=45He3820;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~or...
4168148.fls.doubleclick.net/ Frame 4F49
Redirect Chain
  • https://4168148.fls.doubleclick.net/activityi;src=4168148;type=conve922;cat=Inter-;ord=8106035604330;auiddc=945677594.1691174373;gtm=45He3820;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~...
  • https://4168148.fls.doubleclick.net/activityi;dc_pre=CJHFoL7Tw4ADFUMJaAgdULAEEA;src=4168148;type=conve922;cat=Inter-;ord=8106035604330;auiddc=945677594.1691174373;gtm=45He3820;uaa=;uab=;uafvl=;uamb...
689 B
579 B 		Document
General
Check archive.org
Download Go to
Full URL
https://4168148.fls.doubleclick.net/activityi;dc_pre=CJHFoL7Tw4ADFUMJaAgdULAEEA;src=4168148;type=conve922;cat=Inter-;ord=8106035604330;auiddc=945677594.1691174373;gtm=45He3820;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fetransfer.interac.ca%2FredirectFromShortcutToFi.do%3FpID%3DCAJTJKeA%26lvt%3D4FFD5643AE6CE7D4887920A327BB94B6D58A159164441E5ACCA01C4E61E11D06%26fiID%3DCA000004%26lang%3Den?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SR238
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.81.230 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f6.1e100.net
Software
cafe /
Resource Hash
6df3a2c90c981cfdc1129c817eb96adc550c60d6e9dff4eb4bd3ef0e7096be59
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://etransfer.interac.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
403
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 04 Aug 2023 18:39:33 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 04 Aug 2023 18:39:33 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://4168148.fls.doubleclick.net/activityi;dc_pre=CJHFoL7Tw4ADFUMJaAgdULAEEA;src=4168148;type=conve922;cat=Inter-;ord=8106035604330;auiddc=945677594.1691174373;gtm=45He3820;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fetransfer.interac.ca%2FredirectFromShortcutToFi.do%3FpID%3DCAJTJKeA%26lvt%3D4FFD5643AE6CE7D4887920A327BB94B6D58A159164441E5ACCA01C4E61E11D06%26fiID%3DCA000004%26lang%3Den?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
clear.png
content.etransfer.interac.ca/fp/ Frame 8994 		81 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.etransfer.interac.ca/fp/clear.png?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&nonce=c01200eb9065595d&ck=0&m=2
Requested by
Host: content.etransfer.interac.ca
URL: https://content.etransfer.interac.ca/tags?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.252 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://content.etransfer.interac.ca/tags?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Aug 2023 18:39:33 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=99
Content-Length
81
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
check.js;CIS3SID=65106E7214497A0A8B8078FE87164431
content.etransfer.interac.ca/fp/ Frame 8994 		301 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.etransfer.interac.ca/fp/check.js;CIS3SID=65106E7214497A0A8B8078FE87164431?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&nonce=c01200eb9065595d
Requested by
Host: content.etransfer.interac.ca
URL: https://content.etransfer.interac.ca/tags?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.252 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
f70c47358b2aad72ecc69e8f7769194ac5ed8c91eec8796e38fd5a7049547710
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://content.etransfer.interac.ca/tags?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Fri, 04 Aug 2023 18:39:33 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Transfer-Encoding
chunked
tmx-nonce
c01200eb9065595d
Connection
Keep-Alive, Keep-Alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
X-Robots-Tag
noindex, nofollow
Keep-Alive
timeout=2, max=99
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear.png
content.etransfer.interac.ca/fp/ Frame F1B5 		81 B
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.etransfer.interac.ca/fp/clear.png?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&nonce=b78b963d89edb0ae&ck=0&m=2
Requested by
Host: content.etransfer.interac.ca
URL: https://content.etransfer.interac.ca/tags?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.252 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://content.etransfer.interac.ca/tags?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Aug 2023 18:39:33 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
Content-Length
81
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
check.js;CIS3SID=B9EEDA2026D267DD7440DE2137501FEC
content.etransfer.interac.ca/fp/ Frame F1B5 		301 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.etransfer.interac.ca/fp/check.js;CIS3SID=B9EEDA2026D267DD7440DE2137501FEC?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&nonce=b78b963d89edb0ae
Requested by
Host: content.etransfer.interac.ca
URL: https://content.etransfer.interac.ca/tags?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.252 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
8d033583fc508bbfe6c204fda7dcc5af0a7d6ec1631c79892537fdc467d5f66b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://content.etransfer.interac.ca/tags?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Fri, 04 Aug 2023 18:39:33 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Transfer-Encoding
chunked
tmx-nonce
b78b963d89edb0ae
Connection
Keep-Alive, Keep-Alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
X-Robots-Tag
noindex, nofollow
Keep-Alive
timeout=2, max=98
Expires
Thu, 01 Jan 1970 00:00:00 GMT
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.206 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f14.1e100.net
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://etransfer.interac.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 17:47:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
3116
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
697
x-xss-protection
0
last-modified
Fri, 30 Jun 2023 18:58:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 04 Aug 2023 18:47:37 GMT
collect
www.google-analytics.com/j/ 		3 B
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=771346087&t=pageview&_s=1&dl=https%3A%2F%2Fetransfer.interac.ca%2FredirectFromShortcutToFi.do%3FpID%3DCAJTJKeA%26lvt%3D4FFD5643AE6CE7D4887920A327BB94B6D58A159164441E5ACCA01C4E61E11D06%26fiID%3DCA000004%26lang%3Den&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgAAjAAAAAC~&jid=1260033048&gjid=757816870&cid=1713678056.1691174373&tid=UA-53324311-1&_gid=408841491.1691174373&_slc=1&gtm=45He3820n715SR238&z=706103746
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.206 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://etransfer.interac.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 04 Aug 2023 18:39:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://etransfer.interac.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
349 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-53324311-1&cid=1713678056.1691174373&jid=1260033048&gjid=757816870&_gid=408841491.1691174373&_u=aGBAgAAjAAAAAG~&z=2027036733
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://etransfer.interac.ca/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 04 Aug 2023 18:39:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://etransfer.interac.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CJHFoL7Tw4ADFUMJaAgdULAEEA;src=4168148;type=conve922;cat=Inter-;ord=8106035604330;auiddc=945677594.1691174373;gtm=45He3820;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3...
adservice.google.com/ddm/fls/i/ Frame 3FD7 		688 B
780 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CJHFoL7Tw4ADFUMJaAgdULAEEA;src=4168148;type=conve922;cat=Inter-;ord=8106035604330;auiddc=945677594.1691174373;gtm=45He3820;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fetransfer.interac.ca%2FredirectFromShortcutToFi.do%3FpID%3DCAJTJKeA%26lvt%3D4FFD5643AE6CE7D4887920A327BB94B6D58A159164441E5ACCA01C4E61E11D06%26fiID%3DCA000004%26lang%3Den
Requested by
Host: 4168148.fls.doubleclick.net
URL: https://4168148.fls.doubleclick.net/activityi;dc_pre=CJHFoL7Tw4ADFUMJaAgdULAEEA;src=4168148;type=conve922;cat=Inter-;ord=8106035604330;auiddc=945677594.1691174373;gtm=45He3820;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fetransfer.interac.ca%2FredirectFromShortcutToFi.do%3FpID%3DCAJTJKeA%26lvt%3D4FFD5643AE6CE7D4887920A327BB94B6D58A159164441E5ACCA01C4E61E11D06%26fiID%3DCA000004%26lang%3Den?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.35.162 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
cafe /
Resource Hash
36cc118457cfdcf705f839079076fd82417a50940c786464c2f6550ff430a389
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4168148.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
405
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 04 Aug 2023 18:39:33 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dc_pre=CJHFoL7Tw4ADFUMJaAgdULAEEA;src=4168148;type=conve922;cat=Inter-;ord=8106035604330;auiddc=945677594.1691174373;gtm=45He3820;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3...
4168148.fls.doubleclick.net/ddm/fls/r/ Frame C7C7
Redirect Chain
  • https://adservice.google.ca/ddm/fls/i/dc_pre=CJHFoL7Tw4ADFUMJaAgdULAEEA;src=4168148;type=conve922;cat=Inter-;ord=8106035604330;auiddc=945677594.1691174373;gtm=45He3820;uaa=;uab=;uafvl=;uamb=0;uam=;...
  • https://4168148.fls.doubleclick.net/ddm/fls/r/dc_pre=CJHFoL7Tw4ADFUMJaAgdULAEEA;src=4168148;type=conve922;cat=Inter-;ord=8106035604330;auiddc=945677594.1691174373;gtm=45He3820;uaa=;uab=;uafvl=;uamb...
2 KB
505 B 		Document
General
Check archive.org
Download Go to
Full URL
https://4168148.fls.doubleclick.net/ddm/fls/r/dc_pre=CJHFoL7Tw4ADFUMJaAgdULAEEA;src=4168148;type=conve922;cat=Inter-;ord=8106035604330;auiddc=945677594.1691174373;gtm=45He3820;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fetransfer.interac.ca%2FredirectFromShortcutToFi.do%3FpID%3DCAJTJKeA%26lvt%3D4FFD5643AE6CE7D4887920A327BB94B6D58A159164441E5ACCA01C4E61E11D06%26fiID%3DCA000004%26lang%3Den
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CJHFoL7Tw4ADFUMJaAgdULAEEA;src=4168148;type=conve922;cat=Inter-;ord=8106035604330;auiddc=945677594.1691174373;gtm=45He3820;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fetransfer.interac.ca%2FredirectFromShortcutToFi.do%3FpID%3DCAJTJKeA%26lvt%3D4FFD5643AE6CE7D4887920A327BB94B6D58A159164441E5ACCA01C4E61E11D06%26fiID%3DCA000004%26lang%3Den
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.81.230 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f6.1e100.net
Software
cafe /
Resource Hash
0c101aa68ad229c333c5b47a0d7498f7c642e133349b19d7895026d93afbb049
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adservice.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
480
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 04 Aug 2023 18:39:33 GMT
expires
Fri, 04 Aug 2023 18:39:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 04 Aug 2023 18:39:33 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://4168148.fls.doubleclick.net/ddm/fls/r/dc_pre=CJHFoL7Tw4ADFUMJaAgdULAEEA;src=4168148;type=conve922;cat=Inter-;ord=8106035604330;auiddc=945677594.1691174373;gtm=45He3820;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fetransfer.interac.ca%2FredirectFromShortcutToFi.do%3FpID%3DCAJTJKeA%26lvt%3D4FFD5643AE6CE7D4887920A327BB94B6D58A159164441E5ACCA01C4E61E11D06%26fiID%3DCA000004%26lang%3Den
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
HP
content.etransfer.interac.ca/fp/ Frame 19B6 		19 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://content.etransfer.interac.ca/fp/HP?session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&org_id=bzmgl3t1&nonce=c01200eb9065595d&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Requested by
Host: content.etransfer.interac.ca
URL: https://content.etransfer.interac.ca/fp/check.js;CIS3SID=65106E7214497A0A8B8078FE87164431?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&nonce=c01200eb9065595d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.252 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
79348fc78322847c4ea974326e8fe6ac72708c82eccdbb8eb52f525ef2e4b2ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://content.etransfer.interac.ca/tags?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Content-Encoding
gzip
Content-Language
en-CA
Content-Length
5801
Content-Type
text/html;charset=UTF-8
Date
Fri, 04 Aug 2023 18:39:33 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=97
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-UA-Compatible
IE=Edge
X-XSS-Protection
1; mode=block
clear.png
content.etransfer.interac.ca/fp/ Frame 8994 		81 B
476 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.etransfer.interac.ca/fp/clear.png
Requested by
Host: content.etransfer.interac.ca
URL: https://content.etransfer.interac.ca/fp/check.js;CIS3SID=65106E7214497A0A8B8078FE87164431?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&nonce=c01200eb9065595d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.252 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*, bzmgl3t1/c01200eb9065595d9f5d0486-2f68-4a3b-b831-64f62eee19f8
Referer
https://content.etransfer.interac.ca/tags?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Fri, 04 Aug 2023 18:39:33 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Fri, 04 Aug 2023 18:39:33 GMT
Server
Apache
Etag
549da85a607a421d9a95b999997820ea
Content-Type
image/png
Cache-Control
private, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=2, max=99
Content-Length
81
Expires
Wed, 02 Aug 2028 18:39:33 GMT
ls_fp.html;CIS3SID=65106E7214497A0A8B8078FE87164431
content.etransfer.interac.ca/fp/ Frame 700C 		90 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://content.etransfer.interac.ca/fp/ls_fp.html;CIS3SID=65106E7214497A0A8B8078FE87164431?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&nonce=c01200eb9065595d
Requested by
Host: content.etransfer.interac.ca
URL: https://content.etransfer.interac.ca/fp/check.js;CIS3SID=65106E7214497A0A8B8078FE87164431?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&nonce=c01200eb9065595d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.252 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
aa8f02bc2135c52abc9c9f37faa64d38a02f802dbd97f62fbb3d43b99679caef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://content.etransfer.interac.ca/tags?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Fri, 04 Aug 2023 18:39:33 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=96
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Robots-Tag
noindex, nofollow
X-XSS-Protection
1; mode=block
clear.png
content.etransfer.interac.ca/fp/ Frame 8994 		0
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://content.etransfer.interac.ca/fp/clear.png?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&nonce=c01200eb9065595d&jb=3b34266c73613532383067673938346335326a366a6464696136633a37636265633d336c6d3130
Requested by
Host: content.etransfer.interac.ca
URL: https://content.etransfer.interac.ca/fp/check.js;CIS3SID=65106E7214497A0A8B8078FE87164431?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&nonce=c01200eb9065595d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.252 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://content.etransfer.interac.ca/tags?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Aug 2023 18:39:33 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=98
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sid_fp.html;CIS3SID=65106E7214497A0A8B8078FE87164431
h.online-metrix.net/fp/ Frame AEDE 		103 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=65106E7214497A0A8B8078FE87164431?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&nonce=c01200eb9065595d
Requested by
Host: content.etransfer.interac.ca
URL: https://content.etransfer.interac.ca/fp/check.js;CIS3SID=65106E7214497A0A8B8078FE87164431?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&nonce=c01200eb9065595d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.1 , United States, ASN30286 (THM, US),
Reverse DNS
a-sac.h.online-metrix.net
Software
Apache /
Resource Hash
00f5f13f6f204b290b0577edf43e112dc301cf57b1e025fbabddf96950f6bb3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://content.etransfer.interac.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Fri, 04 Aug 2023 18:39:34 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=100
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Robots-Tag
noindex, nofollow
X-XSS-Protection
1; mode=block
top_fp.html;CIS3SID=65106E7214497A0A8B8078FE87164431
content.etransfer.interac.ca/fp/ Frame 5899 		89 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://content.etransfer.interac.ca/fp/top_fp.html;CIS3SID=65106E7214497A0A8B8078FE87164431?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&nonce=c01200eb9065595d
Requested by
Host: content.etransfer.interac.ca
URL: https://content.etransfer.interac.ca/fp/check.js;CIS3SID=65106E7214497A0A8B8078FE87164431?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&nonce=c01200eb9065595d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.252 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
c8e0f3a4b4db79e949af5d5d767c83b1d8167a92dcd40f095ed6e09d75f5eddc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://content.etransfer.interac.ca/tags?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Fri, 04 Aug 2023 18:39:33 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=100
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Robots-Tag
noindex, nofollow
X-XSS-Protection
1; mode=block
clear.png
content.etransfer.interac.ca/fp/ Frame 8994 		0
218 B 		Script
General
Check archive.org
Download Go to
Full URL
https://content.etransfer.interac.ca/fp/clear.png?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&nonce=c01200eb9065595d&ja=393a383426266b3f3824783f382e663d3334383270333238322663643f3136303070333a383226737879353270322466787a3d312e333e32382e313a32302e333430302c313a323824322c302c313e32382e333038382c302e322e6f7c3f61303a32636061646337376c666e6c64396561383c33393635323e6a396135632e6f663f342e7163663f3034266c68356a7c7c72732533412d304e2730446b676e74676c7c2c6d7672696c736467702e696e746d70696b2c636125324e76696571273b4e6f72655d61662d31446a786d656e31743125323e716d7b71696f6e5f61662d31463b6e3d6430363a3e2f3a6436302f346331602d623833392f3e3c64363265656d3331643a2478643d332472603f3f3a663a3a616334606366626539333b6a35333837616d326c3160666a3a6434246a603f3a3763383b61353661656565633961303a61663264323c643b3361306a6d303024687b6d35556966666f757127323031302e687b6a3f4368726f65672d303233393d266a716d7d3f5f6b6e6c6d777124687362753d4b6a7a676f65266e686b3f3c246c66653538266c6f7c723532267c78643f4776632532465d6c63666d776e266d697660703f363838336433613a606d61303a6736616137363030383a636c3937353430316e663c373a3a393c3164346769633a36646b3b3463646064373233393139313461266472356a7c7672712d3b412530442d304e67747a636e716467722e696e7c677a69612e6361253a442e723f72647d67696c5d6e6e6971682d374564636e7365217064776f616c5f77696e6c6d7f715d6f6d6c69615d7264637167722d374564636e7365217064776f616c5f61646f6a6757636170676a617427374d64696e736d23706e7765696e5f717d6b6b6376696d65253d476e636e716d29706c7765616c57716867616b756374652535456e63647b6721706c756f6b665d70676964706c637b6d702d37456e636c716723706c7567616c577e6e635f706c697b6d7027374d6e616c71672972647767616c5f666774616c76722d374d6e636c736521786e7d656b6c577b76675d7461677f67722d374564636e7365217064776f616c5f6a617669273d476463647b6526656e57613575656a656c556760474c253238332638273230284f786766454e273a384553273038302632253a32436a706d6d69756d21556d6a454c2532304f4e5b4e2730384d53253032392c382732382a4f72676c474c253238475b2d3030474c5344273a3247512d3a30312c322d303841687a6d6d6b776f29576562436b7c5f67624b69742d30385567604f44414e454e4d5d616c737c636e6167665f617272697b7b2d31422532304d5a5c5d606e6d66645f6f6b666f697a253b402530324758545f63676e677a5d627566666d70576a636e6e57666c6d637c273b40253a32455a565d666c6f617c5d6a64676e6425334a273a32475a5c576672636557666d727460273340273030455854577160696665725f746d7a7c77706757646f6427314a273a324550565f76677a74757265576167657272657373616d665d60727c6b253340273a324d5a545776657a767772655f63676f787a677373696f665d7a6576612d3b422530324d5a5c5d746d7a747770675f66696c7c677a57636e69736f7c7067726b612d3b422530324d5a5c5d735a45422731402532304f4d51576d6e656d656e7c5d616c6667705775696c762d314a2732384d45515d64626f5f726d6c6c6d705f6d69706563782731402d3a304f475157717c636e6c6372665d66657269766976617e67732533422d30384d4751577c657876777a6757646c6763742731402532304f4d51577c67787475726d5d6e6e6d637c576c696c6769702d31422d30304d47515f7465787c777a6d5d68616c665764646d63762d3b4225303247475b5d746d7a747770675f68616c6e5d6e646d61745f6c616c6d6370273b4a2532324d4d515774657a76657a5d6372726179576d6a6267637425334a273a3255474a4f4c5f616d646d7a5d627d646667705d666c6f617c273b4a27323057454a45445d616d6578726571716d6657766570767570675d617374632d314a2d30305745424f4e57616d6f787a657371676c5d7c67787c7772675d67746325334a273a38554542474c5761676f72706d7b7365665d7c677076757a675f677661312533422d30385f4742474c5f6b6d657270677b7b65645d766d7a7c77726d5d73317661253342253a325f4d40474c5f63676f787067717b6d645f766770767d706557713376615d737267622d314a2d30305745424f4e576667607d6f5f72676c6c677a6772576b6e646d273342253238554d4a454c5f64657876605d7667707c757267273b402d30305f4742454e5d6472617757607d6e64657273253b402d3032554d4a474c5d6e67716d5d63676c74677a76253342253a325f4d40474c5f6d7d6e7c6b5d667a69773134246f6e576a3d3b64663766646634373438666c6b36303765363a606d3267353c6c323537363e333836643c30353b2475676c763d416c7c6d6e25323049666126247565647a3d496c766d6e2d3030417069712730304f70656645442d3030456e67616c6d2461616c35343332&jb=393735266c71354f67786b6e64692532443726322d30302055696c666d77732532384c5c2d303031302e38273b402730385f696e34362d314a2732387a36362b2732304170786e6d5f67624b69742d304e373135263b36253032204940564d442732412730306c696b6d273a384565636b6f21273a32416a7a676d6527304e3339372e382c35353b322e3137302d30385b63666172692d304e373135263b36
Requested by
Host: content.etransfer.interac.ca
URL: https://content.etransfer.interac.ca/fp/check.js;CIS3SID=65106E7214497A0A8B8078FE87164431?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&nonce=c01200eb9065595d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.252 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://content.etransfer.interac.ca/tags?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Fri, 04 Aug 2023 18:39:33 GMT
Strict-Transport-Security
max-age=31536000
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=2, max=98
Content-Type
text/javascript;charset=UTF-8
clear.png
bzmgl3t1giljnu4dskziekazlxyrwnebf3dt66dtc01200eb9065595dsac.d.aa.online-metrix.net/fp/ Frame 8994 		81 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bzmgl3t1giljnu4dskziekazlxyrwnebf3dt66dtc01200eb9065595dsac.d.aa.online-metrix.net/fp/clear.png?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&nonce=c01200eb9065595d&di=yes
Requested by
Host: etransfer.interac.ca
URL: https://etransfer.interac.ca/redirectFromShortcutToFi.do?pID=CAJTJKeA&lvt=4FFD5643AE6CE7D4887920A327BB94B6D58A159164441E5ACCA01C4E61E11D06&fiID=CA000004&lang=en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.3 , United States, ASN30286 (THM, US),
Reverse DNS
d.aa.online-metrix.net
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://content.etransfer.interac.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Aug 2023 18:39:34 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
close
Content-Length
81
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
conversion.js
www.googleadservices.com/pagead/ Frame C7C7 		49 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: 4168148.fls.doubleclick.net
URL: https://4168148.fls.doubleclick.net/ddm/fls/r/dc_pre=CJHFoL7Tw4ADFUMJaAgdULAEEA;src=4168148;type=conve922;cat=Inter-;ord=8106035604330;auiddc=945677594.1691174373;gtm=45He3820;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fetransfer.interac.ca%2FredirectFromShortcutToFi.do%3FpID%3DCAJTJKeA%26lvt%3D4FFD5643AE6CE7D4887920A327BB94B6D58A159164441E5ACCA01C4E61E11D06%26fiID%3DCA000004%26lang%3Den
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.98 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
acd67ad087fc6061dfdc4fb2c4ac89fb1cde0654225885b81a889dcbf75141d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4168148.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 18:39:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18400
x-xss-protection
0
server
cafe
etag
8482130582040313580
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 04 Aug 2023 18:39:34 GMT
HP
content.etransfer.interac.ca/fp/ Frame 0188 		19 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://content.etransfer.interac.ca/fp/HP?session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&org_id=bzmgl3t1&nonce=b78b963d89edb0ae&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Requested by
Host: content.etransfer.interac.ca
URL: https://content.etransfer.interac.ca/fp/check.js;CIS3SID=B9EEDA2026D267DD7440DE2137501FEC?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&nonce=b78b963d89edb0ae
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.252 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
d3a4d2c04165a7a416b56752cbb6702a81c2ad907f27726554c2ec5105b97e0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://content.etransfer.interac.ca/tags?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Content-Encoding
gzip
Content-Language
en-CA
Content-Length
5801
Content-Type
text/html;charset=UTF-8
Date
Fri, 04 Aug 2023 18:39:34 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=97
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-UA-Compatible
IE=Edge
X-XSS-Protection
1; mode=block
clear.png
content.etransfer.interac.ca/fp/ Frame F1B5 		81 B
476 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.etransfer.interac.ca/fp/clear.png
Requested by
Host: content.etransfer.interac.ca
URL: https://content.etransfer.interac.ca/fp/check.js;CIS3SID=B9EEDA2026D267DD7440DE2137501FEC?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&nonce=b78b963d89edb0ae
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.252 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*, bzmgl3t1/b78b963d89edb0ae9f5d0486-2f68-4a3b-b831-64f62eee19f8
Referer
https://content.etransfer.interac.ca/tags?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Fri, 04 Aug 2023 18:39:34 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Fri, 04 Aug 2023 18:39:34 GMT
Server
Apache
Etag
61a11cf6fb8b44c387b3679f421af71c
Content-Type
image/png
Cache-Control
private, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=2, max=95
Content-Length
81
Expires
Wed, 02 Aug 2028 18:39:34 GMT
ls_fp.html;CIS3SID=B9EEDA2026D267DD7440DE2137501FEC
content.etransfer.interac.ca/fp/ Frame D92E 		90 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://content.etransfer.interac.ca/fp/ls_fp.html;CIS3SID=B9EEDA2026D267DD7440DE2137501FEC?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&nonce=b78b963d89edb0ae
Requested by
Host: content.etransfer.interac.ca
URL: https://content.etransfer.interac.ca/fp/check.js;CIS3SID=B9EEDA2026D267DD7440DE2137501FEC?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&nonce=b78b963d89edb0ae
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.252 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
0bd04a1810bb8dde0f29c7b4e3d05b8cb1d5b6d29397ad39b0101223282b2f02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://content.etransfer.interac.ca/tags?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Fri, 04 Aug 2023 18:39:34 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=99
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Robots-Tag
noindex, nofollow
X-XSS-Protection
1; mode=block
clear.png
content.etransfer.interac.ca/fp/ Frame F1B5 		0
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://content.etransfer.interac.ca/fp/clear.png?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&nonce=b78b963d89edb0ae&jb=3b34266c73613532383067673938346335326a366a6464696136633a37636265633d336c6d3130
Requested by
Host: content.etransfer.interac.ca
URL: https://content.etransfer.interac.ca/fp/check.js;CIS3SID=B9EEDA2026D267DD7440DE2137501FEC?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&nonce=b78b963d89edb0ae
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.252 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://content.etransfer.interac.ca/tags?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Aug 2023 18:39:34 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=97
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sid_fp.html;CIS3SID=B9EEDA2026D267DD7440DE2137501FEC
h.online-metrix.net/fp/ Frame 7447 		103 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=B9EEDA2026D267DD7440DE2137501FEC?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&nonce=b78b963d89edb0ae
Requested by
Host: content.etransfer.interac.ca
URL: https://content.etransfer.interac.ca/fp/check.js;CIS3SID=B9EEDA2026D267DD7440DE2137501FEC?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&nonce=b78b963d89edb0ae
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.1 , United States, ASN30286 (THM, US),
Reverse DNS
a-sac.h.online-metrix.net
Software
Apache /
Resource Hash
32222b656f5242cce6fcdff3ab1eb445adf790cdfa56a1e5649e70b87d0e4217
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://content.etransfer.interac.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Fri, 04 Aug 2023 18:39:34 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=100
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Robots-Tag
noindex, nofollow
X-XSS-Protection
1; mode=block
top_fp.html;CIS3SID=B9EEDA2026D267DD7440DE2137501FEC
content.etransfer.interac.ca/fp/ Frame D537 		89 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://content.etransfer.interac.ca/fp/top_fp.html;CIS3SID=B9EEDA2026D267DD7440DE2137501FEC?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&nonce=b78b963d89edb0ae
Requested by
Host: content.etransfer.interac.ca
URL: https://content.etransfer.interac.ca/fp/check.js;CIS3SID=B9EEDA2026D267DD7440DE2137501FEC?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&nonce=b78b963d89edb0ae
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.252 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
cf044ee628f324f14f2bd2752515da2d0f5c7c1700c14500538992979e7b5fbc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://content.etransfer.interac.ca/tags?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Fri, 04 Aug 2023 18:39:34 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=96
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Robots-Tag
noindex, nofollow
X-XSS-Protection
1; mode=block
clear.png
content.etransfer.interac.ca/fp/ Frame F1B5 		0
218 B 		Script
General
Check archive.org
Download Go to
Full URL
https://content.etransfer.interac.ca/fp/clear.png?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&nonce=b78b963d89edb0ae&ja=393a383326266b3f3824783f382e663d3334383270333238322663643f3136303070333a383226737879353270322466787a3d312e333e32382e313a32302e333430302c313a323824322c302c313e32382e333038382c302e322e6f7c3f61303a32636061646337376c666e6c64396561383c33393635323e6a396135632e6f663f342e7163663f3034266c68356a7c7c72732533412d304e2730446b676e74676c7c2c6d7672696c736467702e696e746d70696b2c636125324e76696571273b4e6f72655d61662d31446a786d656e31743125323e716d7b71696f6e5f61662d31463b6e3d6430363a3e2f3a6436302f346331602d623833392f3e3c64363265656d3331643a2478643d332472603f3f3a663a3a616334606366626539333b6a35333837616d326c3160666a3a6434246a603f3a3763383b61353661656565633961303a61663264323c643b3361306a6d303024687b6d35556966666f757127323031302e687b6a3f4368726f65672d303233393d266a716d7d3f5f6b6e6c6d777124687362753d4b6a7a676f65266e686b3f3c246c66653538266c6f7c723532267c78643f4776632532465d6c63666d776e266d697660703f363838336433613a606d61303a6736616137363030383a636c3937353430316e663c373a3a393c3164346769633a36646b3b3463646064373233393139313461266472356a7c7672712d3b412530442d304e67747a636e716467722e696e7c677a69612e6361253a442e723f72647d67696c5d6e6e6971682d374564636e7365217064776f616c5f77696e6c6d7f715d6f6d6c69615d7264637167722d374564636e7365217064776f616c5f61646f6a6757636170676a617427374d64696e736d23706e7765696e5f717d6b6b6376696d65253d476e636e716d29706c7765616c57716867616b756374652535456e63647b6721706c756f6b665d70676964706c637b6d702d37456e636c716723706c7567616c577e6e635f706c697b6d7027374d6e616c71672972647767616c5f666774616c76722d374d6e636c736521786e7d656b6c577b76675d7461677f67722d374564636e7365217064776f616c5f6a617669273d476463647b6526656e57613575656a656c556760474c253238332638273230284f786766454e273a384553273038302632253a32436a706d6d69756d21556d6a454c2532304f4e5b4e2730384d53253032392c382732382a4f72676c474c253238475b2d3030474c5344273a3247512d3a30312c322d303841687a6d6d6b776f29576562436b7c5f67624b69742d30385567604f44414e454e4d5d616c737c636e6167665f617272697b7b2d31422532304d5a5c5d606e6d66645f6f6b666f697a253b402530324758545f63676e677a5d627566666d70576a636e6e57666c6d637c273b40253a32455a565d666c6f617c5d6a64676e6425334a273a32475a5c576672636557666d727460273340273030455854577160696665725f746d7a7c77706757646f6427314a273a324550565f76677a74757265576167657272657373616d665d60727c6b253340273a324d5a545776657a767772655f63676f787a677373696f665d7a6576612d3b422530324d5a5c5d746d7a747770675f66696c7c677a57636e69736f7c7067726b612d3b422530324d5a5c5d735a45422731402532304f4d51576d6e656d656e7c5d616c6667705775696c762d314a2732384d45515d64626f5f726d6c6c6d705f6d69706563782731402d3a304f475157717c636e6c6372665d66657269766976617e67732533422d30384d4751577c657876777a6757646c6763742731402532304f4d51577c67787475726d5d6e6e6d637c576c696c6769702d31422d30304d47515f7465787c777a6d5d68616c665764646d63762d3b4225303247475b5d746d7a747770675f68616c6e5d6e646d61745f6c616c6d6370273b4a2532324d4d515774657a76657a5d6372726179576d6a6267637425334a273a3255474a4f4c5f616d646d7a5d627d646667705d666c6f617c273b4a27323057454a45445d616d6578726571716d6657766570767570675d617374632d314a2d30305745424f4e57616d6f787a657371676c5d7c67787c7772675d67746325334a273a38554542474c5761676f72706d7b7365665d7c677076757a675f677661312533422d30385f4742474c5f6b6d657270677b7b65645d766d7a7c77726d5d73317661253342253a325f4d40474c5f63676f787067717b6d645f766770767d706557713376615d737267622d314a2d30305745424f4e576667607d6f5f72676c6c677a6772576b6e646d273342253238554d4a454c5f64657876605d7667707c757267273b402d30305f4742454e5d6472617757607d6e64657273253b402d3032554d4a474c5d6e67716d5d63676c74677a76253342253a325f4d40474c5f6d7d6e7c6b5d667a69773134246f6e576a3d3b64663766646634373438666c6b36303765363a606d3267353c6c323537363e333836643c30353b2475676c763d416c7c6d6e25323049666126247565647a3d496c766d6e2d3030417069712730304f70656645442d3030456e67616c6d2461616c353132&jb=393735266c71354f67786b6e64692532443726322d30302055696c666d77732532384c5c2d303031302e38273b402730385f696e34362d314a2732387a36362b2732304170786e6d5f67624b69742d304e373135263b36253032204940564d442732412730306c696b6d273a384565636b6f21273a32416a7a676d6527304e3339372e382c35353b322e3137302d30385b63666172692d304e373135263b36
Requested by
Host: content.etransfer.interac.ca
URL: https://content.etransfer.interac.ca/fp/check.js;CIS3SID=B9EEDA2026D267DD7440DE2137501FEC?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&nonce=b78b963d89edb0ae
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.252 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://content.etransfer.interac.ca/tags?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Fri, 04 Aug 2023 18:39:34 GMT
Strict-Transport-Security
max-age=31536000
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=2, max=94
Content-Type
text/javascript;charset=UTF-8
clear.png
bzmgl3t1giljnu4dskziekazlxyrwnebf3dt66dtb78b963d89edb0aesac.d.aa.online-metrix.net/fp/ Frame F1B5 		81 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bzmgl3t1giljnu4dskziekazlxyrwnebf3dt66dtb78b963d89edb0aesac.d.aa.online-metrix.net/fp/clear.png?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&nonce=b78b963d89edb0ae&di=yes
Requested by
Host: etransfer.interac.ca
URL: https://etransfer.interac.ca/redirectFromShortcutToFi.do?pID=CAJTJKeA&lvt=4FFD5643AE6CE7D4887920A327BB94B6D58A159164441E5ACCA01C4E61E11D06&fiID=CA000004&lang=en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.3 , United States, ASN30286 (THM, US),
Reverse DNS
d.aa.online-metrix.net
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://content.etransfer.interac.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Aug 2023 18:39:34 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
close
Content-Length
81
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
check.js
content.etransfer.interac.ca/fp/ Frame 19B6 		208 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.etransfer.interac.ca/fp/check.js?&pageid=99998&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&org_id=bzmgl3t1&nonce=c01200eb9065595d
Requested by
Host: content.etransfer.interac.ca
URL: https://content.etransfer.interac.ca/fp/HP?session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&org_id=bzmgl3t1&nonce=c01200eb9065595d&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.252 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
3134c4bd1bb04eb411157ee7f47c1b1ccd8cd0e989fe7a49fd1a6445a586f4f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://content.etransfer.interac.ca/fp/HP?session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&org_id=bzmgl3t1&nonce=c01200eb9065595d&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Fri, 04 Aug 2023 18:39:34 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Transfer-Encoding
chunked
tmx-nonce
c01200eb9065595d
Connection
Keep-Alive, Keep-Alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
X-Robots-Tag
noindex, nofollow
Keep-Alive
timeout=2, max=93
Expires
Thu, 01 Jan 1970 00:00:00 GMT
check.js
content.etransfer.interac.ca/fp/ Frame 0188 		208 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.etransfer.interac.ca/fp/check.js?&pageid=99998&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&org_id=bzmgl3t1&nonce=b78b963d89edb0ae
Requested by
Host: content.etransfer.interac.ca
URL: https://content.etransfer.interac.ca/fp/HP?session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&org_id=bzmgl3t1&nonce=b78b963d89edb0ae&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.252 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
02de61be1f09c209d7ace91d1791c7faf14841379da3a89807b669e429d545dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://content.etransfer.interac.ca/fp/HP?session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&org_id=bzmgl3t1&nonce=b78b963d89edb0ae&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Fri, 04 Aug 2023 18:39:34 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Transfer-Encoding
chunked
tmx-nonce
b78b963d89edb0ae
Connection
Keep-Alive, Keep-Alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
X-Robots-Tag
noindex, nofollow
Keep-Alive
timeout=2, max=92
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear.png
content.etransfer.interac.ca/fp/ Frame 700C 		0
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://content.etransfer.interac.ca/fp/clear.png?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&nonce=c01200eb9065595d&jf=3b34266c73623532383067673938346335326a366a6464696136633a37636265633d336c6d3130
Requested by
Host: content.etransfer.interac.ca
URL: https://content.etransfer.interac.ca/fp/ls_fp.html;CIS3SID=65106E7214497A0A8B8078FE87164431?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&nonce=c01200eb9065595d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.252 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://content.etransfer.interac.ca/fp/ls_fp.html;CIS3SID=65106E7214497A0A8B8078FE87164431?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&nonce=c01200eb9065595d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Aug 2023 18:39:34 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=95
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear.png
content.etransfer.interac.ca/fp/ Frame D92E 		0
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://content.etransfer.interac.ca/fp/clear.png?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&nonce=b78b963d89edb0ae&jf=3b34266c73623532383067673938346335326a366a6464696136633a37636265633d336c6d3130
Requested by
Host: content.etransfer.interac.ca
URL: https://content.etransfer.interac.ca/fp/ls_fp.html;CIS3SID=B9EEDA2026D267DD7440DE2137501FEC?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&nonce=b78b963d89edb0ae
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.252 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://content.etransfer.interac.ca/fp/ls_fp.html;CIS3SID=B9EEDA2026D267DD7440DE2137501FEC?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&nonce=b78b963d89edb0ae
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Aug 2023 18:39:34 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=94
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/981124174/ Frame C7C7 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/981124174/?random=1691174374579&cv=9&fst=1691174374579&num=1&label=T3JACK2A7mMQzojr0wM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F4168148.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCJHFoL7Tw4ADFUMJaAgdULAEEA%3Bsrc%3D4168148%3Btype%3Dconve922%3Bcat%3DInter-%3Bord%3D8106035604330%3Bauiddc%3D945677594.1691174373%3Bgtm%3D45He3820%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fetransfer.interac.ca%252FredirectFromShortcutToFi.do%253FpID%253DCAJTJKeA%2526lvt%253D4FFD5643AE6CE7D4887920A327BB94B6D58A159164441E5ACCA01C4E61E11D06%2526fiID%253DCA000004%2526lang%253Den&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.98 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
4a4e446e2cbc6e8216e062a089aa77861656c35e33e3cddf5dffd872ed9c6970
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4168148.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 04 Aug 2023 18:39:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1707
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
clear.png
content.etransfer.interac.ca/fp/ Frame 8994 		0
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://content.etransfer.interac.ca/fp/clear.png?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&nonce=c01200eb9065595d&jac=1&je=3a363026266a6e6c353124686e603d393b3439353964626e3b373135673336376269353d3c60623339626b363a613a24626e746e3f32323038373a3b24706f3f6c6f2662617c717c3527374225323a6e6d74676e2d3a32253143392c3832253a4125303071746174757b273a3a27334125323a61606370656166672530302d354c24617d66683f6163376239653e673e3033636361633e643a6335613931323931343b363e60356b3131353b34623464386c663c3034303033386e673c6432316e6b6438363731246d7a33356431676737396361663f37393c35373635643a36313134353d3a34653b306e646b60383933336363
Requested by
Host: content.etransfer.interac.ca
URL: https://content.etransfer.interac.ca/fp/check.js;CIS3SID=65106E7214497A0A8B8078FE87164431?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&nonce=c01200eb9065595d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.252 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://content.etransfer.interac.ca/tags?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Aug 2023 18:39:34 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=91
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/954740125/ Frame C7C7 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/954740125/?random=1691174374656&cv=9&fst=1691174374579&num=2&label=0x9BCJvGwGMQndugxwM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F4168148.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCJHFoL7Tw4ADFUMJaAgdULAEEA%3Bsrc%3D4168148%3Btype%3Dconve922%3Bcat%3DInter-%3Bord%3D8106035604330%3Bauiddc%3D945677594.1691174373%3Bgtm%3D45He3820%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fetransfer.interac.ca%252FredirectFromShortcutToFi.do%253FpID%253DCAJTJKeA%2526lvt%253D4FFD5643AE6CE7D4887920A327BB94B6D58A159164441E5ACCA01C4E61E11D06%2526fiID%253DCA000004%2526lang%253Den&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.98 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
8fbdd50c219ad46342f9c6ad2f55b00488a5fb1d4391a1e4a1685bf26725a9fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4168148.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 04 Aug 2023 18:39:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1730
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/979606057/ Frame C7C7 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/979606057/?random=1691174374661&cv=9&fst=1691174374579&num=3&label=USQkCKH7zmIQqbSO0wM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F4168148.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCJHFoL7Tw4ADFUMJaAgdULAEEA%3Bsrc%3D4168148%3Btype%3Dconve922%3Bcat%3DInter-%3Bord%3D8106035604330%3Bauiddc%3D945677594.1691174373%3Bgtm%3D45He3820%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fetransfer.interac.ca%252FredirectFromShortcutToFi.do%253FpID%253DCAJTJKeA%2526lvt%253D4FFD5643AE6CE7D4887920A327BB94B6D58A159164441E5ACCA01C4E61E11D06%2526fiID%253DCA000004%2526lang%253Den&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.98 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
63fd05d4bb9fc1f32d5928248047b6bc7a219810cedd9708d8c514a018849c22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4168148.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 04 Aug 2023 18:39:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1736
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
clear.png
content.etransfer.interac.ca/fp/ Frame F1B5 		0
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://content.etransfer.interac.ca/fp/clear.png?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&nonce=b78b963d89edb0ae&jac=1&je=3a313926266a6e6c353124686e603d393b3439353964626e3b373135673336376269353d3c60623339626b363a613a24626e746e3f3232303138332e726d3f6c6d266261747b76352d354225323264677e676e273a3a2533433326323827324b2732307176617475732d303a2d31412532326b6a6970656b666f253230273f462e63756c6a3d616335623965366d34303961636163366e3069356133313a393334313c346a37633b33373b3460346438646c36303e32303338666d366e3231646b6c3834373b2e6770313d6e336567373b636166373d333c3f35363564323c3b3b3435373a3c653930646e616a3a3139316163
Requested by
Host: content.etransfer.interac.ca
URL: https://content.etransfer.interac.ca/fp/check.js;CIS3SID=B9EEDA2026D267DD7440DE2137501FEC?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&nonce=b78b963d89edb0ae
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.252 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://content.etransfer.interac.ca/tags?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Aug 2023 18:39:34 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=93
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
www.google.ca/pagead/1p-conversion/981124174/ Frame C7C7
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/981124174/?random=353672883&cv=9&fst=1691174374579&num=1&label=T3JACK2A7mMQzojr0wM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid...
  • https://www.google.com/pagead/1p-conversion/981124174/?random=353672883&cv=9&fst=1691174374579&num=1&label=T3JACK2A7mMQzojr0wM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C46646592...
  • https://www.google.ca/pagead/1p-conversion/981124174/?random=353672883&cv=9&fst=1691174374579&num=1&label=T3JACK2A7mMQzojr0wM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925...
42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-conversion/981124174/?random=353672883&cv=9&fst=1691174374579&num=1&label=T3JACK2A7mMQzojr0wM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F4168148.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCJHFoL7Tw4ADFUMJaAgdULAEEA%3Bsrc%3D4168148%3Btype%3Dconve922%3Bcat%3DInter-%3Bord%3D8106035604330%3Bauiddc%3D945677594.1691174373%3Bgtm%3D45He3820%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fetransfer.interac.ca%252FredirectFromShortcutToFi.do%253FpID%253DCAJTJKeA%2526lvt%253D4FFD5643AE6CE7D4887920A327BB94B6D58A159164441E5ACCA01C4E61E11D06%2526fiID%253DCA000004%2526lang%253Den&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI5_jnvtPDgAMV2QloCB3Hgwu7&is_vtc=1&ocp_id=5kXNZOftJNmToPMPx4eu2As&cid=CAQSKQBpAlJWwt6eN_14-bjL1xhCtV9yT3RtGlV5PY1i7Hl2PPgXyK0tFJ1X&random=3551458289&resp=GooglemKTybQhCsO&ipr=y
Requested by
Host: 4168148.fls.doubleclick.net
URL: https://4168148.fls.doubleclick.net/ddm/fls/r/dc_pre=CJHFoL7Tw4ADFUMJaAgdULAEEA;src=4168148;type=conve922;cat=Inter-;ord=8106035604330;auiddc=945677594.1691174373;gtm=45He3820;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fetransfer.interac.ca%2FredirectFromShortcutToFi.do%3FpID%3DCAJTJKeA%26lvt%3D4FFD5643AE6CE7D4887920A327BB94B6D58A159164441E5ACCA01C4E61E11D06%26fiID%3DCA000004%26lang%3Den
Protocol
H2
Server
172.217.13.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4168148.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 04 Aug 2023 18:39:35 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 04 Aug 2023 18:39:34 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.ca/pagead/1p-conversion/981124174/?random=353672883&cv=9&fst=1691174374579&num=1&label=T3JACK2A7mMQzojr0wM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F4168148.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCJHFoL7Tw4ADFUMJaAgdULAEEA%3Bsrc%3D4168148%3Btype%3Dconve922%3Bcat%3DInter-%3Bord%3D8106035604330%3Bauiddc%3D945677594.1691174373%3Bgtm%3D45He3820%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fetransfer.interac.ca%252FredirectFromShortcutToFi.do%253FpID%253DCAJTJKeA%2526lvt%253D4FFD5643AE6CE7D4887920A327BB94B6D58A159164441E5ACCA01C4E61E11D06%2526fiID%253DCA000004%2526lang%253Den&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI5_jnvtPDgAMV2QloCB3Hgwu7&is_vtc=1&ocp_id=5kXNZOftJNmToPMPx4eu2As&cid=CAQSKQBpAlJWwt6eN_14-bjL1xhCtV9yT3RtGlV5PY1i7Hl2PPgXyK0tFJ1X&random=3551458289&resp=GooglemKTybQhCsO&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ca/pagead/1p-conversion/954740125/ Frame C7C7
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/954740125/?random=1137575108&cv=9&fst=1691174374579&num=2&label=0x9BCJvGwGMQndugxwM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&ei...
  • https://www.google.com/pagead/1p-conversion/954740125/?random=1137575108&cv=9&fst=1691174374579&num=2&label=0x9BCJvGwGMQndugxwM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C4664659...
  • https://www.google.ca/pagead/1p-conversion/954740125/?random=1137575108&cv=9&fst=1691174374579&num=2&label=0x9BCJvGwGMQndugxwM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C46646592...
42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-conversion/954740125/?random=1137575108&cv=9&fst=1691174374579&num=2&label=0x9BCJvGwGMQndugxwM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F4168148.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCJHFoL7Tw4ADFUMJaAgdULAEEA%3Bsrc%3D4168148%3Btype%3Dconve922%3Bcat%3DInter-%3Bord%3D8106035604330%3Bauiddc%3D945677594.1691174373%3Bgtm%3D45He3820%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fetransfer.interac.ca%252FredirectFromShortcutToFi.do%253FpID%253DCAJTJKeA%2526lvt%253D4FFD5643AE6CE7D4887920A327BB94B6D58A159164441E5ACCA01C4E61E11D06%2526fiID%253DCA000004%2526lang%253Den&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI57bsvtPDgAMV8g5oCB0_qAhj&is_vtc=1&ocp_id=5kXNZOerKfKdoPMPv9CimAY&cid=CAQSKQBpAlJWwFwauedC_6STegZC5DMtkv71Tqh8tGoa2egBmkN_DhLqUPA3&random=3435824971&resp=GooglemKTybQhCsO&ipr=y
Requested by
Host: 4168148.fls.doubleclick.net
URL: https://4168148.fls.doubleclick.net/ddm/fls/r/dc_pre=CJHFoL7Tw4ADFUMJaAgdULAEEA;src=4168148;type=conve922;cat=Inter-;ord=8106035604330;auiddc=945677594.1691174373;gtm=45He3820;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fetransfer.interac.ca%2FredirectFromShortcutToFi.do%3FpID%3DCAJTJKeA%26lvt%3D4FFD5643AE6CE7D4887920A327BB94B6D58A159164441E5ACCA01C4E61E11D06%26fiID%3DCA000004%26lang%3Den
Protocol
H2
Server
172.217.13.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4168148.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 04 Aug 2023 18:39:35 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 04 Aug 2023 18:39:34 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.ca/pagead/1p-conversion/954740125/?random=1137575108&cv=9&fst=1691174374579&num=2&label=0x9BCJvGwGMQndugxwM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F4168148.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCJHFoL7Tw4ADFUMJaAgdULAEEA%3Bsrc%3D4168148%3Btype%3Dconve922%3Bcat%3DInter-%3Bord%3D8106035604330%3Bauiddc%3D945677594.1691174373%3Bgtm%3D45He3820%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fetransfer.interac.ca%252FredirectFromShortcutToFi.do%253FpID%253DCAJTJKeA%2526lvt%253D4FFD5643AE6CE7D4887920A327BB94B6D58A159164441E5ACCA01C4E61E11D06%2526fiID%253DCA000004%2526lang%253Den&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI57bsvtPDgAMV8g5oCB0_qAhj&is_vtc=1&ocp_id=5kXNZOerKfKdoPMPv9CimAY&cid=CAQSKQBpAlJWwFwauedC_6STegZC5DMtkv71Tqh8tGoa2egBmkN_DhLqUPA3&random=3435824971&resp=GooglemKTybQhCsO&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
clear1.png;CIS3SID=B9EEDA2026D267DD7440DE2137501FEC
content.etransfer.interac.ca/fp/ Frame F1B5 		0
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.etransfer.interac.ca/fp/clear1.png;CIS3SID=B9EEDA2026D267DD7440DE2137501FEC?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&nonce=b78b963d89edb0ae&jf=3c33342673696c5d7a6c663f7c6c725f496a7d58514e6d5e7335654d706b4c74267b6b6c57666174653d3934313333353c3b37342471616657767978673d7567603a6563647b632e7b6b645f6b65713f3b32373b3b383133323438353a63383e36386167316430323039323e383a326138363c3a6b673166383b3031323538313c30303832343b34633434633869613a69366363343969606a343234306a64353b3a3f646c3065303a30613b37316332316c346b3e303131663330346c3161363c6a61623b313c336b66383a6138373b376230643069336e313b303337353c363d6136343a38333367373b676934393c3139663066626463666d36306b603861336631666b642471616c5f736b653531383634383032323764313366383c373f3f64343865303a3138613736396b336135643b343c3036316734373533373535356c3b3d386465663134393b6b3137326d31303960373c323a303039646631613b653065326d303d693b656266636c376c6037356b3f363536603d3a3b6766313431373733323263636e33383833656362396c3b3c6664373f3d3926716b6e703532
Requested by
Host: etransfer.interac.ca
URL: https://etransfer.interac.ca/redirectFromShortcutToFi.do?pID=CAJTJKeA&lvt=4FFD5643AE6CE7D4887920A327BB94B6D58A159164441E5ACCA01C4E61E11D06&fiID=CA000004&lang=en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.252 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://content.etransfer.interac.ca/tags?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Aug 2023 18:39:34 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Keep-Alive
timeout=2, max=98
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear1.png;CIS3SID=65106E7214497A0A8B8078FE87164431
content.etransfer.interac.ca/fp/ Frame 8994 		0
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.etransfer.interac.ca/fp/clear1.png;CIS3SID=65106E7214497A0A8B8078FE87164431?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&nonce=c01200eb9065595d&jf=3c33362673696c5d7a6c663f7c6c725f3072434e6e374e5f69566648686f786c267b6b6c57666174653d3934313333353c3b37342471616657767978673d7567603a6563647b632e7b6b645f6b65713f3b32373b3b383133323438353a63383e36386167316430323039323e383a326138363c3a6b673166383b3031323538313c3030383234313732323561653167386e61623535356b603b3034366e6d66333b3738326b6662313063323335303338356e613f6e363733373539376c6667633030313933673d3a3b3664383337333233663931643e676a6e343630393630673d3236673d6e3764613b69313933616e34663a633032373632693a3d3937393565303b673f3b2471616c5f736b653531383635383032333232383930666d666b6a30653233343930393b313a6a39366563353b3a3933373c6766316335613631653e303d6a34613834373c3b6a3161336a6b39653a6030613032323a3232353366353939393130316a37656536666a3b6e6337603c69336464366b603d60663c3a61303137616361656e3b316d64333266386d356e6135633a3e316632247b6b6e703d38
Requested by
Host: etransfer.interac.ca
URL: https://etransfer.interac.ca/redirectFromShortcutToFi.do?pID=CAJTJKeA&lvt=4FFD5643AE6CE7D4887920A327BB94B6D58A159164441E5ACCA01C4E61E11D06&fiID=CA000004&lang=en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.252 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://content.etransfer.interac.ca/tags?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Aug 2023 18:39:34 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Keep-Alive
timeout=2, max=96
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear1.png;CIS3SID=A5B1DD35CB3DA925830B70AB439FAB8B
h.online-metrix.net/fp/ Frame AEDE 		0
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h.online-metrix.net/fp/clear1.png;CIS3SID=A5B1DD35CB3DA925830B70AB439FAB8B?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&nonce=c01200eb9065595d&jf=3c33362673696c5d7a6c663f7c6c725f3260643343407861314144364d783345267b6b6c57666174653d3934313333353c3b37342471616657767978673d7567603a6563647b632e7b6b645f6b65713f3b32373b3b383133323438353a63383e36386167316430323039323e383a326138363c3a6b673166383b3031323538313c30303832346731336661616331313c3b63393530303b606d3361336b6a656633676c3b3933616c6435376132626461636a316a30666263623831673a3a3030383b6631673531333a63393e6731666336376464663c613c6b343336333830636b6632606a6a34303533313a6b60386a3538363464313735653834393b373066393230343a362471616c5f736b653531383635383032323264623533366a646a6b36633264626a666d6060636c3a366666303c636b63333b66333360316265613439313b6d303766303969616a6733313d3e356363346e323a3031383263326330633432656e3a693d6162643065313431633a343e3c63633b346d353137643b3b34376160623334633c373f393b633831303833383b3a306c3c313863247b6b6e703d39
Requested by
Host: etransfer.interac.ca
URL: https://etransfer.interac.ca/redirectFromShortcutToFi.do?pID=CAJTJKeA&lvt=4FFD5643AE6CE7D4887920A327BB94B6D58A159164441E5ACCA01C4E61E11D06&fiID=CA000004&lang=en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.1 , United States, ASN30286 (THM, US),
Reverse DNS
a-sac.h.online-metrix.net
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=65106E7214497A0A8B8078FE87164431?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&nonce=c01200eb9065595d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Aug 2023 18:39:34 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Keep-Alive
timeout=2, max=99
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
www.google.ca/pagead/1p-conversion/979606057/ Frame C7C7
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/979606057/?random=979433869&cv=9&fst=1691174374579&num=3&label=USQkCKH7zmIQqbSO0wM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid...
  • https://www.google.com/pagead/1p-conversion/979606057/?random=979433869&cv=9&fst=1691174374579&num=3&label=USQkCKH7zmIQqbSO0wM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C46646592...
  • https://www.google.ca/pagead/1p-conversion/979606057/?random=979433869&cv=9&fst=1691174374579&num=3&label=USQkCKH7zmIQqbSO0wM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926...
42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-conversion/979606057/?random=979433869&cv=9&fst=1691174374579&num=3&label=USQkCKH7zmIQqbSO0wM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F4168148.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCJHFoL7Tw4ADFUMJaAgdULAEEA%3Bsrc%3D4168148%3Btype%3Dconve922%3Bcat%3DInter-%3Bord%3D8106035604330%3Bauiddc%3D945677594.1691174373%3Bgtm%3D45He3820%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fetransfer.interac.ca%252FredirectFromShortcutToFi.do%253FpID%253DCAJTJKeA%2526lvt%253D4FFD5643AE6CE7D4887920A327BB94B6D58A159164441E5ACCA01C4E61E11D06%2526fiID%253DCA000004%2526lang%253Den&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI3e_svtPDgAMVtQNoCB36NQ14&is_vtc=1&ocp_id=5kXNZN3kKbWHoPMP-uu0wAc&cid=CAQSKQBpAlJWs0xuF6qZ24NeRea0B9F7D_uMLeSbIrIhKstVM8cz_MYf2XtC&random=1476936557&resp=GooglemKTybQhCsO&ipr=y
Requested by
Host: 4168148.fls.doubleclick.net
URL: https://4168148.fls.doubleclick.net/ddm/fls/r/dc_pre=CJHFoL7Tw4ADFUMJaAgdULAEEA;src=4168148;type=conve922;cat=Inter-;ord=8106035604330;auiddc=945677594.1691174373;gtm=45He3820;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fetransfer.interac.ca%2FredirectFromShortcutToFi.do%3FpID%3DCAJTJKeA%26lvt%3D4FFD5643AE6CE7D4887920A327BB94B6D58A159164441E5ACCA01C4E61E11D06%26fiID%3DCA000004%26lang%3Den
Protocol
H2
Server
172.217.13.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://4168148.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 04 Aug 2023 18:39:35 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 04 Aug 2023 18:39:34 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.ca/pagead/1p-conversion/979606057/?random=979433869&cv=9&fst=1691174374579&num=3&label=USQkCKH7zmIQqbSO0wM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F4168148.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCJHFoL7Tw4ADFUMJaAgdULAEEA%3Bsrc%3D4168148%3Btype%3Dconve922%3Bcat%3DInter-%3Bord%3D8106035604330%3Bauiddc%3D945677594.1691174373%3Bgtm%3D45He3820%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fetransfer.interac.ca%252FredirectFromShortcutToFi.do%253FpID%253DCAJTJKeA%2526lvt%253D4FFD5643AE6CE7D4887920A327BB94B6D58A159164441E5ACCA01C4E61E11D06%2526fiID%253DCA000004%2526lang%253Den&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI3e_svtPDgAMVtQNoCB36NQ14&is_vtc=1&ocp_id=5kXNZN3kKbWHoPMP-uu0wAc&cid=CAQSKQBpAlJWs0xuF6qZ24NeRea0B9F7D_uMLeSbIrIhKstVM8cz_MYf2XtC&random=1476936557&resp=GooglemKTybQhCsO&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
clear1.png;CIS3SID=53E6A9EB83A91FA151ED1BE5DCF00B91
h.online-metrix.net/fp/ Frame 7447 		0
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h.online-metrix.net/fp/clear1.png;CIS3SID=53E6A9EB83A91FA151ED1BE5DCF00B91?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&nonce=b78b963d89edb0ae&jf=3c33362673696c5d7a6c663f7c6c725f63716c733e71574d4555466e346d3857267b6b6c57666174653d3934313333353c3b37342471616657767978673d7567603a6563647b632e7b6b645f6b65713f3b32373b3b383133323438353a63383e36386167316430323039323e383a326138363c3a6b673166383b3031323538313c3030383234613066316632656e3b6b3c31623633643e3238603763316b35373a643f353b67353a6062353134323338316a363f3967626339333f366e6660336a3a376232323e356967373d313033303b6166373639346e3d63333766646b3a6d3731363a6a663164316d3b3f3b31303134346160656564336e606931376333343430633a372471616c5f736b653531383635383032333232623333303c3a6c6d3b306631313a663f3b35333f393031663b69613133386d3b62613230356562616c323f3e37393030333866396166636c6e3434673a6d343932323a32353b6130666166333a306c6d61343362376b343d3b643b6c3c343132613e3a3c64316963336663313061663931353e38633630366430633a376667693e366436247b6b6e703d39
Requested by
Host: etransfer.interac.ca
URL: https://etransfer.interac.ca/redirectFromShortcutToFi.do?pID=CAJTJKeA&lvt=4FFD5643AE6CE7D4887920A327BB94B6D58A159164441E5ACCA01C4E61E11D06&fiID=CA000004&lang=en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.1 , United States, ASN30286 (THM, US),
Reverse DNS
a-sac.h.online-metrix.net
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=B9EEDA2026D267DD7440DE2137501FEC?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&nonce=b78b963d89edb0ae
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Aug 2023 18:39:34 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Keep-Alive
timeout=2, max=99
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ARF;CIS3SID=BED1894C557925437BB2A54B107B583C
content.etransfer.interac.ca/fp/ Frame 19B6 		35 B
557 B 		Script
General
Check archive.org
Download Go to
Full URL
https://content.etransfer.interac.ca/fp/ARF;CIS3SID=BED1894C557925437BB2A54B107B583C?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&nonce=c01200eb9065595d&pageid=99998&sera_parametere=BUAMBgUBXFdcVA9QAwAAVwVSCVZWAAMDC1QCUFMPAwFWVQNUBgkAUAwCARNGSggNDUBERkMVViYcB3QQAn0QVlNaQldcVQgHV0RFEAZ9EFMhABQFdBVXUlFfRUFGHAYgRgdzFwd0QwZQDVBWAQlTV1IHBwtWBgABWwZTA1YPDVVWUQMDVAdXA1sDUFMAXVEFWggXXF9eBgcEUwYEBwkFAQEJAQQFBVxXXRZcRggJTQVVU1dQVQhQAwkHU1AND1EABgUAVlJSVlIAUgQABFtWBgYJBVEJCQFEWFkLBwABAEIKWQwfARYVCwQJDwwMARMMCA0XUA1zDRBWXVMTV08IVVIFF1BfQ1g1UF5SWkJKEwcBDUVWSm8GA1VcVFRWUhMBFw0HBA%3D%3D&count=0&max=0
Requested by
Host: content.etransfer.interac.ca
URL: https://content.etransfer.interac.ca/fp/check.js?&pageid=99998&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&org_id=bzmgl3t1&nonce=c01200eb9065595d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.252 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
f9d55134bb3aa85d3c867979221c355809cee58d6eda87c4e687499ef66cb23b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://content.etransfer.interac.ca/fp/HP?session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&org_id=bzmgl3t1&nonce=c01200eb9065595d&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Aug 2023 18:39:35 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Keep-Alive
timeout=2, max=97
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ARF;CIS3SID=67AC7339A5319C233C441AB83C4F70FA
content.etransfer.interac.ca/fp/ Frame 0188 		35 B
557 B 		Script
General
Check archive.org
Download Go to
Full URL
https://content.etransfer.interac.ca/fp/ARF;CIS3SID=67AC7339A5319C233C441AB83C4F70FA?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&nonce=b78b963d89edb0ae&pageid=99998&sera_parametere=BEcFU1sHV1VeWFxTAwRWVFoEWVMIBgAFAA4AB1UAVQRTB14HXVcCUV1aXUIRQ1wMDEdNFkoTACAdDidBVXREV1JdSwdVU14BVk0WQVF0RFIgBx1VfRMBVFBWFhARFVIhRwB6Rw5yFQBRBAMHVgAHVlMADltfAFYHWg8AUgEGWVRXVgpTXQEBBVoKAwJXVAUEWw8eDFZYUAEFW1JcAAlXVgYPAQddVAMFXR8PF18AGVEBDwsBWAQHUgoJA1ZVB1VXU1QPW11XV1BbDQRcVgJTVAYGXlcMBARCWVBYVlcIVEMLXgVPCBBDDQUAXF1bCEcNCQoeAAR1WxZXVABCAEZcVFMCHgBWRQ4zUVcBCxVDRwYACkwGQ2lQBVRVBwUBW0cAFgoOWw%3D%3D&count=0&max=0
Requested by
Host: content.etransfer.interac.ca
URL: https://content.etransfer.interac.ca/fp/check.js?&pageid=99998&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&org_id=bzmgl3t1&nonce=b78b963d89edb0ae
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.252 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
ab788df9ad1d274fb68c8fb6ad042e12a0eff85153a0bda2d263e6ae9308b6dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://content.etransfer.interac.ca/fp/HP?session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&org_id=bzmgl3t1&nonce=b78b963d89edb0ae&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Aug 2023 18:39:35 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Keep-Alive
timeout=2, max=95
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear.png
content.etransfer.interac.ca/fp/ Frame 8994 		0
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://content.etransfer.interac.ca/fp/clear.png?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&nonce=c01200eb9065595d&jac=1&je=393726267765613f30342c36302631342c31
Requested by
Host: content.etransfer.interac.ca
URL: https://content.etransfer.interac.ca/fp/check.js;CIS3SID=65106E7214497A0A8B8078FE87164431?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&nonce=c01200eb9065595d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.252 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://content.etransfer.interac.ca/tags?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Aug 2023 18:39:35 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=94
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear.png
content.etransfer.interac.ca/fp/ Frame F1B5 		0
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://content.etransfer.interac.ca/fp/clear.png?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&nonce=b78b963d89edb0ae&jac=1&je=393726267765613f30342c36302631342c31
Requested by
Host: content.etransfer.interac.ca
URL: https://content.etransfer.interac.ca/fp/check.js;CIS3SID=B9EEDA2026D267DD7440DE2137501FEC?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&nonce=b78b963d89edb0ae
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.252 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://content.etransfer.interac.ca/tags?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Aug 2023 18:39:35 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=96
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
main.jsp
easyweb.td.com/waw/ezw/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://easyweb.td.com/waw/ezw/main.jsp?RID=CAJTJKeA
Requested by
Host: etransfer.interac.ca
URL: https://etransfer.interac.ca/redirectFromShortcutToFi.do?pID=CAJTJKeA&lvt=4FFD5643AE6CE7D4887920A327BB94B6D58A159164441E5ACCA01C4E61E11D06&fiID=CA000004&lang=en
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.148.170 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-51-148-170.deploy.static.akamaitechnologies.com
Software
/ Servlet/3.1
Resource Hash
d883ed534d63691ca9274fa9e0ea217f0abef064ced7d321ad83772758f50cc0
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://etransfer.interac.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
cachecontrol
no-cache
content-encoding
gzip
content-language
en-US
content-length
507
content-type
text/html
date
Fri, 04 Aug 2023 18:39:35 GMT
expires
Fri, 04 Aug 2023 18:39:35 GMT
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP COR CUR DEV PSA PSD CONo TELo ADM TAI OUR LEG PHY ONL UNI FIN CNT PRE GOV PUR NAV INT COM STA"
pragma
no-cache
strict-transport-security
max-age=86400
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-powered-by
Servlet/3.1
clear.png
content.etransfer.interac.ca/fp/ Frame 5899 		0
418 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://content.etransfer.interac.ca/fp/clear.png?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&nonce=c01200eb9065595d
Requested by
Host: content.etransfer.interac.ca
URL: https://content.etransfer.interac.ca/fp/top_fp.html;CIS3SID=65106E7214497A0A8B8078FE87164431?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&nonce=c01200eb9065595d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.252 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://content.etransfer.interac.ca/fp/top_fp.html;CIS3SID=65106E7214497A0A8B8078FE87164431?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&nonce=c01200eb9065595d
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Fri, 04 Aug 2023 18:39:35 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
text/javascript
Access-Control-Allow-Origin
https://content.etransfer.interac.ca
Cache-Control
no-cache, no-store, must-revalidate
Connection
close
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear.png
content.etransfer.interac.ca/fp/ Frame D537 		0
418 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://content.etransfer.interac.ca/fp/clear.png?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&nonce=b78b963d89edb0ae
Requested by
Host: content.etransfer.interac.ca
URL: https://content.etransfer.interac.ca/fp/top_fp.html;CIS3SID=B9EEDA2026D267DD7440DE2137501FEC?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&nonce=b78b963d89edb0ae
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.252 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://content.etransfer.interac.ca/fp/top_fp.html;CIS3SID=B9EEDA2026D267DD7440DE2137501FEC?org_id=bzmgl3t1&session_id=9f5d0486-2f68-4a3b-b831-64f62eee19f8&nonce=b78b963d89edb0ae
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Fri, 04 Aug 2023 18:39:35 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
text/javascript
Access-Control-Allow-Origin
https://content.etransfer.interac.ca
Cache-Control
no-cache, no-store, must-revalidate
Connection
close
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=771346087&t=event&ni=0&_s=1&dl=https%3A%2F%2Fetransfer.interac.ca%2FredirectFromShortcutToFi.do%3FpID%3DCAJTJKeA%26lvt%3D4FFD5643AE6CE7D4887920A327BB94B6D58A159164441E5ACCA01C4E61E11D06%26fiID%3DCA000004%26lang%3Den&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=RedirectFromEmail&ea=CA000004%20-%20English&_u=aGDAgAAjAAAAAG~&jid=&gjid=&cid=1713678056.1691174373&tid=UA-53324311-1&_gid=408841491.1691174373&gtm=45He3820n715SR238&cd3=logo&z=665618057
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.206 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://etransfer.interac.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 04 Aug 2023 11:10:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
26956
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ca.tdbank.banking.servlet.DefaultServlet
easyweb.td.com/waw/ezw/servlet/ Frame B128 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://easyweb.td.com/waw/ezw/servlet/ca.tdbank.banking.servlet.DefaultServlet?referer=main&RID=CAJTJKeA
Requested by
Host: easyweb.td.com
URL: https://easyweb.td.com/waw/ezw/main.jsp?RID=CAJTJKeA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.148.170 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-51-148-170.deploy.static.akamaitechnologies.com
Software
/ Servlet/3.1
Resource Hash
43b3469225c3403353a31da959f680aecb0f0d27d2e65b88891335a115a242fe
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://easyweb.td.com/waw/ezw/main.jsp?RID=CAJTJKeA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
cachecontrol
no-cache
content-encoding
gzip
content-language
en-US
content-length
1142
content-type
text/html
date
Fri, 04 Aug 2023 18:39:35 GMT
expires
Fri, 04 Aug 2023 18:39:35 GMT
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP COR CUR DEV PSA PSD CONo TELo ADM TAI OUR LEG PHY ONL UNI FIN CNT PRE GOV PUR NAV INT COM STA"
pragma
no-cache
strict-transport-security
max-age=86400
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-powered-by
Servlet/3.1
blank.jsp
easyweb.td.com/waw/ezw/ Frame AF79 		151 B
616 B 		Document
General
Check archive.org
Download Go to
Full URL
https://easyweb.td.com/waw/ezw/blank.jsp
Requested by
Host: easyweb.td.com
URL: https://easyweb.td.com/waw/ezw/main.jsp?RID=CAJTJKeA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.148.170 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-51-148-170.deploy.static.akamaitechnologies.com
Software
/ Servlet/3.1
Resource Hash
e91b774938f8b38cb4d41cc9f5ba491c67a235d939cef54e90ea458a84120285
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://easyweb.td.com/waw/ezw/main.jsp?RID=CAJTJKeA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
cachecontrol
no-cache
content-language
en-US
content-length
151
content-type
text/html
date
Fri, 04 Aug 2023 18:39:35 GMT
expires
Fri, 04 Aug 2023 18:39:35 GMT
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP COR CUR DEV PSA PSD CONo TELo ADM TAI OUR LEG PHY ONL UNI FIN CNT PRE GOV PUR NAV INT COM STA"
pragma
no-cache
strict-transport-security
max-age=86400
x-frame-options
SAMEORIGIN
x-powered-by
Servlet/3.1
login-initializer
authentication.td.com/uap-ui/ Frame B99D 		0
580 B 		Document
General
Check archive.org
Download Go to
Full URL
https://authentication.td.com/uap-ui/login-initializer?ec=undefined&lang=en_CA&consumer=easyweb
Requested by
Host: easyweb.td.com
URL: https://easyweb.td.com/waw/ezw/servlet/ca.tdbank.banking.servlet.DefaultServlet?referer=main&RID=CAJTJKeA
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.51.148.153 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-51-148-153.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://easyweb.td.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Content-Type
text/plain; charset=UTF-8
Date
Fri, 04 Aug 2023 18:39:35 GMT
Expires
Fri, 04 Aug 2023 18:39:35 GMT
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=86400
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
authorization.oauth2
authorization.td.com/as/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://authorization.td.com/as/authorization.oauth2?response_type=code%20id_token&client_id=11f15756-c106-4329-a7d8-053d348e8ca6&pfidpadapterid=uapdapter&scope=alev.altr.alev.w%20apay.bpapi.edd.r%20bt.bto.bt.w%20cca.crdsv.cca.r%20cca.crdsv.cca.w%20cca.tdc.cca.r%20cca.tdcbc.cca.r%20ce.oscce.ce.r%20ce.oscce.ce.w%20co.bto.co.r%20ctev.smsg.ctev.r%20debit.acs.debcrd.r%20docg.oscdd.docg.w%20docm.dom.docom.w%20docm.fn.repo.r%20docm.fn.repo.w%20enr.papi.enr.r%20enr.papi.enr.w%20enr.tdw.prdc.r%20enr.tdw.prdc.w%20ffc.woe.ff.r%20ffc.woe.ff.w%20ffc.woe.ffdoc.r%20frds.frd.frds.w%20ft.das.fts.r%20ft.elgty.ft.r%20ft.papi.ft.r%20ft.papi.ft.w%20ftq.papi.ftq.w%20inva.rpm.inva.r%20inva.wft.inva.r%20invp.wdsm.invp.r%20invp.wdsm.mktq.r%20km.kms.ce.w%20la.tdc.lag.r%20la.tdc.lag.rre.w%20lu.papi.lu.r%20mtag.mtg.mtag.r%20mtag.mtg.mtag.w%20notf.papi.ft.r%20notf.papi.ft.w%20prts.capa.prts.r%20prts.capd.prts.r%20prts.cif.prts.r%20prts.cif.prts.w%20prts.elgty.prts.r%20prts.radar.prts.r%20prts.radar.prts.w%20serreqs.ctssd.iss.w%20stmt.sdapi.estmt.r%20stmt.sdapi.estmt.w%20to.rpm.to.r%20vlet.dcc.vlet.w&nonce=8dd1b62f-5068-48be-8572-115129f3ef02&redirect_uri=https://easyweb.td.com/waw/ezw/initialize.jsp?RID=CAJTJKeA&state=EASYWEB
Requested by
Host: easyweb.td.com
URL: https://easyweb.td.com/waw/ezw/servlet/ca.tdbank.banking.servlet.DefaultServlet?referer=main&RID=CAJTJKeA
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.51.148.153 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-51-148-153.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
015c3ea862abf5ff544f073178c60230695dcfb2c141f9154711c64fad4c365b
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://easyweb.td.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Encoding
gzip
Content-Length
757
Content-Type
text/html;charset=utf-8
Date
Fri, 04 Aug 2023 18:39:35 GMT
Expires
Fri, 04 Aug 2023 18:39:35 GMT
Pragma
no-cache
Server
Apache
Server-Timing
dtRpid;desc="1034168634"
Strict-Transport-Security
max-age=86400
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
X-OneAgent-JS-Injection
true
ruxitagentjs_ICA2NVfgjqru_10205201218101503.js
authorization.td.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://authorization.td.com/ruxitagentjs_ICA2NVfgjqru_10205201218101503.js
Requested by
Host: authorization.td.com
URL: https://authorization.td.com/as/authorization.oauth2?response_type=code%20id_token&client_id=11f15756-c106-4329-a7d8-053d348e8ca6&pfidpadapterid=uapdapter&scope=alev.altr.alev.w%20apay.bpapi.edd.r%20bt.bto.bt.w%20cca.crdsv.cca.r%20cca.crdsv.cca.w%20cca.tdc.cca.r%20cca.tdcbc.cca.r%20ce.oscce.ce.r%20ce.oscce.ce.w%20co.bto.co.r%20ctev.smsg.ctev.r%20debit.acs.debcrd.r%20docg.oscdd.docg.w%20docm.dom.docom.w%20docm.fn.repo.r%20docm.fn.repo.w%20enr.papi.enr.r%20enr.papi.enr.w%20enr.tdw.prdc.r%20enr.tdw.prdc.w%20ffc.woe.ff.r%20ffc.woe.ff.w%20ffc.woe.ffdoc.r%20frds.frd.frds.w%20ft.das.fts.r%20ft.elgty.ft.r%20ft.papi.ft.r%20ft.papi.ft.w%20ftq.papi.ftq.w%20inva.rpm.inva.r%20inva.wft.inva.r%20invp.wdsm.invp.r%20invp.wdsm.mktq.r%20km.kms.ce.w%20la.tdc.lag.r%20la.tdc.lag.rre.w%20lu.papi.lu.r%20mtag.mtg.mtag.r%20mtag.mtg.mtag.w%20notf.papi.ft.r%20notf.papi.ft.w%20prts.capa.prts.r%20prts.capd.prts.r%20prts.cif.prts.r%20prts.cif.prts.w%20prts.elgty.prts.r%20prts.radar.prts.r%20prts.radar.prts.w%20serreqs.ctssd.iss.w%20stmt.sdapi.estmt.r%20stmt.sdapi.estmt.w%20to.rpm.to.r%20vlet.dcc.vlet.w&nonce=8dd1b62f-5068-48be-8572-115129f3ef02&redirect_uri=https://easyweb.td.com/waw/ezw/initialize.jsp?RID=CAJTJKeA&state=EASYWEB
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.51.148.153 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-51-148-153.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://authorization.td.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Fri, 04 Aug 2023 18:39:36 GMT
Cache-Control
max-age=86384
Strict-Transport-Security
max-age=86400
Server
Apache
Connection
keep-alive
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
Primary Request /
authentication.td.com/uap-ui/
Redirect Chain
  • https://authentication.td.com/uap-ui/initiate-sso
  • https://authentication.td.com/uap-ui/index.html?consumer=easyweb&locale=en_CA
  • https://authentication.td.com/uap-ui/?consumer=easyweb&locale=en_CA
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://authentication.td.com/uap-ui/?consumer=easyweb&locale=en_CA
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.51.148.153 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-51-148-153.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c93e08afdf83b60a63e2473d39e6a30a5d6b63f0ddbc14fcb7d4c16023898bff
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://authorization.td.com
Referer
https://authorization.td.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Encoding
gzip
Content-Language
en-CA
Content-Length
1000
Content-Type
text/html;charset=UTF-8
Date
Fri, 04 Aug 2023 18:39:36 GMT
Expires
Fri, 04 Aug 2023 18:39:36 GMT
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=86400
Vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

Cache-Control
max-age=0, no-cache, no-store
Connection
close
Content-Language
en-CA
Content-Type
text/html;charset=UTF-8
Date
Fri, 04 Aug 2023 18:39:36 GMT
Expires
Fri, 04 Aug 2023 18:39:36 GMT
Location
https://authentication.td.com/uap-ui/?consumer=easyweb&locale=en_CA
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=86400
x-content-type-options
nosniff
x-xss-protection
1; mode=block
td_common_153.js
authentication.td.com/waw/idp/js/ 		237 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://authentication.td.com/waw/idp/js/td_common_153.js
Requested by
Host: authentication.td.com
URL: https://authentication.td.com/uap-ui/?consumer=easyweb&locale=en_CA
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.51.148.153 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-51-148-153.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ec6e2de5e83756b9791f3f6e699bf21fe550d00c8b7979d016ea1c88a46948f7
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://authentication.td.com/uap-ui/?consumer=easyweb&locale=en_CA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Aug 2023 18:39:36 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=86400
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
X-Ion-Hop
1
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive, Transfer-Encoding
Expires
Fri, 04 Aug 2023 18:39:36 GMT
styles.7daa7d1af2572a52daba.css
authentication.td.com/uap-ui/ 		312 KB
49 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://authentication.td.com/uap-ui/styles.7daa7d1af2572a52daba.css
Requested by
Host: authentication.td.com
URL: https://authentication.td.com/uap-ui/?consumer=easyweb&locale=en_CA
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.51.148.153 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-51-148-153.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
82e6f0f6c01462b56973940030d1225c4057f0b29208441d95ce4974eabcdc75
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://authentication.td.com/uap-ui/?consumer=easyweb&locale=en_CA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Fri, 04 Aug 2023 18:39:36 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=86400
Last-Modified
Wed, 02 Aug 2023 12:59:34 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=48808
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
49763
X-XSS-Protection
1; mode=block
runtime-es2015.e748bfeb478370a35d92.js
authentication.td.com/uap-ui/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://authentication.td.com/uap-ui/runtime-es2015.e748bfeb478370a35d92.js
Requested by
Host: authentication.td.com
URL: https://authentication.td.com/uap-ui/?consumer=easyweb&locale=en_CA
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.51.148.153 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-51-148-153.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6c5acbb82a46a4971660f65131241dffcc28828f4dbd76b8ec7bab0b468250f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://authentication.td.com/uap-ui/?consumer=easyweb&locale=en_CA
Origin
https://authentication.td.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Fri, 04 Aug 2023 18:39:36 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=86400
Last-Modified
Fri, 28 Jul 2023 10:52:03 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=75767
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
719
X-XSS-Protection
1; mode=block
polyfills-es2015.965da94d3645816204ff.js
authentication.td.com/uap-ui/ 		162 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://authentication.td.com/uap-ui/polyfills-es2015.965da94d3645816204ff.js
Requested by
Host: authentication.td.com
URL: https://authentication.td.com/uap-ui/?consumer=easyweb&locale=en_CA
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.51.148.153 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-51-148-153.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8263dca9319e99b14190a28a9e19654949ae5fc7805a9ff211a8e2b0e8fcd45b
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://authentication.td.com/uap-ui/?consumer=easyweb&locale=en_CA
Origin
https://authentication.td.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Fri, 04 Aug 2023 18:39:36 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=86400
Last-Modified
Sun, 30 Jul 2023 00:46:25 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=37642
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
55542
X-XSS-Protection
1; mode=block
scripts.13cd3f9c93f86b02bd4f.js
authentication.td.com/uap-ui/ 		214 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://authentication.td.com/uap-ui/scripts.13cd3f9c93f86b02bd4f.js
Requested by
Host: authentication.td.com
URL: https://authentication.td.com/uap-ui/?consumer=easyweb&locale=en_CA
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.51.148.153 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-51-148-153.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e409d5c97689db8631775a5d9d7156e7d41abb34ff20b8aa3512e08f66054c3b
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://authentication.td.com/uap-ui/?consumer=easyweb&locale=en_CA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Fri, 04 Aug 2023 18:39:36 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=86400
Last-Modified
Sat, 29 Jul 2023 01:44:47 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86173
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
69288
X-XSS-Protection
1; mode=block
main-es2015.63dbd088aafcc9297499.js
authentication.td.com/uap-ui/ 		2 MB
421 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://authentication.td.com/uap-ui/main-es2015.63dbd088aafcc9297499.js
Requested by
Host: authentication.td.com
URL: https://authentication.td.com/uap-ui/?consumer=easyweb&locale=en_CA
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.51.148.153 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-51-148-153.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d3f18e2ccc9a3f85f1a928ddbaf749d5b656402f782845d6fe908f6ca2b45740
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://authentication.td.com/uap-ui/?consumer=easyweb&locale=en_CA
Origin
https://authentication.td.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Fri, 04 Aug 2023 18:39:36 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=86400
Last-Modified
Sun, 30 Jul 2023 08:14:25 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=84263
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
430861
X-XSS-Protection
1; mode=block
weblysleekuisl-webfont.66604a205b26ae0393b2.woff2
authentication.td.com/uap-ui/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://authentication.td.com/uap-ui/weblysleekuisl-webfont.66604a205b26ae0393b2.woff2
Requested by
Host: authentication.td.com
URL: https://authentication.td.com/uap-ui/styles.7daa7d1af2572a52daba.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.51.148.153 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-51-148-153.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8adf7be5e4b8e09896eb13e9eaa409a3bcf7d35a096c858127816cd520d8b13f
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://authentication.td.com/uap-ui/styles.7daa7d1af2572a52daba.css
Origin
https://authentication.td.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Aug 2023 18:39:36 GMT
Strict-Transport-Security
max-age=86400
X-Content-Type-Options
nosniff
Last-Modified
Wed, 19 Jul 2023 06:52:12 GMT
Server
Apache
Content-Type
application/font-woff2
X-Cnection
close
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21472
X-XSS-Protection
1; mode=block
Expires
Fri, 04 Aug 2023 18:39:36 GMT
i18n-en-ca.json
authentication.td.com/uap-ui/translations/cacheable/easyweb/ 		124 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://authentication.td.com/uap-ui/translations/cacheable/easyweb/i18n-en-ca.json
Requested by
Host: authentication.td.com
URL: https://authentication.td.com/waw/idp/js/td_common_153.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.51.148.153 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-51-148-153.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2e3ef3ddcd9783167eb7025b00abacd1cfe842fe0b91d5f8b76d933ffa61ad31
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

domainName
easyweb
Accept
application/json, text/plain, */*
Referer
https://authentication.td.com/uap-ui/?consumer=easyweb&locale=en_CA
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Pragma
no-cache
Date
Fri, 04 Aug 2023 18:39:37 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=86400
Server
Apache
ETag
"0065be219c751e9a0d2415c9d1956bb1c"
Vary
Accept-Encoding
Content-Type
application/json;charset=UTF-8
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
29035
X-XSS-Protection
1; mode=block
Expires
Fri, 04 Aug 2023 18:39:37 GMT
transfer-configuration
authentication.td.com/uap-ui/ 		285 B
722 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://authentication.td.com/uap-ui/transfer-configuration
Requested by
Host: authentication.td.com
URL: https://authentication.td.com/waw/idp/js/td_common_153.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.51.148.153 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-51-148-153.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
20a1ffafb4ac67e745c5f808633d36a6e97e0889d58bd49d700d229f8a38daee
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

domainName
easyweb
Accept
application/json, text/plain, */*
Referer
https://authentication.td.com/uap-ui/?consumer=easyweb&locale=en_CA
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Pragma
no-cache
Date
Fri, 04 Aug 2023 18:39:37 GMT
Strict-Transport-Security
max-age=86400
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
application/json
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
285
X-XSS-Protection
1; mode=block
Expires
Fri, 04 Aug 2023 18:39:37 GMT
generic-config
authentication.td.com/waw/idp/authn/v1/ 		896 B
970 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://authentication.td.com/waw/idp/authn/v1/generic-config
Requested by
Host: authentication.td.com
URL: https://authentication.td.com/waw/idp/js/td_common_153.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.51.148.153 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-51-148-153.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7e5806ff9baca6bd9fabf0270574f2e73efe3e3b2c791715da7e35180750fc6a
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

domainName
easyweb
Accept
application/json, text/plain, */*
Referer
https://authentication.td.com/uap-ui/?consumer=easyweb&locale=en_CA
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Pragma
no-cache
Date
Fri, 04 Aug 2023 18:39:37 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=86400
Server
Apache
Vary
Accept-Encoding
Content-Type
application/json
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
471
X-XSS-Protection
1; mode=block
Clone-ID
BB1
Expires
Fri, 04 Aug 2023 18:39:37 GMT
oidc-config
authentication.td.com/waw/idp/authn/v1/ 		2 B
452 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://authentication.td.com/waw/idp/authn/v1/oidc-config
Requested by
Host: authentication.td.com
URL: https://authentication.td.com/waw/idp/js/td_common_153.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.51.148.153 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-51-148-153.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

domainName
easyweb
Accept
application/json, text/plain, */*
Referer
https://authentication.td.com/uap-ui/?consumer=easyweb&locale=en_CA
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Pragma
no-cache
Date
Fri, 04 Aug 2023 18:39:37 GMT
Strict-Transport-Security
max-age=86400
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
application/json
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
2
X-XSS-Protection
1; mode=block
Clone-ID
BB1
Expires
Fri, 04 Aug 2023 18:39:37 GMT
remember-me
authentication.td.com/waw/idp/authn/v1/ 		27 B
478 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://authentication.td.com/waw/idp/authn/v1/remember-me
Requested by
Host: authentication.td.com
URL: https://authentication.td.com/waw/idp/js/td_common_153.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.51.148.153 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-51-148-153.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d49999a1317ad5863acc07dde1aa5f1282440ee94aa27a926dd740fa2ae58758
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

domainName
easyweb
Accept
application/json, text/plain, */*
Referer
https://authentication.td.com/uap-ui/?consumer=easyweb&locale=en_CA
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Pragma
no-cache
Date
Fri, 04 Aug 2023 18:39:37 GMT
Strict-Transport-Security
max-age=86400
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
application/json
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
27
X-XSS-Protection
1; mode=block
Clone-ID
BB1
Expires
Fri, 04 Aug 2023 18:39:37 GMT
TDGraphik-Light-Web.ac32324d8d2bb0cdec57.woff2
authentication.td.com/uap-ui/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://authentication.td.com/uap-ui/TDGraphik-Light-Web.ac32324d8d2bb0cdec57.woff2
Requested by
Host: authentication.td.com
URL: https://authentication.td.com/uap-ui/styles.7daa7d1af2572a52daba.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.51.148.153 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-51-148-153.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43ad095f34da8d8d17e1aa49feec927460e0f3cd1d58448164d2f65c19477f97
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://authentication.td.com/uap-ui/styles.7daa7d1af2572a52daba.css
Origin
https://authentication.td.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Aug 2023 18:39:37 GMT
Strict-Transport-Security
max-age=86400
X-Content-Type-Options
nosniff
Last-Modified
Wed, 19 Jul 2023 06:52:13 GMT
Server
Apache
Content-Type
application/font-woff2
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
37564
X-XSS-Protection
1; mode=block
Expires
Fri, 04 Aug 2023 18:39:37 GMT
getEmsContent
www.wcmcaas.td.com/api/ca/em-msg//en/EW_UAP/1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.wcmcaas.td.com/api/ca/em-msg//en/EW_UAP/1/getEmsContent
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.0.237 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,domainname
Access-Control-Request-Method
GET
Origin
https://authentication.td.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-headers
accept-language, content-type, domainname
access-control-allow-origin
*
cache-control
max-age=28800
content-length
489
content-type
text/html; charset=iso-8859-1
date
Fri, 04 Aug 2023 18:39:37 GMT
expires
Sat, 05 Aug 2023 02:39:37 GMT
server
Apache
strict-transport-security
max-age=63072000; includeSubdomains;
x-dispatcher
dispatcher2canadacentral
x-tdec-version
4.70
x-vhost
caas-publish
ast.js
acdn.adnxs.com/ast/ 		100 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ast/ast.js
Requested by
Host: authentication.td.com
URL: https://authentication.td.com/uap-ui/main-es2015.63dbd088aafcc9297499.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3b72af59b1d95751583f25bee44592d7026c8b9f6922fd5bfff7ecd961c6859c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://authentication.td.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Expires
Tue, 11 Jul 2023 13:31:10 GMT
Date
Fri, 04 Aug 2023 18:39:37 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
18438
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
34495
X-Served-By
cache-lga21942-LGA, cache-yyz4556-YYZ
Last-Modified
Mon, 10 Jul 2023 13:28:42 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Timer
S1691174377.400872,VS0,VE0
ETag
W/"64ac078a-19032"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Accept-Ranges
bytes
X-Cache-Hits
2763, 4142
Bootstrap.js
nexus.ensighten.com/tdb/uap-prod/ 		452 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/tdb/uap-prod/Bootstrap.js
Requested by
Host: authentication.td.com
URL: https://authentication.td.com/uap-ui/main-es2015.63dbd088aafcc9297499.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.120 -, , ASN (),
Reverse DNS
Software
CloudFront /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://authentication.td.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 30 Jul 2023 15:09:08 GMT
x-amz-version-id
jweYxGZqEfpF11Ryskmr4iEkjYeaImCg
content-encoding
gzip
via
1.1 83fa5376b39b1a76db557ab22fa73856.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
age
444630
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Sun, 30 Jul 2023 15:07:11 GMT
server
CloudFront
etag
W/"843ea0c72fb686951db8e27f5509c72d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
x-amz-cf-id
JCGqEoHvo551vfVzJghar3yCJUBlGkrShMG0yc_-sJwE-1zyCLZm6Q==
dfb31537.js
bcdn.td.com/scripts/dfb31537/ 		438 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bcdn.td.com/scripts/dfb31537/dfb31537.js
Requested by
Host: authentication.td.com
URL: https://authentication.td.com/uap-ui/main-es2015.63dbd088aafcc9297499.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.96 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://authentication.td.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 78151a5252ddc63300143dbe81b1f0c4.cloudfront.net (CloudFront)
date
Fri, 04 Aug 2023 00:01:27 GMT
last-modified
Thu, 05 Sep 2019 12:10:44 GMT
server
AmazonS3
x-amz-cf-pop
EWR50-C1
age
67091
etag
"7012843ee1c67ec33ff7864d165ea40b"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
102227
x-amz-cf-id
rltSqtMBfSzneQE7oyCNuP3kCOacixnRUWkwaE827cebZ5GnVEgglQ==
getting_started_uap.tpl.html
authentication.td.com/uap-ui/fragments/cacheable/easyweb/ 		9 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://authentication.td.com/uap-ui/fragments/cacheable/easyweb/getting_started_uap.tpl.html
Requested by
Host: authentication.td.com
URL: https://authentication.td.com/waw/idp/js/td_common_153.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.51.148.153 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-51-148-153.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b003829e27c2fae081e1568a2cf86d0d65e6f2549c13ffd3ec394589e1bbfe69
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

domainName
easyweb
Accept
application/json, text/plain, */*
Referer
https://authentication.td.com/uap-ui/?consumer=easyweb&locale=en_CA
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Aug 2023 18:39:37 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=86400
Server
Apache
ETag
"077732f6e10257169cac58fe989de1d15"
Vary
Accept-Encoding
Content-Type
text/html;charset=ISO-8859-1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1488
X-XSS-Protection
1; mode=block
Expires
Fri, 04 Aug 2023 18:39:37 GMT
legal_uap.tpl.html
authentication.td.com/uap-ui/fragments/cacheable/easyweb/ 		2 KB
901 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://authentication.td.com/uap-ui/fragments/cacheable/easyweb/legal_uap.tpl.html
Requested by
Host: authentication.td.com
URL: https://authentication.td.com/waw/idp/js/td_common_153.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.51.148.153 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-51-148-153.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a73ab71c9ffb7850a1b0e8f74ff8e1d911a6d52bfe4716da164667a8e2ba205d
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

domainName
easyweb
Accept
application/json, text/plain, */*
Referer
https://authentication.td.com/uap-ui/?consumer=easyweb&locale=en_CA
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Aug 2023 18:39:37 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=86400
Server
Apache
ETag
"05cd89d4c27ef01e0331a1fcde224d784"
Vary
Accept-Encoding
Content-Type
text/html;charset=ISO-8859-1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
362
X-XSS-Protection
1; mode=block
Expires
Fri, 04 Aug 2023 18:39:37 GMT
getEmsContent
www.wcmcaas.td.com/api/ca/em-msg//en/EW_UAP/1/ 		21 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.wcmcaas.td.com/api/ca/em-msg//en/EW_UAP/1/getEmsContent
Requested by
Host: authentication.td.com
URL: https://authentication.td.com/waw/idp/js/td_common_153.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.0.237 -, , ASN (),
Reverse DNS
Software
ECD (cha/8091) /
Resource Hash
2f756735cc9373185086bec53761d4b488c2370a96fc3bec1b63acc4fb3c0d87
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

domainName
easyweb
Accept
application/json, text/plain, */*
Referer
https://authentication.td.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

x-dispatcher
dispatcher2canadacentral
date
Fri, 04 Aug 2023 18:39:37 GMT
strict-transport-security
max-age=63072000; includeSubdomains;
x-content-type-options
nosniff
age
515
x-vhost
caas-publish
x-cache
HIT
x-tdec-version
4.70
content-length
21
x-xss-protection
1; mode=block
last-modified
Fri, 04 Aug 2023 07:05:44 GMT
server
ECD (cha/8091)
etag
"15-6021386854840"
x-frame-options
SAMEORIGIN
content-type
application/json;charset=utf-8
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
accept-language, content-type, domainname
expires
Sat, 05 Aug 2023 07:09:19 GMT
tmx-config
authentication.td.com/waw/idp/authn/v1/ 		170 B
749 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://authentication.td.com/waw/idp/authn/v1/tmx-config
Requested by
Host: authentication.td.com
URL: https://authentication.td.com/waw/idp/js/td_common_153.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.51.148.153 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-51-148-153.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
366bec560015662e811af39800a997f5067136f1e6852bf3193660050bd357b7
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

domainName
easyweb
Accept
application/json, text/plain, */*
Referer
https://authentication.td.com/uap-ui/?consumer=easyweb&locale=en_CA
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Pragma
no-cache
Date
Fri, 04 Aug 2023 18:39:37 GMT
Strict-Transport-Security
max-age=86400
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
application/json
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
170
X-XSS-Protection
1; mode=block
Clone-ID
BB1
Expires
Fri, 04 Aug 2023 18:39:37 GMT
footer_seat.png
authentication.td.com/uap-ui/assets/img/ 		154 KB
154 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://authentication.td.com/uap-ui/assets/img/footer_seat.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.51.148.153 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-51-148-153.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2e3f935ac779b7440c7ce9981857ed58156acf3c0c4e65bac733b31210f6fb97
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://authentication.td.com/uap-ui/?consumer=easyweb&locale=en_CA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Aug 2023 18:39:37 GMT
Strict-Transport-Security
max-age=86400
X-Content-Type-Options
nosniff
Last-Modified
Mon, 31 Jul 2023 14:48:09 GMT
Server
Apache
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
157576
X-XSS-Protection
1; mode=block
icons.4a4e4163bc508eee5cec.woff2
authentication.td.com/uap-ui/ 		48 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://authentication.td.com/uap-ui/icons.4a4e4163bc508eee5cec.woff2?7x0g4p
Requested by
Host: authentication.td.com
URL: https://authentication.td.com/uap-ui/styles.7daa7d1af2572a52daba.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.51.148.153 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-51-148-153.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
90400b04843bd9ff25ca2b1864b794caf7f50dfd1171707339ab9c0cf63c78c7
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://authentication.td.com/uap-ui/styles.7daa7d1af2572a52daba.css
Origin
https://authentication.td.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Aug 2023 18:39:37 GMT
Strict-Transport-Security
max-age=86400
X-Content-Type-Options
nosniff
Last-Modified
Wed, 19 Jul 2023 06:52:13 GMT
Server
Apache
Content-Type
application/font-woff2
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
48892
X-XSS-Protection
1; mode=block
Expires
Fri, 04 Aug 2023 18:39:37 GMT
weblysleekuil-webfont.6755d12c56285cf53676.woff2
authentication.td.com/uap-ui/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://authentication.td.com/uap-ui/weblysleekuil-webfont.6755d12c56285cf53676.woff2
Requested by
Host: authentication.td.com
URL: https://authentication.td.com/uap-ui/styles.7daa7d1af2572a52daba.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.51.148.153 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-51-148-153.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7f8f92a1913474ebb54f27bb9a908eb8006c76665ed14ed7ebea958b661b4b7a
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://authentication.td.com/uap-ui/styles.7daa7d1af2572a52daba.css
Origin
https://authentication.td.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Aug 2023 18:39:37 GMT
Strict-Transport-Security
max-age=86400
X-Content-Type-Options
nosniff
Last-Modified
Wed, 19 Jul 2023 06:52:13 GMT
Server
Apache
Content-Type
application/font-woff2
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18916
X-XSS-Protection
1; mode=block
Expires
Fri, 04 Aug 2023 18:39:37 GMT
country_ca.png
authentication.td.com/uap-ui/assets/img/ 		228 B
616 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://authentication.td.com/uap-ui/assets/img/country_ca.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.51.148.153 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-51-148-153.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0373017fc21c582e0897f8f97d648ccc9fbd188a315b74940a86cbfdb4f361fb
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://authentication.td.com/uap-ui/?consumer=easyweb&locale=en_CA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Aug 2023 18:39:37 GMT
Strict-Transport-Security
max-age=86400
X-Content-Type-Options
nosniff
Last-Modified
Fri, 28 Jul 2023 00:53:38 GMT
Server
Apache
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
228
X-XSS-Protection
1; mode=block
country_us.png
authentication.td.com/uap-ui/assets/img/ 		156 B
544 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://authentication.td.com/uap-ui/assets/img/country_us.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.51.148.153 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-51-148-153.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d6b16b0f2068f7256c58f598770ae2ab34dfa4a4add0316fdd5057b1953a408c
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://authentication.td.com/uap-ui/?consumer=easyweb&locale=en_CA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Aug 2023 18:39:37 GMT
Strict-Transport-Security
max-age=86400
X-Content-Type-Options
nosniff
Last-Modified
Mon, 31 Jul 2023 10:31:14 GMT
Server
Apache
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
156
X-XSS-Protection
1; mode=block
td-logo.png
authentication.td.com/uap-ui/assets/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://authentication.td.com/uap-ui/assets/img/td-logo.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.51.148.153 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-51-148-153.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e9682e19c129f7675bf49c78b22a6fb88b0d7fe6442cb6f3e2b555b5e94bb3ca
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://authentication.td.com/uap-ui/?consumer=easyweb&locale=en_CA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Aug 2023 18:39:37 GMT
Strict-Transport-Security
max-age=86400
X-Content-Type-Options
nosniff
Last-Modified
Sat, 29 Jul 2023 16:24:04 GMT
Server
Apache
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3175
X-XSS-Protection
1; mode=block
showPassword.svg
authentication.td.com/uap-ui/assets/img/ 		0
0
1rrzmnx5crvepevd.js
tmx.td.com/ 		0
0
v3
ib.adnxs.com/ut/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
authentication.td.com
URL
https://authentication.td.com/uap-ui/assets/img/showPassword.svg
Domain
tmx.td.com
URL
https://tmx.td.com/1rrzmnx5crvepevd.js?o2is88vcsa9081ho=i8n5h0pw&pjhan5k2fhmlbbmc=829da521-c62d-433f-9b7e-59c2dc4a3d44
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/ut/v3

Verdicts & Comments Add Verdict or Comment

161 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _0x8142 object| webpackJsonp function| Zone function| __zone_symbol__Promise function| __zone_symbol__ZoneAwarePromise function| __zone_symbol__fetch function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__ononbeforeinputpatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__onontransitioncancelpatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__onondevicemotionpatched boolean| __zone_symbol__onondeviceorientationpatched boolean| __zone_symbol__onondeviceorientationabsolutepatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__onontransitionrunpatched boolean| __zone_symbol__onontransitionstartpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononmessageerrorpatched object| threatmetrix function| toggleCollapsibleContent object| __zone_symbol__loadfalse function| $ function| jQuery object| Modernizr function| Dragdealer object| picturefillCFG function| picturefill object| modules_ext object| global_ext boolean| android boolean| iOS object| g object| jQuery1111013589205828431816 object| __zone_symbol__resizefalse function| Hammer object| __zone_symbol__popstatefalse object| __zone_symbol__hashchangefalse object| __zone_symbol__orientationchangefalse object| apntag object| tms_tag object| cdApi function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers object| __zone_symbol__ON_PROPERTYload function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners

24 Cookies

Domain/Path Name / Value
easyweb.td.com/waw/ezw Name: TD-persist
Value: BDC
authentication.td.com/uap-ui Name: JSESSIONID
Value: kBZrDWI7EUYoLFvwi8JvCwQx_8LRW0tqNI_XvmPz.BB1
etransfer.interac.ca/ Name: JSESSIONID
Value: z+aGvVtsfuOKY30AK2r7JMsS
etransfer.interac.ca/ Name: org.springframework.web.servlet.i18n.CookieLocaleResolver.LOCALE
Value: en
etransfer.interac.ca/ Name: GW
Value: df9c00cb-7a56-47c8-8c7e-d2c987ec1584
etransfer.interac.ca/ Name: FASSID1
Value: rd1o00000000000000000000ffff0a3260a5o8080
.interac.ca/ Name: visid_incap_949440
Value: NuW5+j9bR3W0pyGdV4Y1CORFzWQAAAAAQUIPAAAAAACTCgYp3hGrBoAI/aqk2DXQ
.interac.ca/ Name: nlbi_949440
Value: xrp4Nv/C+WTRjMGNeOCgdwAAAAAWmZgXbw8wYVIdnb2BR4Wt
.interac.ca/ Name: incap_ses_8072_949440
Value: 0H8uIAbQvnVCOsnPEYIFcORFzWQAAAAAIX5HRw5Ykf6Fh5ObyvX4MA==
content.etransfer.interac.ca/ Name: thx_guid
Value: 62241aa2cc10ca34105c70c965f230b9
.interac.ca/ Name: _gcl_au
Value: 1.1.945677594.1691174373
.etransfer.interac.ca/ Name: _ga
Value: GA1.3.1713678056.1691174373
.etransfer.interac.ca/ Name: _gid
Value: GA1.3.408841491.1691174373
.etransfer.interac.ca/ Name: _dc_gtm_UA-53324311-1
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUkZdGVwCQaAW9pC-scqRtv8dfUNlp_Zg3RL3HuNj3qWoqmOWeNSKbzn2ArZBIY
.td.com/ Name: com.td.WAWID
Value: easyweb.td.com/waw/ezw
easyweb.td.com/ Name: JSESSIONID
Value: 0000SpAC0GZuyfbMr1c-RHHTyXL:1e2njr9au
.td.com/ Name: uapCookieInfo
Value: ec%3Dundefined%26lang%3Den_CA%26consumer%3Deasyweb%26tsnConsumerAppId%3Dnull
authentication.td.com/ Name: TD-persist
Value: BDCB
.td.com/ Name: dtCookie
Value: v_4_srv_27_sn_A110CBF0388343FACE1B932F57230422_perc_100000_ol_0_mul_1_app-3Abd0783a7658b6f3a_1
authorization.td.com/ Name: PF
Value: ts1wLczVsXN6QcY5jGIXM8
authorization.td.com/ Name: TD-persist
Value: BDC
authentication.td.com/ Name: authenticationContextInfo
Value: resumePath%3D%2Fas%2FxulwR%2Fresume%2Fas%2Fauthorization.ping%26ogRequired%3Dtrue%26ogCookieName%3Dcom.td.ew.SSO_GUID%26ec%3Dundefined%26flowType%3Dauthcode
.td.com/ Name: HD4bjx6N
Value: A18U2cGJAQAA9Im1J2m_fx_ZUQJwx-OtKPBKJOoYvlV7JJxIay3hJa082lQQAVYwDgOucirJwH8AAEB3AAAAAA|1|0|7f3d971f14e1f4288496e627f857bc2f0344aada

2 Console Messages

Source Level URL
Text
network error URL: https://authorization.td.com/ruxitagentjs_ICA2NVfgjqru_10205201218101503.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
other warning URL: https://bcdn.td.com/scripts/dfb31537/dfb31537.js(Line 7)
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4168148.fls.doubleclick.net
acdn.adnxs.com
adservice.google.ca
adservice.google.com
authentication.td.com
authorization.td.com
bcdn.td.com
bzmgl3t1giljnu4dskziekazlxyrwnebf3dt66dtb78b963d89edb0aesac.d.aa.online-metrix.net
bzmgl3t1giljnu4dskziekazlxyrwnebf3dt66dtc01200eb9065595dsac.d.aa.online-metrix.net
content.etransfer.interac.ca
easyweb.td.com
etransfer.interac.ca
googleads.g.doubleclick.net
h.online-metrix.net
ib.adnxs.com
nexus.ensighten.com
stats.g.doubleclick.net
tmx.td.com
www.google-analytics.com
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.wcmcaas.td.com
authentication.td.com
ib.adnxs.com
tmx.td.com
13.225.214.96
142.250.65.194
142.250.80.98
142.250.81.230
142.251.35.162
142.251.40.164
142.251.40.206
142.251.40.98
151.101.65.108
152.199.0.237
172.217.13.104
172.217.13.195
172.253.115.155
18.164.116.120
184.51.148.153
184.51.148.170
192.225.158.1
192.225.158.252
192.225.158.3
199.83.128.144
00f5f13f6f204b290b0577edf43e112dc301cf57b1e025fbabddf96950f6bb3b
015c3ea862abf5ff544f073178c60230695dcfb2c141f9154711c64fad4c365b
02de61be1f09c209d7ace91d1791c7faf14841379da3a89807b669e429d545dd
0373017fc21c582e0897f8f97d648ccc9fbd188a315b74940a86cbfdb4f361fb
0bd04a1810bb8dde0f29c7b4e3d05b8cb1d5b6d29397ad39b0101223282b2f02
0c101aa68ad229c333c5b47a0d7498f7c642e133349b19d7895026d93afbb049
0f00822f9ece9b35119961e49841737b03773f49cb47f4c993058adbde334a41
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
20a1ffafb4ac67e745c5f808633d36a6e97e0889d58bd49d700d229f8a38daee
2e3ef3ddcd9783167eb7025b00abacd1cfe842fe0b91d5f8b76d933ffa61ad31
2e3f935ac779b7440c7ce9981857ed58156acf3c0c4e65bac733b31210f6fb97
2f756735cc9373185086bec53761d4b488c2370a96fc3bec1b63acc4fb3c0d87
3134c4bd1bb04eb411157ee7f47c1b1ccd8cd0e989fe7a49fd1a6445a586f4f6
32222b656f5242cce6fcdff3ab1eb445adf790cdfa56a1e5649e70b87d0e4217
366bec560015662e811af39800a997f5067136f1e6852bf3193660050bd357b7
36cc118457cfdcf705f839079076fd82417a50940c786464c2f6550ff430a389
3a74d888d8047dc3ec33a7fecbae578ad225d55d079f68f8b5aec3999263af40
3b72af59b1d95751583f25bee44592d7026c8b9f6922fd5bfff7ecd961c6859c
43ad095f34da8d8d17e1aa49feec927460e0f3cd1d58448164d2f65c19477f97
43b3469225c3403353a31da959f680aecb0f0d27d2e65b88891335a115a242fe
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4a4e446e2cbc6e8216e062a089aa77861656c35e33e3cddf5dffd872ed9c6970
63fd05d4bb9fc1f32d5928248047b6bc7a219810cedd9708d8c514a018849c22
69285b92666d771f3ad19cd7cd53fbb19aab38854847350772b1837a4a2e523c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c5acbb82a46a4971660f65131241dffcc28828f4dbd76b8ec7bab0b468250f8
6df3a2c90c981cfdc1129c817eb96adc550c60d6e9dff4eb4bd3ef0e7096be59
79348fc78322847c4ea974326e8fe6ac72708c82eccdbb8eb52f525ef2e4b2ca
7e5806ff9baca6bd9fabf0270574f2e73efe3e3b2c791715da7e35180750fc6a
7f8f92a1913474ebb54f27bb9a908eb8006c76665ed14ed7ebea958b661b4b7a
8263dca9319e99b14190a28a9e19654949ae5fc7805a9ff211a8e2b0e8fcd45b
82e6f0f6c01462b56973940030d1225c4057f0b29208441d95ce4974eabcdc75
872c51c692ea100c30d2dedef5de15cb7c8ffb721f754c9a1b5916c428320ec4
8adf7be5e4b8e09896eb13e9eaa409a3bcf7d35a096c858127816cd520d8b13f
8d033583fc508bbfe6c204fda7dcc5af0a7d6ec1631c79892537fdc467d5f66b
8fbdd50c219ad46342f9c6ad2f55b00488a5fb1d4391a1e4a1685bf26725a9fa
90400b04843bd9ff25ca2b1864b794caf7f50dfd1171707339ab9c0cf63c78c7
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
a3ee664b3de72360fba0c99ad23ab06aa48a477a4735f01c48ba1ff62d0f77f0
a73ab71c9ffb7850a1b0e8f74ff8e1d911a6d52bfe4716da164667a8e2ba205d
aa8f02bc2135c52abc9c9f37faa64d38a02f802dbd97f62fbb3d43b99679caef
ab788df9ad1d274fb68c8fb6ad042e12a0eff85153a0bda2d263e6ae9308b6dc
acd67ad087fc6061dfdc4fb2c4ac89fb1cde0654225885b81a889dcbf75141d0
b003829e27c2fae081e1568a2cf86d0d65e6f2549c13ffd3ec394589e1bbfe69
c8e0f3a4b4db79e949af5d5d767c83b1d8167a92dcd40f095ed6e09d75f5eddc
c93e08afdf83b60a63e2473d39e6a30a5d6b63f0ddbc14fcb7d4c16023898bff
cf044ee628f324f14f2bd2752515da2d0f5c7c1700c14500538992979e7b5fbc
d1edfc0790366f7ad281548a12707239fe8d54f5e5ec09e08471fc7f1e4faf65
d3a4d2c04165a7a416b56752cbb6702a81c2ad907f27726554c2ec5105b97e0a
d3f18e2ccc9a3f85f1a928ddbaf749d5b656402f782845d6fe908f6ca2b45740
d49999a1317ad5863acc07dde1aa5f1282440ee94aa27a926dd740fa2ae58758
d6b16b0f2068f7256c58f598770ae2ab34dfa4a4add0316fdd5057b1953a408c
d883ed534d63691ca9274fa9e0ea217f0abef064ced7d321ad83772758f50cc0
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e409d5c97689db8631775a5d9d7156e7d41abb34ff20b8aa3512e08f66054c3b
e91b774938f8b38cb4d41cc9f5ba491c67a235d939cef54e90ea458a84120285
e9682e19c129f7675bf49c78b22a6fb88b0d7fe6442cb6f3e2b555b5e94bb3ca
ec6e2de5e83756b9791f3f6e699bf21fe550d00c8b7979d016ea1c88a46948f7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f70c47358b2aad72ecc69e8f7769194ac5ed8c91eec8796e38fd5a7049547710
f9d55134bb3aa85d3c867979221c355809cee58d6eda87c4e687499ef66cb23b