tdbank.banklocationmaps.ca Open in urlscan Pro
2606:4700:20::ac43:4746 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://tdbank.banklocationmaps.ca/en/branch/0.3619702446963833
Effective URL:
https://tdbank.banklocationmaps.ca/en/branch/0.3619702446963833
Submission: On March 14 via api (March 14th 2024, 12:37:39 am UTC) from US — Scanned from US

Summary HTTP 106 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 21 IPs in 2 countries across 13 domains to perform 106 HTTP transactions. The main IP is 2606:4700:20::ac43:4746, located in United States and belongs to CLOUDFLARENET, US. The main domain is tdbank.banklocationmaps.ca.
TLS certificate: Issued by E1 on February 20th 2024. Valid for: 3 months.

This is the only time tdbank.banklocationmaps.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:20:... 2606:4700:20::681a:802	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 10	2606:4700:20:... 2606:4700:20::ac43:4746	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2607:f8b0:400... 2607:f8b0:4006:81e::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:823::2008	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:816::200a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:824::2003	15169 (GOOGLE) (GOOGLE)
8	2607:f8b0:400... 2607:f8b0:4006:80e::2002	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:80e::200e	15169 (GOOGLE) (GOOGLE)
3	2620:100:a001... 2620:100:a001::24	19750 (AS-CRITEO) (AS-CRITEO)
9	2607:f8b0:400... 2607:f8b0:4006:80c::2001	15169 (GOOGLE) (GOOGLE)
2	2620:100:a001::3 2620:100:a001::3	19750 (AS-CRITEO) (AS-CRITEO)
19	2620:100:a001::4 2620:100:a001::4	19750 (AS-CRITEO) (AS-CRITEO)
2	74.119.119.147 74.119.119.147	19750 (AS-CRITEO) (AS-CRITEO)
1 2	104.26.9.177 104.26.9.177	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	68.67.161.182 68.67.161.182	29990 (ASN-APPNEX) (ASN-APPNEX)
11	2607:f8b0:400... 2607:f8b0:4006:823::200e	15169 (GOOGLE) (GOOGLE)
8	2620:100:a001::9 2620:100:a001::9	19750 (AS-CRITEO) (AS-CRITEO)
4	2620:100:a001... 2620:100:a001::16	19750 (AS-CRITEO) (AS-CRITEO)
3	2607:f8b0:400... 2607:f8b0:4006:80d::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2001:4860:480... 2001:4860:4802:32::3	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:808::2004	15169 (GOOGLE) (GOOGLE)
106	21

1 2606:4700:20::681a:802 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tdbank.banklocationmaps.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:20::ac43:4746 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tdbank.banklocationmaps.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2607:f8b0:4006:81e::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:823::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:816::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:824::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:80e::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80e::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:100:a001::24 (United States)

ASN19750 (AS-CRITEO, US)

ads.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4006:80c::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::3 (United States)

ASN19750 (AS-CRITEO, US)

rtb.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.119.119.147 (United States)

ASN19750 (AS-CRITEO, US)

cat.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.26.9.177 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

metrics.getrockerbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.161.182 (New York, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4006:823::200e (United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2620:100:a001::9 (United States)

ASN19750 (AS-CRITEO, US)

imageproxy.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:100:a001::16 (United States)

ASN19750 (AS-CRITEO, US)

csm.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80d::2003 (United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:808::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	criteo.net static.criteo.net — Cisco Umbrella Rank: 677 imageproxy.us.criteo.net — Cisco Umbrella Rank: 3146 csm.us.criteo.net — Cisco Umbrella Rank: 3267	682 KB
23	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 161	454 KB
12	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 647 www.google.com — Cisco Umbrella Rank: 2	71 KB
11	banklocationmaps.ca 2 redirects tdbank.banklocationmaps.ca	143 KB
8	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 35	52 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	173 KB
7	criteo.com ads.us.criteo.com — Cisco Umbrella Rank: 3191 rtb.va.us.criteo.com — Cisco Umbrella Rank: 6766 cat.va.us.criteo.com — Cisco Umbrella Rank: 3391	102 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	332 B
2	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 500	2 KB
2	getrockerbox.com 1 redirects metrics.getrockerbox.com — Cisco Umbrella Rank: 5162	989 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	2 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 228	5 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	88 KB
106	13

	Domain	Requested by
19	static.criteo.net	ads.us.criteo.com cdnjs.cloudflare.com tdbank.banklocationmaps.ca static.criteo.net
14	pagead2.googlesyndication.com	tdbank.banklocationmaps.ca pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
11	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
11	tdbank.banklocationmaps.ca	2 redirects tdbank.banklocationmaps.ca
9	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
8	imageproxy.us.criteo.net	ads.us.criteo.com
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	csi.gstatic.com	www.gstatic.com
4	csm.us.criteo.net	ads.us.criteo.com
3	www.gstatic.com	tdbank.banklocationmaps.ca googleads.g.doubleclick.net
3	ads.us.criteo.com	googleads.g.doubleclick.net www.gstatic.com
3	www.google-analytics.com	www.googletagmanager.com
2	secure.adnxs.com	2 redirects
2	metrics.getrockerbox.com	1 redirects ads.us.criteo.com
2	cat.va.us.criteo.com	ads.us.criteo.com
2	rtb.va.us.criteo.com	googleads.g.doubleclick.net
2	fonts.googleapis.com	tdbank.banklocationmaps.ca
1	www.google.com	tpc.googlesyndication.com
1	cdnjs.cloudflare.com	ads.us.criteo.com
1	fonts.gstatic.com	fonts.googleapis.com
1	www.googletagmanager.com	tdbank.banklocationmaps.ca
106	21

This site contains links to these domains. Also see Links.

Domain
www.banklocationmaps.ca
twitter.com
www.facebook.com

Subject Issuer	Validity	Valid
banklocationmaps.ca E1	`2024-02-20` - `2024-05-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.us.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-12` - `2024-04-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.va.us.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-31` - `2024-05-01`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-17` - `2024-05-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.us.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-29` - `2024-05-31`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://tdbank.banklocationmaps.ca/en/branch/0.3619702446963833
Frame ID: D3B2968E85C0C77676E1A166FFFA9835
Requests: 33 HTTP requests in this frame

Frame: https://tdbank.banklocationmaps.ca/cdn-cgi/challenge-platform/h/g/scripts/jsd/5b600c458061/main.js
Frame ID: 9A4B2E2CEA2EAEE20419C808ACD275DB
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240311/r20190131/zrt_lookup_fy2021.html
Frame ID: 961EAB811FB2B88B6C4E6CFD8244A4D3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0518266783580711&output=html&adk=1812271804&adf=3025194257&lmt=1710376655&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x675_l%7C164x675_r&format=0x0&url=https%3A%2F%2Ftdbank.banklocationmaps.ca%2Fen%2Fbranch%2F0.3619702446963833&pra=5&wgl=1&easpi=1&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710376654520&bpp=11&bdt=547&idt=635&shv=r20240311&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4413029614952&frm=20&pv=2&ga_vid=911329593.1710376655&ga_sid=1710376655&ga_hid=1470471678&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081576%2C95326317%2C95321957%2C95325784%2C95326917&oid=2&pvsid=1175264901329858&tmod=1454563762&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=652
Frame ID: EE4899EA759573356591FEC77ADAADA7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0518266783580711&output=html&h=280&adk=1213588912&adf=1994834710&pi=t.aa~a.2280143961~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1710376655&rafmt=1&to=qs&pwprc=1459622480&format=1200x280&url=https%3A%2F%2Ftdbank.banklocationmaps.ca%2Fen%2Fbranch%2F0.3619702446963833&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710376654532&bpp=1&bdt=558&idt=644&shv=r20240311&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4413029614952&frm=20&pv=1&ga_vid=911329593.1710376655&ga_sid=1710376655&ga_hid=1470471678&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081576%2C95326317%2C95321957%2C95325784%2C95326917&oid=2&pvsid=1175264901329858&tmod=1454563762&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=647
Frame ID: 2A08BD02C7506E2BBFDF7ACE0B071875
Requests: 8 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=ZfJGzwAEE_oE0bewAA-zJXO9Hyte1oC994BmRA&u=%7CU4pk0aDCdvsuAmZ8Gg9UNVxQnhPiLkur4pDQt9mJK7Y%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR7Ob23Zd9U92AwgV9_tmkG55DBWSh3N1mTNlLjGTiM8M90GWTd2XdULog6V9dxo2IaTzBA79fAUUkG_qOVNNtGPOat8btAJ6SwK1oaoGElQYazRgu3XeuQu-lqYZyfD7aukIF58XAQ1QsXD1e_HA3rSAHgj2mqarHRsq8gSPlxZe1SrwZsPZQ9OAEHCAFjwik3W-uUfAKFjhS_6YQ4QpWepHjfyJ09ZDi2BF_Tls5jXEpH0Duzwn3j8_-VlPfBpkKXcGEawFSLoSJoTW7yOh8zSkn6Y7ys0hjbu52jsGT4trGfd87hcnMYFoFCzKAuNagJNcIiug5DZkvy_reo_hdxdixM-pPcniZd2JvJYP1JiwN-dqk8_QpKaLLJzO31iEFVcTiXL62bdQ0e2Cbtti77NyzeuXKEIxtEavYbxcV_wQPItgzgqnFTaTXfGVr8c1lTqBesjlmTGgnbmcy9A7XJo8UbbSe1vYrd-qnfsI6_zA3AnlgCjg_wixzODm3Q2Dr6Wxcxl91YsGzHY2MyOcjy7AKcZ1QfoQ9yupM7tBeIJoWun9IrrOphPmhzB_NMRcKy0cZW91b6s2w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC90-Bz0byZfqnELDvxtYPpea-mA-cge-wXIqilqS0AcCNtwEQASAAYMnujovApIwQggEXY2EtcHViLTA1MTgyNjY3ODM1ODA3MTHIAQmoAwHIAwKqBKICT9AjflyOwy7W0rDvkxJAxr_lPVIrzikfPmqFnW2WbT3DgnBgWPElE4jewAx0_Ep4JNjanIhOcOBVFExcpqxJAxSuP1QcvIb5bAjmfovaGn2QEcoSBMHWdLfQjB7ILBoMio6F6Ts_Mdf-alB5sQHBMrorOmCtFLilVwAjJEkD2TiWrqBchq7nd_--t5U6AsqDfCw1HlK3PpiQ1Jjs8JpcvkvYtW5qRAJqOYb2h4GmD52OY4Y3D3Bt1SlWVGOdm75AJz2tFZigj5UqaPvh0ZfV60Y_AULu6_GDYLO9O735uLqGvdUWihFjX7NDfYe7rYyRAOCMEt0QDhg-zMAYV0nM6ehLpLnRTdaDK7JLbWKMM48a4tL_U-6CEviytE-U1R6S-7CABtyw2dGh0sfYWqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB62-sQLYBwDSCCIIgGEQATICigI6CYBAgMCAgICgCEi9_cE6WKCx4MfB8oQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1p6O5kw1VvVP72XJWXSKQIuJ93Sw%26client%3Dca-pub-0518266783580711%26adurl%3D
Frame ID: 5923B618567E1685B2CCBB01BF341A87
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-0518266783580711&output=html&h=60&adk=2499841291&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1710376656&rafmt=1&to=qs&pwprc=1459622480&format=1200x60&url=https%3A%2F%2Ftdbank.banklocationmaps.ca%2Fen%2Fbranch%2F0.3619702446963833&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710376656104&bpp=1&bdt=2131&idt=-M&shv=r20240311&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6d227dbbe549bb44%3AT%3D1710376655%3ART%3D1710376655%3AS%3DALNI_MbWKLqdNbFY4X0s85LKlsaKltBGZg&gpic=UID%3D00000dd24852da46%3AT%3D1710376655%3ART%3D1710376655%3AS%3DALNI_MbvRZzbw8VqCuk3-h8y3p2aKQrHpw&eo_id_str=ID%3D62dc43ded71d784b%3AT%3D1710376655%3ART%3D1710376655%3AS%3DAA-AfjaJ9cd0n9nmuzyL7khTAQVX&prev_fmts=0x0%2C1200x280&nras=3&correlator=4413029614952&frm=20&pv=1&ga_vid=911329593.1710376655&ga_sid=1710376655&ga_hid=1470471678&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1067&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081576%2C95326317%2C95321957%2C95325784%2C95326917&oid=2&psts=AOrYGsl34iSV_GeieByyRXyfYaWn2386vQ8lDJC2NlvGeRPNuuYw5FiYv2mkrvxxSl6FQNjHdw9o0jgyEEZ6Kos&pvsid=1175264901329858&tmod=1454563762&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=181
Frame ID: E84AF6FB8A28AF7FDE322EFBE709D039
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240311/r20110914/zrt_lookup_fy2021.html
Frame ID: 5F9DA4F1C28C06869982A04C8CAB803C
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240311/r20110914/zrt_lookup_fy2021.html
Frame ID: ED52F82972EB0248E3584D2FA2BCE665
Requests: 8 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto
Frame ID: 1DC98E5B4CC529A944496D9338571BAB
Requests: 10 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=ZfJGzwAECCkBd4A4AAzTToxJsebN6TLlOiCQ6A&u=%7CU4pk0aDCdvurUeg9O5zT0kdfimnK4oKAidpLh7hcYH0%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78xlqbSNeXpMmJA9kPPxi-QXsNLSO9_0ZkFNPbfBnbwNHeoXnIwPYftHbkxocnculgsD5AhGiLf9i4STKlkbGqmEuudnAKGWl0bMJ49wO8cap0yDawh2lVuE0QvFUG8eHctUSvCih6E3u3ROXv_SNsz2mtAzx9HHXiEE5QFScXiu9qYBZbV_fh0lViX_Naqo3VLzD5QLTGwd_sunSNZkc9-Ogl93H3_fENa9WQlhZptZIMhLMmZ3ck74IndwzP0uj1groGJn1NqvAoegggAmMnwu0LKk-zrgylpYm1_xXpRczJG6srwjyfesdN9Mo6gIabYjJLkwfHTmiqXV9LVGQzIhc-ag3QFLnVJNMeLn1qip28ZtnxNOV1GaJzBaf1OU1NZbamF95TyIGApMt47ccLWe4FSybvZuooXEe6MaZ-6iM-jzLZX9Ki8RdOD9lRSVjZ7T8_uk73LZq9wCv9N8AR1NdIin1o8zEShCGKF7FpiTYWZCg4WBV08NGpdiDDqIGl9R-4p4aN4lxm5H2hXqO-T-Cqq-ICb_o2WMEY3taKKiOvTM5ZJeSYDxu_2bk78uqfSqZsEPJoMKk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClBmZz0byZamQELiA3rsPzqazuAqcge-wXIqilqS0AcCNtwEQASAAYMnujovApIwQggEXY2EtcHViLTA1MTgyNjY3ODM1ODA3MTHIAQmoAwHIAwKqBKICT9AjOTda5ZVaPWkptVScGIDAj8Vc7x3wq91mNanoi_sBh3gWZS59iiNqz0B8-IH7akZznp8MlJr_FuKJaOeOWdfi1OwiJL0QQUewaQ9hkEcbMTloxx2-hIvgRoCJ99PFr1-tWZ8OPI5bqeN9PRjSsfcEZfwlWUiQtgcc0aatRApvVVh4MVER8x0h0WTdHsXAqL-DY3IZTomqG4u4CLHIqSv1b96It4p2DZU7beySuXtofoxpfFcyClngYySBBiuy3slpRYLxPFv_YvIJC9pF8sAQCtAWlYeQWbpgo8FaBTMGAmNt7pT7h5pCyP-S04x3jWiDju_lPY8wT7Ttr7Lc_mrPOI6OHcKFiN8nYcY0G1E35tht-gkZnpI7UqkD0uGH7iyABqzSmYXU0qneMqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB62-sQLYBwDSCCIIgGEQATICigI6CYBAgMCAgICgKEi9_cE6WIGT4MfB8oQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1eB-DrJlZoR0B8QfVUYQ8VkqvK9g%26client%3Dca-pub-0518266783580711%26adurl%3D
Frame ID: D62C1E359058100301D6B81F90E03F12
Requests: 21 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6001638BA92C94FE9D7A4431E3849F31
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3B33AEBA3FF84C6B24B9B18579444374
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Page not found

Page URL History Show full URLs

http://tdbank.banklocationmaps.ca/en/branch/0.3619702446963833 HTTP 301
https://tdbank.banklocationmaps.ca/en/branch/0.3619702446963833 Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

106
Requests

98 %
HTTPS

86 %
IPv6

13
Domains

21
Subdomains

21
IPs

2
Countries

1771 kB
Transfer

3730 kB
Size

13
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.banklocationmaps.ca/en
Title: Bank Location Maps

Search URL Search Domain Scan URL

URL: https://www.banklocationmaps.ca/en/contact
Title: Contact

Search URL Search Domain Scan URL

URL: https://www.banklocationmaps.ca/en/copyright-notice
Title: Copyright Notice

Search URL Search Domain Scan URL

URL: https://www.banklocationmaps.ca/en/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.banklocationmaps.ca/en/terms-of-service
Title: Terms Of Service

Search URL Search Domain Scan URL

URL: https://twitter.com/BankLocationMap

Search URL Search Domain Scan URL

URL: https://www.facebook.com/BankLocationMaps

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://tdbank.banklocationmaps.ca/en/branch/0.3619702446963833 HTTP 301
https://tdbank.banklocationmaps.ca/en/branch/0.3619702446963833 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://tdbank.banklocationmaps.ca/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://tdbank.banklocationmaps.ca/cdn-cgi/challenge-platform/h/g/scripts/jsd/5b600c458061/main.js

Request Chain 30

https://metrics.getrockerbox.com/track/v4?source=basics-wallet&tier_one=criteo&tier_two=343905&tier_three=11239559&tier_four=1200x280&auction_id=65f246ce4d3adb25c34a80f2874e54a3 HTTP 302
https://secure.adnxs.com/getuid?https%3A%2F%2Fmetrics.getrockerbox.com%2Ftrack%2Fv4%3Fuid%3D%24UID%26source%3Dbasics-wallet%26tier_one%3Dcriteo%26tier_two%3D343905%26tier_three%3D11239559%26tier_four%3D1200x280%26auction_id%3D65f246ce4d3adb25c34a80f2874e54a3%26uid_ts%3D1710376656 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmetrics.getrockerbox.com%252Ftrack%252Fv4%253Fuid%253D%2524UID%2526source%253Dbasics-wallet%2526tier_one%253Dcriteo%2526tier_two%253D343905%2526tier_three%253D11239559%2526tier_four%253D1200x280%2526auction_id%253D65f246ce4d3adb25c34a80f2874e54a3%2526uid_ts%253D1710376656 HTTP 302
https://metrics.getrockerbox.com/track/v4?uid=2359607504706700967&source=basics-wallet&tier_one=criteo&tier_two=343905&tier_three=11239559&tier_four=1200x280&auction_id=65f246ce4d3adb25c34a80f2874e54a3&uid_ts=1710376656

106 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

404

Primary Request 0.3619702446963833 Show response
tdbank.banklocationmaps.ca/en/branch/
Redirect Chain

http://tdbank.banklocationmaps.ca/en/branch/0.3619702446963833
https://tdbank.banklocationmaps.ca/en/branch/0.3619702446963833

10 KB
4 KB

963ms
382ms

Document
text/html

2606:4700:20::ac43:4746
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tdbank.banklocationmaps.ca/en/branch/0.3619702446963833

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4746 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

340ef860c261eac3877eb68f69737e1982dbfc4c94f56ba8f1e7d20ebe374d17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 864032253c457d0b-EWR
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 14 Mar 2024 00:37:33 GMT
fly-region: iad
fly-request-id: 01HRX69504H71346TVB7W8RFVE-dfw
link: </assets/application-88a37026debb5f421773b39cf3b33f6885be4c444179282f6f98291ce5f5bc51.css>; rel=preload; as=style; nopush,</assets/application-c09f9179225e80274a71fa58bc3d0a9ca7eba604abfb706cdbbb00a974ee52ad.js>; rel=preload; as=script; nopush
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FE9Nn%2BQmLQk%2BIL2lHfw8iK3XVkQoxbcQ5bJTYZ7tFIayiWONbALr0jILdMRMUSGYbyD9uy%2FbgZ0Z%2FYLjwxfHbAoiIc7HCMQV8Wo7HFSdFsV7JHj071xHxJJ4wzdLyU5gvVieUj3pQcNDMHWzFeDsDRZr1QeXHgG6"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
via: 1.1 fly.io
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 9d123033-7095-4ee7-a942-0d3a325c8ebe
x-runtime: 0.020994
x-xss-protection: 0

Redirect headers

CF-RAY: 86403220d8191778-EWR
Cache-Control: max-age=3600
Connection: keep-alive
Date: Thu, 14 Mar 2024 00:37:32 GMT
Expires: Thu, 14 Mar 2024 01:37:32 GMT
Location: https://tdbank.banklocationmaps.ca/en/branch/0.3619702446963833
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TaMX4AZco5au0vt6fVJNWOl%2FIGUxKZm8ESXt060aTukZaqP5gSZo1EtWBdA0XQiSyuFwpEkYGvRRyZ35U%2BC6w6pwCO3pQjK0zJqESNXrzbCsnAAf1qOJEyPzTkw9ZtcZPW62r2IrLX%2BYJkUmfy%2FzAglK%2FFyHMqNH"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 application-88a37026debb5f421773b39cf3b33f6885be4c444179282f6f98291ce5f5bc51.css
tdbank.banklocationmaps.ca/assets/ 136 KB
24 KB 103ms
102ms Stylesheet
text/css 2606:4700:20::ac43:4746
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tdbank.banklocationmaps.ca/assets/application-88a37026debb5f421773b39cf3b33f6885be4c444179282f6f98291ce5f5bc51.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4746 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf8f953ce6cb8a794bb7a59a326b73dad93a341e1a74fd03a921c85a44b10f1c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tdbank.banklocationmaps.ca/en/branch/0.3619702446963833
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 00:37:34 GMT
via: 1.1 fly.io
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 23762
cf-polished: origSize=141456
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
fly-request-id: 01HR6WS2P5WYW1VAYM5ZKWGEKG-dfw
server: cloudflare
last-modified: Sun, 25 Feb 2024 02:12:20 GMT
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nb2NjjIfmOb%2B3GQOIAWWxoiHkow4VZv4CbYr8J0KsX2N%2FnskHz8i0pNn%2BkGPJXhceHDoQJCO3MHgfW5ahr6e%2BuHuoUcsdC%2BXIP0H28PKY%2FM4MnS7rLU9YDgg2Q8JwK%2BsxbCQjzBaY1a2gPXyQJ2RC1SYrAyD3ALx"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, immutable
cf-ray: 86403227afa37d0b-EWR
expires: Wed, 05 Mar 2025 08:30:50 GMT

GET
H2 200 application-c09f9179225e80274a71fa58bc3d0a9ca7eba604abfb706cdbbb00a974ee52ad.js Show response
tdbank.banklocationmaps.ca/assets/ 105 KB
37 KB 106ms
105ms Script
application/javascript 2606:4700:20::ac43:4746
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tdbank.banklocationmaps.ca/assets/application-c09f9179225e80274a71fa58bc3d0a9ca7eba604abfb706cdbbb00a974ee52ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4746 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ecc573b27ab4d078257403dd3270d2a8fc6e5c4e248087d03e033043c6bd15d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tdbank.banklocationmaps.ca/en/branch/0.3619702446963833
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 00:37:34 GMT
via: 1.1 fly.io
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32638
cf-polished: origSize=107263
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
fly-request-id: 01HR6V1R84XZ9YVZQBZFDHCG1X-dfw
server: cloudflare
last-modified: Sun, 25 Feb 2024 02:12:20 GMT
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kn2Pvk7Kw2569apufwMrw%2Fy%2BTIAYfRVIcOvnu1HORGc19gLZl3tNe8gGdd1iwZHpNVfmSrdYGN%2BUV1eykI2%2FmluXoSbIyyS29MoT87EfKQpYBGYW6nrtZemwUYB5n2VULq6Mlss64XicJNdNbv4sl%2Blw7tM0poji"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, immutable
cf-ray: 86403227afa77d0b-EWR
expires: Wed, 05 Mar 2025 08:12:48 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
50 KB 289ms
145ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-0518266783580711

Requested by

Host: tdbank.banklocationmaps.ca
URL: https://tdbank.banklocationmaps.ca/en/branch/0.3619702446963833

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a19fa748698c4d7f5fb2c5909be32eefdad86ab21c44e8dfc33ddbd352430fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tdbank.banklocationmaps.ca/
Origin: https://tdbank.banklocationmaps.ca
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 00:37:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51038
x-xss-protection: 0
server: cafe
etag: 13173869755409648465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Thu, 14 Mar 2024 00:37:34 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 253 KB
88 KB 293ms
126ms Script
application/javascript 2607:f8b0:4006:823::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-H6HE8K8FPW

Requested by

Host: tdbank.banklocationmaps.ca
URL: https://tdbank.banklocationmaps.ca/en/branch/0.3619702446963833

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

07c09a241dda6e6032cb2df8b495b34f6a7b62f847a3df04325397308c3e05fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tdbank.banklocationmaps.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 00:37:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89610
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 14 Mar 2024 00:37:34 GMT

GET
H3 200 logo-46c6e94d2838cb7a6f8e8081af3cf38665429230e3a1918a8fe19f77f2f0c186.webp
tdbank.banklocationmaps.ca/assets/ 2 KB
2 KB 139ms
138ms Image
image/webp 2606:4700:20::ac43:4746
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tdbank.banklocationmaps.ca/assets/logo-46c6e94d2838cb7a6f8e8081af3cf38665429230e3a1918a8fe19f77f2f0c186.webp
Requested by: Host: tdbank.banklocationmaps.ca
URL: https://tdbank.banklocationmaps.ca/en/branch/0.3619702446963833
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4746 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9260386bd75efb7e5895d5d7c723ed642a4ef66484f4b5812871fc4fb61c7ae4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tdbank.banklocationmaps.ca/en/branch/0.3619702446963833
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 00:37:34 GMT
via: 1.1 fly.io
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 27909
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 25 Feb 2024 02:12:20 GMT
fly-request-id: 01HR6WS3ETVE6BB8S2SEX2347Y-dfw
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GJOGPx9Zu3N5EQ699g5oSdFYki4kSM8RbJT0i7p5V7cfkLT6iE4Ur5LmFQk71dCIMG%2BBxOJrsnej1LPsFzqpHO5DOwSyubH%2FI7UZBO61g2gONMiAdRLsPKFr8I%2FpAAAxmQY1al8ifjaRwQVQRi5XOtMx78IdCdRc"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
cache-control: public, max-age=2592000, immutable
cf-ray: 86403229fdc64297-EWR
expires: Tue, 25 Feb 2025 03:43:28 GMT

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1 KB 235ms
91ms Stylesheet
text/css 2607:f8b0:4006:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Rubik:300,400,500,700&display=swap

Requested by

Host: tdbank.banklocationmaps.ca
URL: https://tdbank.banklocationmaps.ca/assets/application-88a37026debb5f421773b39cf3b33f6885be4c444179282f6f98291ce5f5bc51.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

754cd8295e7ca9abac9b59954b4eb8c0b2f4ffcf1df0adfb8a68e14fe6ed0dd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tdbank.banklocationmaps.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 14 Mar 2024 00:37:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 00:07:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Mar 2024 00:37:34 GMT

GET
H3 200 logo-46c6e94d2838cb7a6f8e8081af3cf38665429230e3a1918a8fe19f77f2f0c186.webp
tdbank.banklocationmaps.ca/assets/ 2 KB
2 KB 393ms
392ms Image
image/webp 2606:4700:20::ac43:4746
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tdbank.banklocationmaps.ca/assets/logo-46c6e94d2838cb7a6f8e8081af3cf38665429230e3a1918a8fe19f77f2f0c186.webp
Requested by: Host: tdbank.banklocationmaps.ca
URL: https://tdbank.banklocationmaps.ca/en/branch/0.3619702446963833
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4746 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9260386bd75efb7e5895d5d7c723ed642a4ef66484f4b5812871fc4fb61c7ae4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tdbank.banklocationmaps.ca/en/branch/0.3619702446963833
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 00:37:34 GMT
via: 1.1 fly.io
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 27909
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 25 Feb 2024 02:12:20 GMT
fly-request-id: 01HR6WS3ETVE6BB8S2SEX2347Y-dfw
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o6rscDi2fkm9eL95zo5CSfcPXwZ1K5PIAE6Lc6q4txyzzQ%2Bhs9bvS%2BCDCHJ%2BzJWA4snJp8mLvWBv5dIe8aYZoNWCnPVOcGKT6NXV7ENZvqCyh72U6dXAfDSXAHoWKnU69LRiok9IX0lXTT%2F1KgfKhmWf3NPv0ytG"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
cache-control: public, max-age=2592000, immutable
cf-ray: 86403229fdc84297-EWR
expires: Tue, 25 Feb 2025 03:43:28 GMT

GET
H3 200 application-banner-lg-86c8a71ab36c5fff2cd387372641b85fbe54e87e18871eecbd0c44af661377a2.jpg
tdbank.banklocationmaps.ca/assets/ 31 KB
31 KB 140ms
140ms Image
image/jpeg 2606:4700:20::ac43:4746
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tdbank.banklocationmaps.ca/assets/application-banner-lg-86c8a71ab36c5fff2cd387372641b85fbe54e87e18871eecbd0c44af661377a2.jpg
Requested by: Host: tdbank.banklocationmaps.ca
URL: https://tdbank.banklocationmaps.ca/assets/application-88a37026debb5f421773b39cf3b33f6885be4c444179282f6f98291ce5f5bc51.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4746 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83aee87a0d017ccbef691515af8b09f6992dc83e82ef0b2bcbfdf70a02afc347

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tdbank.banklocationmaps.ca/assets/application-88a37026debb5f421773b39cf3b33f6885be4c444179282f6f98291ce5f5bc51.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 00:37:34 GMT
via: 1.1 fly.io
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32509
cf-polished: degrade=85, origSize=50033
alt-svc: h3=":443"; ma=86400
cf-bgj: imgq:85,h2pri
fly-request-id: 01HRE88GDEEZ437CAGN4M7H26Q-dfw
server: cloudflare
last-modified: Sun, 25 Feb 2024 02:12:20 GMT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NCjeVRDACbYVi1azlsgBgXftm%2BuYMSE7mbh14nJCdLbd7bRHCfpnrZM9X5CpAtuPMTHCMFTfwZxiBLdWTnCVrPn4omO5BTvAXSrJGsY02QiR9FHNXc%2FQB9Lhw9AmnqCFgdeJvq3F66y%2Fab2WtIdZxkyvx%2BeY9%2B8T"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, immutable
cf-ray: 86403229fde74297-EWR
expires: Sat, 08 Mar 2025 05:19:33 GMT

GET
H2 200 iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v28/ 35 KB
35 KB 263ms
86ms Font
font/woff2 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v28/iJWKBXyIfDnIV7nBrXw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rubik:300,400,500,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tdbank.banklocationmaps.ca
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 20:53:40 GMT
x-content-type-options: nosniff
age: 13434
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35448
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 16:14:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Mar 2025 20:53:40 GMT

GET
H3 200 application-icons-60f206fde945d87bc301aabb67e9c539c6318b5d3151e788dfe71b944139b01c.woff2
tdbank.banklocationmaps.ca/assets/ 35 KB
35 KB 391ms
391ms Font
application/font-woff2 2606:4700:20::ac43:4746
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tdbank.banklocationmaps.ca/assets/application-icons-60f206fde945d87bc301aabb67e9c539c6318b5d3151e788dfe71b944139b01c.woff2
Requested by: Host: tdbank.banklocationmaps.ca
URL: https://tdbank.banklocationmaps.ca/assets/application-88a37026debb5f421773b39cf3b33f6885be4c444179282f6f98291ce5f5bc51.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4746 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29a60e249819b8675c9d0cf865d060af4cff817564c9eae9fc7e3c81b60dbfe3

Request headers

Referer: https://tdbank.banklocationmaps.ca/assets/application-88a37026debb5f421773b39cf3b33f6885be4c444179282f6f98291ce5f5bc51.css
Origin: https://tdbank.banklocationmaps.ca
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 00:37:34 GMT
via: 1.1 fly.io
cf-cache-status: HIT
last-modified: Sun, 25 Feb 2024 02:12:20 GMT
fly-request-id: 01HR6WS2P64F92V56JRC6REYWV-dfw
server: cloudflare
age: 18916
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W3k6zvZMSrIP4Xzha%2FYLdrvT%2Fs2YXOQfsBOuCDuGa6NXYVfLzbc8T7pgAkNIyndy8YKuwIcVxuY5khTiNZcWzTaIEUxSsGnm8qlkuBo0Jc3JewY2HFxB7NTQc2duHoglqkISfanX4KuX966uI6IELpEjVEsjLOUl"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
cache-control: public, max-age=2592000, immutable
cf-ray: 8640322a0e014297-EWR
alt-svc: h3=":443"; ma=86400
expires: Tue, 25 Feb 2025 03:43:28 GMT

GET
H3

200

main.js Show response
tdbank.banklocationmaps.ca/cdn-cgi/challenge-platform/h/g/scripts/jsd/5b600c458061/ Frame 9A4B
Redirect Chain

https://tdbank.banklocationmaps.ca/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://tdbank.banklocationmaps.ca/cdn-cgi/challenge-platform/h/g/scripts/jsd/5b600c458061/main.js

8 KB
4 KB

112ms
112ms

Script
application/javascript

2606:4700:20::ac43:4746
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tdbank.banklocationmaps.ca/cdn-cgi/challenge-platform/h/g/scripts/jsd/5b600c458061/main.js

Requested by

Host: tdbank.banklocationmaps.ca
URL: https://tdbank.banklocationmaps.ca/en/branch/0.3619702446963833

Protocol

Server

2606:4700:20::ac43:4746 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e86ae6dfc4d070a2150b62f73be4bfd9ed2fe69870500729c99db9a5e68b190d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 00:37:34 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bd1GbuIBi%2Bu2RUzArwZiyTIRwFU7pzD1RKvkmYHxl%2BgRFIx%2FmK4m1q%2BJCB%2FYpLMsfCI3fsjVZcROlWnjKQhz1XVuDtfEI6WPchD1zMoXIC%2FPYuBtnj52W53DGOaqg5%2BGreKF0YnnOw4rytMNcrZ8gXycK5D4l0Z7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 8640322d9a7e4297-EWR
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Thu, 14 Mar 2024 00:37:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jWEv7hUJKg84y268kWUdOh9Iv9t024Usspr67skuTIzzrxhqS3FiMjCWfKrkx5LdlxEkIkoof0GMOT8csB1T3WnJrUGuUTqu3Y3budJ%2F8KVW8szeGcSywhkSmXMTnS3a1pYX15lIdv7lqfq1DPdLnlwl2KnSQWmW"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/5b600c458061/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 8640322a3e534297-EWR
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/ 405 KB
138 KB 323ms
158ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-0518266783580711

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df5c362f10490acc9af44b0ce14030c2cadc4a6f43969b1ced175000e742e84a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tdbank.banklocationmaps.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 00:37:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140957
x-xss-protection: 0
server: cafe
etag: 1249423965622443797
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Mar 2024 00:37:34 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240311/r20190131/ Frame 961E 9 KB
4 KB 238ms
68ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240311/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-0518266783580711

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tdbank.banklocationmaps.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 13321
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Mar 2024 20:55:33 GMT
etag: 5035419970550746386
expires: Wed, 27 Mar 2024 20:55:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
261 B 230ms
93ms Ping
text/plain 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-H6HE8K8FPW&gtm=45je43b0v895244990za200&_p=1710376654335&gcd=13l3l3l3l1&npa=0&dma=0&cid=911329593.1710376655&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1710376654&sct=1&seg=0&dl=https%3A%2F%2Ftdbank.banklocationmaps.ca%2Fen%2Fbranch%2F0.3619702446963833&dt=Page%20not%20found&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2097
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H6HE8K8FPW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tdbank.banklocationmaps.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Mar 2024 00:37:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tdbank.banklocationmaps.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 864032253c457d0b Show response
tdbank.banklocationmaps.ca/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 9A4B 0
612 B 300ms
296ms XHR
text/plain 2606:4700:20::ac43:4746
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tdbank.banklocationmaps.ca/cdn-cgi/challenge-platform/h/g/jsd/r/864032253c457d0b
Requested by: Host: tdbank.banklocationmaps.ca
URL: https://tdbank.banklocationmaps.ca/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4746 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 14 Mar 2024 00:37:35 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LgLdQ5NG1UosttlsCl1PxcW7sTr6FdVCKINZhnlKPB8ppdL2UCSq6A0qq8O3tORSRANyP%2F8rHPRJQ7FXNL3onDfWoi8TlVjVJ2xKvG9SpRvvHyZzFSl7VVYsTVfmXWHRrxenicKtMJS7ApeW%2F%2B5FFGz4B1F84nDV"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 8640322f1c114297-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EE48 108 KB
24 KB 703ms
702ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0518266783580711&output=html&adk=1812271804&adf=3025194257&lmt=1710376655&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x675_l%7C164x675_r&format=0x0&url=https%3A%2F%2Ftdbank.banklocationmaps.ca%2Fen%2Fbranch%2F0.3619702446963833&pra=5&wgl=1&easpi=1&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710376654520&bpp=11&bdt=547&idt=635&shv=r20240311&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4413029614952&frm=20&pv=2&ga_vid=911329593.1710376655&ga_sid=1710376655&ga_hid=1470471678&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081576%2C95326317%2C95321957%2C95325784%2C95326917&oid=2&pvsid=1175264901329858&tmod=1454563762&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=652

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc65e18483f5ea3b9afa3f7c83e818bdbd81c55287c90a149cd3b82997e6a0aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tdbank.banklocationmaps.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 24848
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Mar 2024 00:37:35 GMT
expires: Thu, 14 Mar 2024 00:37:35 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2A08 36 KB
15 KB 307ms
307ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0518266783580711&output=html&h=280&adk=1213588912&adf=1994834710&pi=t.aa~a.2280143961~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1710376655&rafmt=1&to=qs&pwprc=1459622480&format=1200x280&url=https%3A%2F%2Ftdbank.banklocationmaps.ca%2Fen%2Fbranch%2F0.3619702446963833&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710376654532&bpp=1&bdt=558&idt=644&shv=r20240311&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4413029614952&frm=20&pv=1&ga_vid=911329593.1710376655&ga_sid=1710376655&ga_hid=1470471678&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081576%2C95326317%2C95321957%2C95325784%2C95326917&oid=2&pvsid=1175264901329858&tmod=1454563762&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=647

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e4104bcdb7854ff5a09ef9d37fb49632acd44a0dcde2a11ec4304da1d0b0d65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tdbank.banklocationmaps.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 14664
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Mar 2024 00:37:35 GMT
expires: Thu, 14 Mar 2024 00:37:35 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 afr.php Show response
ads.us.criteo.com/delivery/r/ Frame 5923 128 KB
45 KB 382ms
153ms Document
text/html 2620:100:a001::24
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=ZfJGzwAEE_oE0bewAA-zJXO9Hyte1oC994BmRA&u=%7CU4pk0aDCdvsuAmZ8Gg9UNVxQnhPiLkur4pDQt9mJK7Y%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR7Ob23Zd9U92AwgV9_tmkG55DBWSh3N1mTNlLjGTiM8M90GWTd2XdULog6V9dxo2IaTzBA79fAUUkG_qOVNNtGPOat8btAJ6SwK1oaoGElQYazRgu3XeuQu-lqYZyfD7aukIF58XAQ1QsXD1e_HA3rSAHgj2mqarHRsq8gSPlxZe1SrwZsPZQ9OAEHCAFjwik3W-uUfAKFjhS_6YQ4QpWepHjfyJ09ZDi2BF_Tls5jXEpH0Duzwn3j8_-VlPfBpkKXcGEawFSLoSJoTW7yOh8zSkn6Y7ys0hjbu52jsGT4trGfd87hcnMYFoFCzKAuNagJNcIiug5DZkvy_reo_hdxdixM-pPcniZd2JvJYP1JiwN-dqk8_QpKaLLJzO31iEFVcTiXL62bdQ0e2Cbtti77NyzeuXKEIxtEavYbxcV_wQPItgzgqnFTaTXfGVr8c1lTqBesjlmTGgnbmcy9A7XJo8UbbSe1vYrd-qnfsI6_zA3AnlgCjg_wixzODm3Q2Dr6Wxcxl91YsGzHY2MyOcjy7AKcZ1QfoQ9yupM7tBeIJoWun9IrrOphPmhzB_NMRcKy0cZW91b6s2w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC90-Bz0byZfqnELDvxtYPpea-mA-cge-wXIqilqS0AcCNtwEQASAAYMnujovApIwQggEXY2EtcHViLTA1MTgyNjY3ODM1ODA3MTHIAQmoAwHIAwKqBKICT9AjflyOwy7W0rDvkxJAxr_lPVIrzikfPmqFnW2WbT3DgnBgWPElE4jewAx0_Ep4JNjanIhOcOBVFExcpqxJAxSuP1QcvIb5bAjmfovaGn2QEcoSBMHWdLfQjB7ILBoMio6F6Ts_Mdf-alB5sQHBMrorOmCtFLilVwAjJEkD2TiWrqBchq7nd_--t5U6AsqDfCw1HlK3PpiQ1Jjs8JpcvkvYtW5qRAJqOYb2h4GmD52OY4Y3D3Bt1SlWVGOdm75AJz2tFZigj5UqaPvh0ZfV60Y_AULu6_GDYLO9O735uLqGvdUWihFjX7NDfYe7rYyRAOCMEt0QDhg-zMAYV0nM6ehLpLnRTdaDK7JLbWKMM48a4tL_U-6CEviytE-U1R6S-7CABtyw2dGh0sfYWqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB62-sQLYBwDSCCIIgGEQATICigI6CYBAgMCAgICgCEi9_cE6WKCx4MfB8oQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1p6O5kw1VvVP72XJWXSKQIuJ93Sw%26client%3Dca-pub-0518266783580711%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0518266783580711&output=html&h=280&adk=1213588912&adf=1994834710&pi=t.aa~a.2280143961~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1710376655&rafmt=1&to=qs&pwprc=1459622480&format=1200x280&url=https%3A%2F%2Ftdbank.banklocationmaps.ca%2Fen%2Fbranch%2F0.3619702446963833&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710376654532&bpp=1&bdt=558&idt=644&shv=r20240311&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4413029614952&frm=20&pv=1&ga_vid=911329593.1710376655&ga_sid=1710376655&ga_hid=1470471678&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081576%2C95326317%2C95321957%2C95325784%2C95326917&oid=2&pvsid=1175264901329858&tmod=1454563762&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=647

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

11af530537e23dff21d8989d86f34f5b5028d0c3af5593af84f82fdf67d26f33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 14 Mar 2024 00:37:34 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=BSiIMCYUJRE_tY5alCkgSo4SjolCm6c3HcFd93hqfXu3U0EoohOnEPv4P0wq3d4x2d_sfj87HDUC8MWuI9rfzW5GB-pUz67itYDuH5i4jAfOJj2fZOiXFoLkms3pqp_jeSKZMsI69WcNpcxxiHkspkzn-I8pE9_u-s1pXZuTB3VMtWF22yzu070mqfXTuNMkd_Rc9HHDwmWEc--9DmSOuBpUtA--qbWLLmiwA1mw_D_UHBlJ47XEt58GMyyaPCZuvt-SJQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 45740318
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240311/r20110914/client/ Frame 2A08 3 KB
1 KB 228ms
67ms Script
text/javascript 2607:f8b0:4006:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240311/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 20:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13482
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Mar 2024 20:52:53 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240311/r20110914/client/ Frame 2A08 20 KB
8 KB 217ms
56ms Script
text/javascript 2607:f8b0:4006:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240311/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

594ea28ece633b47536a3549082809e82c6772e5f2f324f26f8bc0f5de6842d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 20:47:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13790
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8219
x-xss-protection: 0
server: cafe
etag: 17239101513064691842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Mar 2024 20:47:45 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 2A08 208 KB
63 KB 57ms
57ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3edca7294f70460740b307b1b70e7356a6165cb7a76c774f65398d0d052ac8c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 00:21:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 989
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64315
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 14 Mar 2024 01:21:06 GMT

GET
DATA 200
OK truncated
/ Frame 2A08 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 515d5aa324d649e106651802a86f51eed88830e698a53f0573678f26ad21523b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 collect
www.google-analytics.com/g/ 0
54 B 66ms
65ms Ping
text/plain 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-H6HE8K8FPW&gtm=45je43b0v895244990za200&_p=1710376654335&gcd=13l3l3l3l1&npa=0&dma=0&cid=911329593.1710376655&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEA&_s=2&sid=1710376654&sct=1&seg=0&dl=https%3A%2F%2Ftdbank.banklocationmaps.ca%2Fen%2Fbranch%2F0.3619702446963833&dt=Page%20not%20found&en=scroll&epn.percent_scrolled=90&_et=11&tfd=3078
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H6HE8K8FPW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tdbank.banklocationmaps.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Mar 2024 00:37:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tdbank.banklocationmaps.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2A08 0
23 B 123ms
122ms Image
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Css9xz0byZfqnELDvxtYPpea-mA-cge-wXIqilqS0AcCNtwEQASAAYMnujovApIwQggEXY2EtcHViLTA1MTgyNjY3ODM1ODA3MTHIAQmoAwHIAwKqBJ8CT9AjflyOwy7W0rDvkxJAxr_lPVIrzikfPmqFnW2WbT3DgnBgWPElE4jewAx0_Ep4JNjanIhOcOBVFExcpqxJAxSuP1QcvIb5bAjmfovaGn2QEcoSBMHWdLfQjB7ILBoMio6F6Ts_Mdf-alB5sQHBMrorOmCtFLilVwAjJEkD2TiWrqBchq7nd_--t5U6AsqDfCw1HlK3PpiQ1Jjs8JpcvkvYtW5qRAJqOYb2h4GmD52OY4Y3D3Bt1SlWVGOdm75AJz2tFZigj5UqaPvh0ZfV60Y_AULu6_GDYLO9O735uLqGvdUWihFjX7NDfYe7rYyRAOCMEt0QDhg-zIIad9sKVAMxLVLumVq6zBb6YkqFHZfeeSGF2ic8DNSqNYsA7PmABtyw2dGh0sfYWqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB62-sQLYBwDSCCIIgGEQATICigI6CYBAgMCAgICgCEi9_cE6WKCx4MfB8oQDgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTA1MTgyNjY3ODM1ODA3MTEYAA&sigh=uDc_yECEABA&uach_m=%5BUACH%5D&cid=CAQSTgB7FLtqqUZkr6UG84Ec68rAKXOzcP11uUH-9DR35LKLSkDwvrIYUdI3Sn1ywgGOGdd-GPvVhX9iTbyzuMoMPWPcVd1yZaiI1Lw_cKn8rRgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0518266783580711&output=html&h=280&adk=1213588912&adf=1994834710&pi=t.aa~a.2280143961~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1710376655&rafmt=1&to=qs&pwprc=1459622480&format=1200x280&url=https%3A%2F%2Ftdbank.banklocationmaps.ca%2Fen%2Fbranch%2F0.3619702446963833&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710376654532&bpp=1&bdt=558&idt=644&shv=r20240311&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4413029614952&frm=20&pv=1&ga_vid=911329593.1710376655&ga_sid=1710376655&ga_hid=1470471678&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081576%2C95326317%2C95321957%2C95325784%2C95326917&oid=2&pvsid=1175264901329858&tmod=1454563762&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=647
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 14 Mar 2024 00:37:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 14 Mar 2024 00:37:35 GMT

GET
H2 200 notify
rtb.va.us.criteo.com/google/auction/ Frame 2A08 0
126 B 190ms
63ms Image
text/plain 2620:100:a001::3
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=mOH-FNv5RLAJmALiIp0XAgAAAGHp8SPCbIr6EM5G8mUVxMdgUbeU6vEYAAASAAAKCkFRVURDZ0VCQ2eBBChAX9XLeb3T1NENcaWL&wp=ZfJGzwAEE_oE0bewAA-zJXO9Hyte1oC994BmRA&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 00:37:35 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 202624
server: Kestrel
content-length: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 5923 2 KB
1 KB 199ms
65ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZfJGzwAEE_oE0bewAA-zJXO9Hyte1oC994BmRA&u=%7CU4pk0aDCdvsuAmZ8Gg9UNVxQnhPiLkur4pDQt9mJK7Y%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR7Ob23Zd9U92AwgV9_tmkG55DBWSh3N1mTNlLjGTiM8M90GWTd2XdULog6V9dxo2IaTzBA79fAUUkG_qOVNNtGPOat8btAJ6SwK1oaoGElQYazRgu3XeuQu-lqYZyfD7aukIF58XAQ1QsXD1e_HA3rSAHgj2mqarHRsq8gSPlxZe1SrwZsPZQ9OAEHCAFjwik3W-uUfAKFjhS_6YQ4QpWepHjfyJ09ZDi2BF_Tls5jXEpH0Duzwn3j8_-VlPfBpkKXcGEawFSLoSJoTW7yOh8zSkn6Y7ys0hjbu52jsGT4trGfd87hcnMYFoFCzKAuNagJNcIiug5DZkvy_reo_hdxdixM-pPcniZd2JvJYP1JiwN-dqk8_QpKaLLJzO31iEFVcTiXL62bdQ0e2Cbtti77NyzeuXKEIxtEavYbxcV_wQPItgzgqnFTaTXfGVr8c1lTqBesjlmTGgnbmcy9A7XJo8UbbSe1vYrd-qnfsI6_zA3AnlgCjg_wixzODm3Q2Dr6Wxcxl91YsGzHY2MyOcjy7AKcZ1QfoQ9yupM7tBeIJoWun9IrrOphPmhzB_NMRcKy0cZW91b6s2w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC90-Bz0byZfqnELDvxtYPpea-mA-cge-wXIqilqS0AcCNtwEQASAAYMnujovApIwQggEXY2EtcHViLTA1MTgyNjY3ODM1ODA3MTHIAQmoAwHIAwKqBKICT9AjflyOwy7W0rDvkxJAxr_lPVIrzikfPmqFnW2WbT3DgnBgWPElE4jewAx0_Ep4JNjanIhOcOBVFExcpqxJAxSuP1QcvIb5bAjmfovaGn2QEcoSBMHWdLfQjB7ILBoMio6F6Ts_Mdf-alB5sQHBMrorOmCtFLilVwAjJEkD2TiWrqBchq7nd_--t5U6AsqDfCw1HlK3PpiQ1Jjs8JpcvkvYtW5qRAJqOYb2h4GmD52OY4Y3D3Bt1SlWVGOdm75AJz2tFZigj5UqaPvh0ZfV60Y_AULu6_GDYLO9O735uLqGvdUWihFjX7NDfYe7rYyRAOCMEt0QDhg-zMAYV0nM6ehLpLnRTdaDK7JLbWKMM48a4tL_U-6CEviytE-U1R6S-7CABtyw2dGh0sfYWqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB62-sQLYBwDSCCIIgGEQATICigI6CYBAgMCAgICgCEi9_cE6WKCx4MfB8oQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1p6O5kw1VvVP72XJWXSKQIuJ93Sw%26client%3Dca-pub-0518266783580711%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 00:37:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 09 Mar 2025 00:37:36 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 5923 2 KB
1 KB 254ms
121ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 00:37:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 09 Mar 2025 00:37:36 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 5923 308 B
637 B 192ms
63ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 00:37:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 09 Mar 2025 00:37:36 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 5923 293 B
621 B 193ms
65ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 00:37:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 09 Mar 2025 00:37:36 GMT

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame 5923 43 B
348 B 195ms
64ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=8imNmy_JIflewm9prx7kiyq4IyT5lSNbgUJKFqOGfuEQ8rtPfroTiLTFWRz5C9SYS6GplG_wBxjI8RnzX8yH41gVfMhZ8ocdstTf-JpNiJqL0wjOyb7C0SS-cio8evW3VUDQ0auBkZbCO8WV2El-QUyzONCp0UEK-3IUppNVOSC6CEgu3qSCS_kfUTC7ZlbXmyxoowlc5pu6S3Zh-i0uZofd1ArCZoyuQZcDj8hY0LGLDuq0REG8cTSxQjp-44trTYJnHwNC4EBEksglvVFFVuKTOMB1ebbw-h-E6Tpbk_jXYZSEx85puyq6n-wCYZU26mhUMH74_PI-wjPu6-cyievDKcaDhxDfBjP8i5gG6TCupm34RN4R3AVO3Tu1BayFDGdyzU7Nb_PJIXrNKFowFpc6BSXcLmZRs1aCOSu6ICsoSN1aOluSZKTfiNlCQudiogTTyA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Mar 2024 00:37:35 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1661150
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

v4
metrics.getrockerbox.com/track/ Frame 5923
Redirect Chain

https://metrics.getrockerbox.com/track/v4?source=basics-wallet&tier_one=criteo&tier_two=343905&tier_three=11239559&tier_four=1200x280&auction_id=65f246ce4d3adb25c34a80f2874e54a3
https://secure.adnxs.com/getuid?https%3A%2F%2Fmetrics.getrockerbox.com%2Ftrack%2Fv4%3Fuid%3D%24UID%26source%3Dbasics-wallet%26tier_one%3Dcriteo%26tier_two%3D343905%26tier_three%3D11239559%26tier_fo...
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmetrics.getrockerbox.com%252Ftrack%252Fv4%253Fuid%253D%2524UID%2526source%253Dbasics-wallet%2526tier_one%253Dcriteo%2526tier_two%253D...
https://metrics.getrockerbox.com/track/v4?uid=2359607504706700967&source=basics-wallet&tier_one=criteo&tier_two=343905&tier_three=11239559&tier_four=1200x280&auction_id=65f246ce4d3adb25c34a80f2874e...

44 B
396 B

97ms
97ms

Image
image/gif

104.26.9.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://metrics.getrockerbox.com/track/v4?uid=2359607504706700967&source=basics-wallet&tier_one=criteo&tier_two=343905&tier_three=11239559&tier_four=1200x280&auction_id=65f246ce4d3adb25c34a80f2874e54a3&uid_ts=1710376656
Requested by: Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZfJGzwAEE_oE0bewAA-zJXO9Hyte1oC994BmRA&u=%7CU4pk0aDCdvsuAmZ8Gg9UNVxQnhPiLkur4pDQt9mJK7Y%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR7Ob23Zd9U92AwgV9_tmkG55DBWSh3N1mTNlLjGTiM8M90GWTd2XdULog6V9dxo2IaTzBA79fAUUkG_qOVNNtGPOat8btAJ6SwK1oaoGElQYazRgu3XeuQu-lqYZyfD7aukIF58XAQ1QsXD1e_HA3rSAHgj2mqarHRsq8gSPlxZe1SrwZsPZQ9OAEHCAFjwik3W-uUfAKFjhS_6YQ4QpWepHjfyJ09ZDi2BF_Tls5jXEpH0Duzwn3j8_-VlPfBpkKXcGEawFSLoSJoTW7yOh8zSkn6Y7ys0hjbu52jsGT4trGfd87hcnMYFoFCzKAuNagJNcIiug5DZkvy_reo_hdxdixM-pPcniZd2JvJYP1JiwN-dqk8_QpKaLLJzO31iEFVcTiXL62bdQ0e2Cbtti77NyzeuXKEIxtEavYbxcV_wQPItgzgqnFTaTXfGVr8c1lTqBesjlmTGgnbmcy9A7XJo8UbbSe1vYrd-qnfsI6_zA3AnlgCjg_wixzODm3Q2Dr6Wxcxl91YsGzHY2MyOcjy7AKcZ1QfoQ9yupM7tBeIJoWun9IrrOphPmhzB_NMRcKy0cZW91b6s2w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC90-Bz0byZfqnELDvxtYPpea-mA-cge-wXIqilqS0AcCNtwEQASAAYMnujovApIwQggEXY2EtcHViLTA1MTgyNjY3ODM1ODA3MTHIAQmoAwHIAwKqBKICT9AjflyOwy7W0rDvkxJAxr_lPVIrzikfPmqFnW2WbT3DgnBgWPElE4jewAx0_Ep4JNjanIhOcOBVFExcpqxJAxSuP1QcvIb5bAjmfovaGn2QEcoSBMHWdLfQjB7ILBoMio6F6Ts_Mdf-alB5sQHBMrorOmCtFLilVwAjJEkD2TiWrqBchq7nd_--t5U6AsqDfCw1HlK3PpiQ1Jjs8JpcvkvYtW5qRAJqOYb2h4GmD52OY4Y3D3Bt1SlWVGOdm75AJz2tFZigj5UqaPvh0ZfV60Y_AULu6_GDYLO9O735uLqGvdUWihFjX7NDfYe7rYyRAOCMEt0QDhg-zMAYV0nM6ehLpLnRTdaDK7JLbWKMM48a4tL_U-6CEviytE-U1R6S-7CABtyw2dGh0sfYWqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB62-sQLYBwDSCCIIgGEQATICigI6CYBAgMCAgICgCEi9_cE6WKCx4MfB8oQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1p6O5kw1VvVP72XJWXSKQIuJ93Sw%26client%3Dca-pub-0518266783580711%26adurl%3D
Protocol: H2
Server: 104.26.9.177 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 00:37:36 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 864032375c9fa235-YYZ
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gB50RWhA23M3UxjtMpbrOJiYwqH0Ag2aGgy6e0suFLAabB3tOyQWKzI%2FkijmaDphSeo2gwXmGCvcGhtFkA4%2BTa8KxXnR5P9qP6U4S%2BNg5WNpLlQV2DYV3oK2PsjfBa0OyDKFoJtqoO3xiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 14 Mar 2024 00:37:36 GMT
an-x-request-uuid: 9d9f1aff-b67a-4c00-8633-810c1740ad8f
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://metrics.getrockerbox.com/track/v4?uid=2359607504706700967&source=basics-wallet&tier_one=criteo&tier_two=343905&tier_three=11239559&tier_four=1200x280&auction_id=65f246ce4d3adb25c34a80f2874e54a3&uid_ts=1710376656
x-proxy-origin: 96.9.249.34; 96.9.249.34; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/ 166 KB
56 KB 139ms
139ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

940edc930bb085affde069f3fb69a79bb748c22129a5776a2aa7b803ce04b05a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tdbank.banklocationmaps.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 00:37:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57243
x-xss-protection: 0
server: cafe
etag: 4688525668866049048
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Mar 2024 00:37:36 GMT

GET
H2 200 ca-pub-0518266783580711 Show response
fundingchoicesmessages.google.com/i/ 183 KB
61 KB 223ms
92ms Script
application/javascript 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-0518266783580711?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9b5d9bcaf52a0f987d7b5c0e37524ea97e86c3a5c7a151d641b88dd722b75554

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-iCmmaS0kPz4oc4hgO3BEXg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tdbank.banklocationmaps.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 00:37:36 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-iCmmaS0kPz4oc4hgO3BEXg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytHikmLw0JBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJp6vL5kkgFgDiHf4eLDwrZvOqgLEuuuns4YCcczz6awpQOyUPoM1CIh96mewxgBx681zrFOB-OSC86wXgViIm-NC78n1bAI77q-wAwBY7zI7"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 118ms
117ms Image
image/gif 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pfno&evt=place&vh=1200&eid=42532561&hl=en&pvc=1175264901329858

Requested by

Host: tdbank.banklocationmaps.ca
URL: https://tdbank.banklocationmaps.ca/en/branch/0.3619702446963833

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tdbank.banklocationmaps.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Mar 2024 00:37:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 5923 12 KB
6 KB 95ms
75ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 00:37:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 09 Mar 2025 00:37:36 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 5923 1 KB
1 KB 262ms
136ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?h=556&m=0&partner=100366&q=80&r=0&u=https%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F100366%2F5312973%2Ff1788fd9895a4517aee24f6ed6f0592e_logo_n_horizontal.jpg&v=3&w=196&rid=4&s=J2s7zThHbtwhu73eMb-hPdka

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

7fbac573056d3888f56d346e78203f6fe81d95f118c0f5449798e1314e7d995c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 00:37:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 1026
expires: Tue, 18 Feb 2025 00:53:31 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 5923 24 KB
24 KB 249ms
123ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?h=1200&m=0&partner=100366&q=80&r=0&u=https%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F100366%2F5312973%2F7859080a997148cc991e109ac23bc7ef_2024_02_nomatic_outset-joggers_nomatic_outset_joggers_casallday-2_1920x1080.jpg&v=3&w=1200&rid=4&s=Fre2dHEobeS29RxMwx0HZN25

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

29af021781dffe2be8f33b5d2b0c7cb900f63f250ee8d3d67add1e6dafd084f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 00:37:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 24078
expires: Tue, 18 Feb 2025 00:55:23 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 5923 29 KB
29 KB 288ms
163ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=100366&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0745%2F1299%2Fproducts%2FNomatic_Navigator_VacuumPack_Small_2_20200225.jpg%3Fv%3D1628011064&v=3&w=800&rid=4&s=8XkIs4zgRtg6jjmWCzl4RHBX&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

9e8dde790eb52f551cc348fa6f63df469c691025e0ebc91e42cf6f6b52930a7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 00:37:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 29830
expires: Tue, 18 Feb 2025 00:49:09 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame 5923 0
128 B 266ms
79ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=BSiIMCYUJRE_tY5alCkgSo4SjolCm6c3HcFd93hqfXu3U0EoohOnEPv4P0wq3d4x2d_sfj87HDUC8MWuI9rfzW5GB-pUz67itYDuH5i4jAfOJj2fZOiXFoLkms3pqp_jeSKZMsI69WcNpcxxiHkspkzn-I8pE9_u-s1pXZuTB3VMtWF22yzu070mqfXTuNMkd_Rc9HHDwmWEc--9DmSOuBpUtA--qbWLLmiwA1mw_D_UHBlJ47XEt58GMyyaPCZuvt-SJQ&sds=2&rev=91140&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 14 Mar 2024 00:37:35 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 5923 2 KB
1 KB 126ms
120ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 00:37:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 09 Mar 2025 00:37:36 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 5923 2 KB
1 KB 70ms
67ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 00:37:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 09 Mar 2025 00:37:36 GMT

POST
H2 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 118ms
117ms Fetch
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://tdbank.banklocationmaps.ca/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E84A 436 B
233 B 423ms
423ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-0518266783580711&output=html&h=60&adk=2499841291&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1710376656&rafmt=1&to=qs&pwprc=1459622480&format=1200x60&url=https%3A%2F%2Ftdbank.banklocationmaps.ca%2Fen%2Fbranch%2F0.3619702446963833&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710376656104&bpp=1&bdt=2131&idt=-M&shv=r20240311&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6d227dbbe549bb44%3AT%3D1710376655%3ART%3D1710376655%3AS%3DALNI_MbWKLqdNbFY4X0s85LKlsaKltBGZg&gpic=UID%3D00000dd24852da46%3AT%3D1710376655%3ART%3D1710376655%3AS%3DALNI_MbvRZzbw8VqCuk3-h8y3p2aKQrHpw&eo_id_str=ID%3D62dc43ded71d784b%3AT%3D1710376655%3ART%3D1710376655%3AS%3DAA-AfjaJ9cd0n9nmuzyL7khTAQVX&prev_fmts=0x0%2C1200x280&nras=3&correlator=4413029614952&frm=20&pv=1&ga_vid=911329593.1710376655&ga_sid=1710376655&ga_hid=1470471678&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1067&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081576%2C95326317%2C95321957%2C95325784%2C95326917&oid=2&psts=AOrYGsl34iSV_GeieByyRXyfYaWn2386vQ8lDJC2NlvGeRPNuuYw5FiYv2mkrvxxSl6FQNjHdw9o0jgyEEZ6Kos&pvsid=1175264901329858&tmod=1454563762&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=181

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec124f6e0852fedc520976996ff74e327dee6598dfbfbb08aaf55d9e5dae483d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tdbank.banklocationmaps.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Mar 2024 00:37:36 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240311/r20110914/ Frame 5F9D 9 KB
4 KB 50ms
50ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240311/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tdbank.banklocationmaps.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 13560
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Mar 2024 20:51:36 GMT
etag: 5035419970550746386
expires: Wed, 27 Mar 2024 20:51:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240311/r20110914/ Frame ED52 9 KB
4 KB 51ms
50ms Document
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240311/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tdbank.banklocationmaps.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 13560
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Mar 2024 20:51:36 GMT
etag: 5035419970550746386
expires: Wed, 27 Mar 2024 20:51:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxUlgSWprH6eT_BD7f3meYH6XRBZrCjFlsDNigmQ0RAh7T99NoLr_jrFOq6gZiqqLP5ry1RPM41bIBiktnPslH4RnYThhlwZ-IMASsIFn_Wuk2Zqv80fsEfwnF_b5-cJvKmfufJIMA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 92ms
92ms Script
application/javascript 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUlgSWprH6eT_BD7f3meYH6XRBZrCjFlsDNigmQ0RAh7T99NoLr_jrFOq6gZiqqLP5ry1RPM41bIBiktnPslH4RnYThhlwZ-IMASsIFn_Wuk2Zqv80fsEfwnF_b5-cJvKmfufJIMA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEwMzc2NjU2LDMyOTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly90ZGJhbmsuYmFua2xvY2F0aW9ubWFwcy5jYS9lbi9icmFuY2gvMC4zNjE5NzAyNDQ2OTYzODMzIixudWxsLFtbOCwiVjlnRXNobnZWYUUiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.V9gEshnvVaE.es5.O/am=wA/d=1/rs=AJlcJMzg3ABRpFV2ng0VNxzW7prIZ1tyEQ/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dc28abcfb92d352afc3d14c751e5f7a86f18f208794c133e1b2c5b56ae5a642e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gGhQ1f4rSe9b_bsJ9cvYbQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tdbank.banklocationmaps.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 00:37:36 GMT
content-security-policy: script-src 'report-sample' 'nonce-gGhQ1f4rSe9b_bsJ9cvYbQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytHikmLw1ZBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJp6vL5kkgFgDiHf4eLDwrZvOqgLEuuuns4YCcczz6awpQOyUPoM1CIh96mewxgBx681zrFOB-OSC86wXgViIh-NC78n1bAILOmbvYQQAjIcyRA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 1DC9 2 KB
689 B 77ms
73ms Stylesheet
text/css 2607:f8b0:4006:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: tdbank.banklocationmaps.ca
URL: https://tdbank.banklocationmaps.ca/en/branch/0.3619702446963833

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44004199012159c073f8c965213f9e0aecd633dfe1d58641d7f497d3c7423a61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 14 Mar 2024 00:37:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 00:01:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Mar 2024 00:37:36 GMT

GET
H2 200 rewarded_web_video_en.js Show response
www.gstatic.com/admanager/outstream/ Frame 1DC9 390 KB
133 KB 181ms
61ms Script
text/javascript 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/admanager/outstream/rewarded_web_video_en.js

Requested by

Host: tdbank.banklocationmaps.ca
URL: https://tdbank.banklocationmaps.ca/en/branch/0.3619702446963833

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c60c7782f1fcbb40335110e5e5494fdd9d1b8823649a71850f27084ce8404aac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 00:37:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/drx-mobile-serving
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135767
x-xss-protection: 0
pragma: no-cache
last-modified: Wed, 21 Feb 2024 18:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="drx-mobile-serving"
vary: Accept-Encoding
report-to: {"group":"drx-mobile-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/drx-mobile-serving"}]}
content-type: text/javascript
cache-control: no-cache, must-revalidate
accept-ranges: bytes
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240311/r20110914/elements/html/ Frame 5F9D 15 KB
6 KB 57ms
53ms Script
text/javascript 2607:f8b0:4006:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240311/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240311/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0b5a4e5208642cc79fa1cbf1c0bc831d41a4bbab2f3be66ae814dd26a9ba9bbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 21:01:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12962
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6460
x-xss-protection: 0
server: cafe
etag: 5807243554008179978
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Mar 2024 21:01:34 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240311/r20110914/elements/html/ Frame 5F9D 22 KB
9 KB 63ms
61ms Script
text/javascript 2607:f8b0:4006:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240311/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240311/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a32d83226b99bf308d933b72dbb3de0c52f64a8dce02d1fac907f322c93d7566

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 21:06:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12660
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9102
x-xss-protection: 0
server: cafe
etag: 22571300659011078
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Mar 2024 21:06:36 GMT

GET
H2 200 afr.php Show response
ads.us.criteo.com/delivery/r/ Frame D62C 161 KB
50 KB 150ms
149ms Document
text/html 2620:100:a001::24
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=ZfJGzwAECCkBd4A4AAzTToxJsebN6TLlOiCQ6A&u=%7CU4pk0aDCdvurUeg9O5zT0kdfimnK4oKAidpLh7hcYH0%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78xlqbSNeXpMmJA9kPPxi-QXsNLSO9_0ZkFNPbfBnbwNHeoXnIwPYftHbkxocnculgsD5AhGiLf9i4STKlkbGqmEuudnAKGWl0bMJ49wO8cap0yDawh2lVuE0QvFUG8eHctUSvCih6E3u3ROXv_SNsz2mtAzx9HHXiEE5QFScXiu9qYBZbV_fh0lViX_Naqo3VLzD5QLTGwd_sunSNZkc9-Ogl93H3_fENa9WQlhZptZIMhLMmZ3ck74IndwzP0uj1groGJn1NqvAoegggAmMnwu0LKk-zrgylpYm1_xXpRczJG6srwjyfesdN9Mo6gIabYjJLkwfHTmiqXV9LVGQzIhc-ag3QFLnVJNMeLn1qip28ZtnxNOV1GaJzBaf1OU1NZbamF95TyIGApMt47ccLWe4FSybvZuooXEe6MaZ-6iM-jzLZX9Ki8RdOD9lRSVjZ7T8_uk73LZq9wCv9N8AR1NdIin1o8zEShCGKF7FpiTYWZCg4WBV08NGpdiDDqIGl9R-4p4aN4lxm5H2hXqO-T-Cqq-ICb_o2WMEY3taKKiOvTM5ZJeSYDxu_2bk78uqfSqZsEPJoMKk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClBmZz0byZamQELiA3rsPzqazuAqcge-wXIqilqS0AcCNtwEQASAAYMnujovApIwQggEXY2EtcHViLTA1MTgyNjY3ODM1ODA3MTHIAQmoAwHIAwKqBKICT9AjOTda5ZVaPWkptVScGIDAj8Vc7x3wq91mNanoi_sBh3gWZS59iiNqz0B8-IH7akZznp8MlJr_FuKJaOeOWdfi1OwiJL0QQUewaQ9hkEcbMTloxx2-hIvgRoCJ99PFr1-tWZ8OPI5bqeN9PRjSsfcEZfwlWUiQtgcc0aatRApvVVh4MVER8x0h0WTdHsXAqL-DY3IZTomqG4u4CLHIqSv1b96It4p2DZU7beySuXtofoxpfFcyClngYySBBiuy3slpRYLxPFv_YvIJC9pF8sAQCtAWlYeQWbpgo8FaBTMGAmNt7pT7h5pCyP-S04x3jWiDju_lPY8wT7Ttr7Lc_mrPOI6OHcKFiN8nYcY0G1E35tht-gkZnpI7UqkD0uGH7iyABqzSmYXU0qneMqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB62-sQLYBwDSCCIIgGEQATICigI6CYBAgMCAgICgKEi9_cE6WIGT4MfB8oQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1eB-DrJlZoR0B8QfVUYQ8VkqvK9g%26client%3Dca-pub-0518266783580711%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240311/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

2b1dc70417154e0ab498ebaf63749a7907fb20e44584523dc509cbc1b93cdcf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 14 Mar 2024 00:37:36 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=1fn9RiYUJRE_tY5aaUzhhvnGMePc3qv5W6TqYX9Rc3G56lN1o7Rps92A1sCMfVg7ZfrbuutegreMA7MpdoaQoGBKmTQHKnxDh7RuH-EXMJceyK2Ub4KB53LZi3cC3WZdTuBAVsBDAOKMZAQBvhBufddXdEgzDi93wdA9c-EMMjJzkElYSjNm5gEMeWD4tmDsZLr4Y-zBJrt7UaOuUWxQWiRKn_KnoFOIHwNIKTnElN1q-oH4_AqZg-rSDv7iG5f5PqJz1HL170pufync"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 58318020
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240311/r20110914/client/ Frame ED52 3 KB
1 KB 70ms
68ms Script
text/javascript 2607:f8b0:4006:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240311/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240311/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 20:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13483
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Mar 2024 20:52:53 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240311/r20110914/client/ Frame ED52 20 KB
8 KB 58ms
57ms Script
text/javascript 2607:f8b0:4006:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240311/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240311/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

594ea28ece633b47536a3549082809e82c6772e5f2f324f26f8bc0f5de6842d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 20:47:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13791
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8219
x-xss-protection: 0
server: cafe
etag: 17239101513064691842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Mar 2024 20:47:45 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame ED52 208 KB
63 KB 53ms
52ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240311/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3edca7294f70460740b307b1b70e7356a6165cb7a76c774f65398d0d052ac8c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 00:21:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 990
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64315
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 14 Mar 2024 01:21:06 GMT

GET
H2 200 AGSKWxWwAwfBdvCKWxKfV0ONv8DyeuvmC7PYeprmETgzju_a_9dW5vfSa-Tp0zwZ-eAsA5jOpB4b48t5_n6r6I01-pRv9IXimDjwjflr1aDxelcUidDFnuyE6xI7DWNPsaxEGzdQzicGHw== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 90ms
90ms Script
application/javascript 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWwAwfBdvCKWxKfV0ONv8DyeuvmC7PYeprmETgzju_a_9dW5vfSa-Tp0zwZ-eAsA5jOpB4b48t5_n6r6I01-pRv9IXimDjwjflr1aDxelcUidDFnuyE6xI7DWNPsaxEGzdQzicGHw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEwMzc2NjU2LDQyODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vdGRiYW5rLmJhbmtsb2NhdGlvbm1hcHMuY2EvZW4vYnJhbmNoLzAuMzYxOTcwMjQ0Njk2MzgzMyIsbnVsbCxbWzgsIlY5Z0VzaG52VmFFIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4feeed391bc88cc5bc06a907e930838b315d79cc914309575501b96888bbefa0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Lz1pOdezcc0K5ltaQBf3Mw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tdbank.banklocationmaps.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 00:37:36 GMT
content-security-policy: script-src 'report-sample' 'nonce-Lz1pOdezcc0K5ltaQBf3Mw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytHikmLw1pBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJp6vL5kkgFgDiHf4eLDwrZvOqgLEuuuns4YCcczz6awpQOyUPoM1CIh96mewxgBx681zrFOB-OSC86wXgViIh-NC78n1bAIr7je-ZAQAjSsytA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 64ms
63ms Ping
text/plain 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-H6HE8K8FPW&gtm=45je43b0v895244990za200&_p=1710376654335&gcd=13l3l3l3l1&npa=0&dma=0&cid=911329593.1710376655&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEI&_s=3&sid=1710376654&sct=1&seg=0&dl=https%3A%2F%2Ftdbank.banklocationmaps.ca%2Fen%2Fbranch%2F0.3619702446963833&dt=Page%20not%20found&en=ad_impression&ep.query_id=CLrL4MfB8oQDFbC30QQdJbMP8w&_et=967&tfd=3724
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H6HE8K8FPW
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tdbank.banklocationmaps.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Mar 2024 00:37:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tdbank.banklocationmaps.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame ED52 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2b671dfeb66e8c94d592c647e2de4744e202496fdbd3d92b78369751a05ecbab

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame ED52 0
19 B 115ms
114ms Image
text/html 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C8uOAz0byZamQELiA3rsPzqazuAqcge-wXIqilqS0AcCNtwEQASAAYMnujovApIwQggEXY2EtcHViLTA1MTgyNjY3ODM1ODA3MTHIAQmoAwHIAwKqBJ8CT9AjOTda5ZVaPWkptVScGIDAj8Vc7x3wq91mNanoi_sBh3gWZS59iiNqz0B8-IH7akZznp8MlJr_FuKJaOeOWdfi1OwiJL0QQUewaQ9hkEcbMTloxx2-hIvgRoCJ99PFr1-tWZ8OPI5bqeN9PRjSsfcEZfwlWUiQtgcc0aatRApvVVh4MVER8x0h0WTdHsXAqL-DY3IZTomqG4u4CLHIqSv1b96It4p2DZU7beySuXtofoxpfFcyClngYySBBiuy3slpRYLxPFv_YvIJC9pF8sAQCtAWlYeQWbpgo8FaBTMGAmNt7pT7h5pCyP-S04x3jWiDju_lPY8wT_bvjyAaQ4G1sWWxyU68b3uWbu49NUnzfSsXc8CngL4j022X6waABqzSmYXU0qneMqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB62-sQLYBwDSCCIIgGEQATICigI6CYBAgMCAgICgKEi9_cE6WIGT4MfB8oQDgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTA1MTgyNjY3ODM1ODA3MTEYAA&sigh=WfkO_v6XfgM&uach_m=%5BUACH%5D&cid=CAQSTgB7FLtqlH0LcwY1kqK5tFHpVtkrP1ewyRTnvLva1l7e8JdLxEGSMz1Vx0CshFpLvX8h8VhPBNUqIiE3as8OtnsoV5sKf8nwvii4RSc6JBgB&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240311/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240311/r20110914/zrt_lookup_fy2021.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 14 Mar 2024 00:37:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.va.us.criteo.com/google/auction/ Frame ED52 0
126 B 72ms
71ms Image
text/plain 2620:100:a001::3
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=mL_pEdv5RO0HfOIinRcCAAAAYenxI8JsivoQzkbyZbmd1guOLSWo3yoAABIAAAoKQVFVQkNnRUJDZ4EEKEBf1ct5vdPU0Q1xpYs&wp=ZfJGzwAECCkBd4A4AAzTToxJsebN6TLlOiCQ6A&cbvp=2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240311/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 00:37:36 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 1145479
server: Kestrel
content-length: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame D62C 2 KB
1 KB 68ms
67ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZfJGzwAECCkBd4A4AAzTToxJsebN6TLlOiCQ6A&u=%7CU4pk0aDCdvurUeg9O5zT0kdfimnK4oKAidpLh7hcYH0%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-dbHERHVj9MQgFtTN83TUdVFZz6mvMC78xlqbSNeXpMmJA9kPPxi-QXsNLSO9_0ZkFNPbfBnbwNHeoXnIwPYftHbkxocnculgsD5AhGiLf9i4STKlkbGqmEuudnAKGWl0bMJ49wO8cap0yDawh2lVuE0QvFUG8eHctUSvCih6E3u3ROXv_SNsz2mtAzx9HHXiEE5QFScXiu9qYBZbV_fh0lViX_Naqo3VLzD5QLTGwd_sunSNZkc9-Ogl93H3_fENa9WQlhZptZIMhLMmZ3ck74IndwzP0uj1groGJn1NqvAoegggAmMnwu0LKk-zrgylpYm1_xXpRczJG6srwjyfesdN9Mo6gIabYjJLkwfHTmiqXV9LVGQzIhc-ag3QFLnVJNMeLn1qip28ZtnxNOV1GaJzBaf1OU1NZbamF95TyIGApMt47ccLWe4FSybvZuooXEe6MaZ-6iM-jzLZX9Ki8RdOD9lRSVjZ7T8_uk73LZq9wCv9N8AR1NdIin1o8zEShCGKF7FpiTYWZCg4WBV08NGpdiDDqIGl9R-4p4aN4lxm5H2hXqO-T-Cqq-ICb_o2WMEY3taKKiOvTM5ZJeSYDxu_2bk78uqfSqZsEPJoMKk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClBmZz0byZamQELiA3rsPzqazuAqcge-wXIqilqS0AcCNtwEQASAAYMnujovApIwQggEXY2EtcHViLTA1MTgyNjY3ODM1ODA3MTHIAQmoAwHIAwKqBKICT9AjOTda5ZVaPWkptVScGIDAj8Vc7x3wq91mNanoi_sBh3gWZS59iiNqz0B8-IH7akZznp8MlJr_FuKJaOeOWdfi1OwiJL0QQUewaQ9hkEcbMTloxx2-hIvgRoCJ99PFr1-tWZ8OPI5bqeN9PRjSsfcEZfwlWUiQtgcc0aatRApvVVh4MVER8x0h0WTdHsXAqL-DY3IZTomqG4u4CLHIqSv1b96It4p2DZU7beySuXtofoxpfFcyClngYySBBiuy3slpRYLxPFv_YvIJC9pF8sAQCtAWlYeQWbpgo8FaBTMGAmNt7pT7h5pCyP-S04x3jWiDju_lPY8wT7Ttr7Lc_mrPOI6OHcKFiN8nYcY0G1E35tht-gkZnpI7UqkD0uGH7iyABqzSmYXU0qneMqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB62-sQLYBwDSCCIIgGEQATICigI6CYBAgMCAgICgKEi9_cE6WIGT4MfB8oQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1eB-DrJlZoR0B8QfVUYQ8VkqvK9g%26client%3Dca-pub-0518266783580711%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 00:37:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 09 Mar 2025 00:37:36 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame D62C 2 KB
1 KB 52ms
51ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 00:37:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 09 Mar 2025 00:37:36 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame D62C 308 B
636 B 55ms
54ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 00:37:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 09 Mar 2025 00:37:36 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame D62C 293 B
621 B 64ms
64ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 00:37:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 09 Mar 2025 00:37:36 GMT

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame D62C 43 B
347 B 58ms
57ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=KOXkQxyo57PscGrrrxzKI1yr5b6N4jOP3gtmbZA135pzjRNqe0Ih_6d55-gjfWugVuuvOcfdDK-hS5k_Qx3PHlzIQCQIgnbYUvGpUhmtJnuR3ikhCozUnCUtZvpYdEMgT-mnkSMzIR6SMCPg-66By2vvyv6EDn9lg7Z727kA4ofS0XM5VU9bpMiABmCLtzGDrUUISjWFuGJkroJFuFtylERIvmymhvTTMA0Z4Gg2KQDUCPKv_wxXUBZzAqhlkhTwScdceK6MZVtyBlk1IU-trbV-eeZkROyWzkIZkNznxC1AydkLsB90EZVr_t92J52y3AHyJvKQHICdJK6zpze2Vaq9t3o8TpHbBK1vl6I4se3Rn9HcCcvtSG0dN1wp-RzQbKipGxDBkLUZmGC2lFGdVcDf3InDynituvAqbYzQf26d39EUlTtIFt__LnIKTng7_K4H6A

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Mar 2024 00:37:35 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3197809
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame D62C 12 KB
5 KB 224ms
69ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 00:37:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 26334
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J3xVWM%2BavYH1rUocbUJa%2FBmTRdLQ7EEUYSwJ1CUbE%2BvDk1P2Z%2F44bAwhEnci%2Fn90rbAtpZTU9SVHoxRLrq5VTVUEE8C5BiCdNO2kJ1xHrmpk8ONlpkTEzd6MGK7M%2F%2FsGgZRZhag8L3g9SEW0hcouBtkR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 864032389ddd42e0-EWR
expires: Tue, 04 Mar 2025 00:37:36 GMT

GET
H2 200 f42b96353b1a43b1bfb1603f72d7c24b_sabonroman.woff
static.criteo.net/design/dt/ Frame D62C 27 KB
28 KB 291ms
132ms Font
application/octet-stream 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/f42b96353b1a43b1bfb1603f72d7c24b_sabonroman.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

eff3203b9b309c089021f20f44618f1a5bf537b9215143f398b39c958031d058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 00:37:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 01 Mar 2021 13:06:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"603ce6bb-6d70"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 09 Mar 2025 00:37:36 GMT

GET
H2 200 0983317a66454b4bb61d4667d62cf081_gothambook.woff
static.criteo.net/design/dt/ Frame D62C 27 KB
28 KB 291ms
133ms Font
application/octet-stream 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/0983317a66454b4bb61d4667d62cf081_gothambook.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

f6e089ae8b93c90a17aeafefeec1228034acb33caa008f502a1eba2fa74bcb18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 00:37:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 11 Jan 2019 14:05:34 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c38a2ae-6de4"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 09 Mar 2025 00:37:36 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame D62C 12 KB
6 KB 67ms
67ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 00:37:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 09 Mar 2025 00:37:36 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame D62C 3 KB
3 KB 73ms
70ms Image
image/png 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?h=244&m=0&partner=58815&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F58815%2F211115%2Fbb4a62e9da724321b634f35f47dc1c95_spiermackayca-logo.png&v=3&w=196&rid=4&s=eAvLgHiJXwidfoDOgNm6GBUs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

a356bf10761d2638cfa6648b36ae1b97b73e892e1b81627bef4fea6ead732eb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 00:37:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 2762
expires: Mon, 03 Feb 2025 02:20:50 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame D62C 13 KB
13 KB 74ms
71ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=58815&q=80&r=0&u=https%3A%2F%2Fwww.spierandmackay.com%2Ffiles%2Fcatalog%2FPRODUCT_IMAGES%2FSpierAndMackaySS23_RY-3329%2520%282%29.jpg&v=3&w=800&rid=4&s=FzOuMpdsYykzJWX0kfAnHSch&b=1200

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

84816a31f715acb1f7ab3ad48c0ef5b0021c50b21f16a08ed80da539250f88a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 00:37:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 13560
expires: Fri, 07 Feb 2025 02:11:14 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame D62C 13 KB
13 KB 80ms
78ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=58815&q=80&r=0&u=https%3A%2F%2Fwww.spierandmackay.com%2Ffiles%2Fcatalog%2FPRODUCT_IMAGES%2FSS23-B4-Medium%2520Gray%2520Suit-21800-1010-NSN%2520%284%29.jpg&v=3&w=800&rid=4&s=4fEBoa1pdJtv7vvcjUpMYhL8&b=1200

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

45790a079d926f147a8e00133981b3c990d14c2357bd8c346546d87c426ae8c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 00:37:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 12982
expires: Fri, 31 Jan 2025 01:55:02 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame D62C 13 KB
14 KB 81ms
78ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=58815&q=80&r=0&u=https%3A%2F%2Fwww.spierandmackay.com%2Ffiles%2Fcatalog%2FPRODUCT_IMAGES%2FSpierAndMackaySS23_O-21_Sand---Linen---Teba-Jacket-8006SD-TEBA-JKT-SS23-%282T%29.jpg&v=3&w=800&rid=4&s=zTmGDW5QRk_kVHs6TCRaoswW&b=1200

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

c5ae06b0ac6d30dbbfc0accc98b91e740bd599a54e9963d0ad3f2f3ed36ed468

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 00:37:35 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 13680
expires: Sat, 08 Feb 2025 21:40:23 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame D62C 4 KB
4 KB 91ms
88ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=58815&q=80&r=0&u=https%3A%2F%2Fwww.spierandmackay.com%2Ffiles%2Fcatalog%2FPRODUCT_IMAGES%2FStone%2520-%2520Garment%2520Dyed%2520Chino-RY-3064-ST-CHN-01-FW22%2520%284%29T.jpg&v=3&w=800&rid=4&s=NXBVVFrM_xc3qChAjo6K17RE&b=1200

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

b029cdf33d03728123977edeb2b995e23917e5fa59be3c2c78b741ff939e3ecd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 00:37:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 3604
expires: Tue, 04 Feb 2025 13:02:35 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame D62C 0
127 B 87ms
85ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=1fn9RiYUJRE_tY5aaUzhhvnGMePc3qv5W6TqYX9Rc3G56lN1o7Rps92A1sCMfVg7ZfrbuutegreMA7MpdoaQoGBKmTQHKnxDh7RuH-EXMJceyK2Ub4KB53LZi3cC3WZdTuBAVsBDAOKMZAQBvhBufddXdEgzDi93wdA9c-EMMjJzkElYSjNm5gEMeWD4tmDsZLr4Y-zBJrt7UaOuUWxQWiRKn_KnoFOIHwNIKTnElN1q-oH4_AqZg-rSDv7iG5f5PqJz1HL170pufync&sds=2&rev=91140&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 14 Mar 2024 00:37:36 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame D62C 2 KB
1 KB 73ms
72ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 00:37:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 09 Mar 2025 00:37:36 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame D62C 2 KB
1 KB 63ms
62ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 00:37:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 09 Mar 2025 00:37:36 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 1DC9 0
225 B 167ms
67ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~ltqi3mmd&c=8442358123833&slotId=4221179061916.5&qqid=COaz4MfB8oQDFTiAdwEdTtMMpw&fb=rewarded_web-lima&sei=44752538%2C75259414%2C318475490%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=rewarded_web
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/admanager/outstream/rewarded_web_video_en.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Mar 2024 00:37:36 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 volume_off.png
www.gstatic.com/dfp/native/ Frame 1DC9 3 KB
3 KB 45ms
44ms Image
image/png 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/dfp/native/volume_off.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240311/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7a1125f0f178a5bd59ac15910b5e06e94821f182ac6006071c2409cde0f2a2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 20:45:12 GMT
x-content-type-options: nosniff
last-modified: Thu, 02 Nov 2023 22:48:00 GMT
server: sffe
age: 13944
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2684
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 13 Mar 2025 20:45:12 GMT

GET
H2 200 pause.png
www.gstatic.com/dfp/native/ Frame 1DC9 763 B
876 B 46ms
45ms Image
image/png 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/dfp/native/pause.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240311/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4ffcb380b93be8587df1adff939042b89c5b2f0329458df5f2f2a8c07123297

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 20:47:38 GMT
x-content-type-options: nosniff
last-modified: Fri, 30 Jun 2023 18:58:00 GMT
server: sffe
age: 13798
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 763
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 13 Mar 2025 20:47:38 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 1DC9 0
45 B 161ms
69ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~ltqi3mmj&c=8442358123833&slotId=4221179061916.5&qqid=COaz4MfB8oQDFTiAdwEdTtMMpw&fb=rewarded_web-lima&met.4=ls.ltqi3mmk~arps.ltqi3mmm~arp_a_s.ltqi3mmm&vast_v=3.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/admanager/outstream/rewarded_web_video_en.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Mar 2024 00:37:36 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast.php Show response
ads.us.criteo.com/delivery/r/0.1/ Frame 1DC9 9 KB
6 KB 76ms
76ms XHR
text/xml 2620:100:a001::24
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/0.1/vast.php?z=ZfJGzwAECCYBd4A4AAzTTkhxnd8YkkSkQ3lvRQ&u=%7CU4pk0aDCdvuP2x0RaAGxh8DN%2Fas%2BkalsegsmKHcvBww%3D%7C&c1=f2W0RUnQkd5gl6xalwEmCdIO7LN999McKc3a_QFaHWyLsI7hwtwGqMZ6tmg7ZKQnx5x1TqqgapNmD1v78hmAv-r3IQ4KRTAjIfCNBShAEXuFP6peO30fWKfOG4z3CacrJYUwZd35UzjM8Cri3-zHVjljkdMCR7X-PnozCN2S99Ak-Nk0mwFjDZ1dFpswNcNGeLQWa6rDgylfuraN_aXKgr6AO3sJuwag7LoA46RvUZPVCefcH4FS4lMckKlMdTvnx8RGhXtpB3ASZ8nmja0jOFArdYh4MDOs2-a04YD5puGbutMz4OUTntocBwVGpRt1KFpctVW4aWBLgyRzR1WAndnwFRdvB2ljwn1L0Z2dpjbBhJ0QRhsG1kILk9hXwNdAtMfMoy2LxKw7bRThyTOXFsvf5ib_d7DsrEW9Kh9Rj-Np1qotBLKkUmPmy0WCcNEpx5j40nDKLMM52Ne5c0g5uHnHws-yP8z0qAtYi6QT7p_hktZ0d-Tvi9dKXQPhRJDBvE8OsBrA4ikk_Wa515qodYIX6Ou4nEg635FCXR6r53N6SN-niCnlmtHgpJ_Bvf9Gc-FmEWqFyBQwc5deYDW4G96kIJBdDpX47RWKJnuwGc_9nF-Av11NIcBFBhMHlX4vZ5I3_GcsdabgQh5SEHr23Q&ct0=https://googleads.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyyiUz0byZaaQELiA3rsPzqazuAqcge-wXIqilqS0AcCNtwEQASAAYMnujovApIwQggEXY2EtcHViLTA1MTgyNjY3ODM1ODA3MTHIAQWoAwHIAwKqBKMCT9DPC-S35zmSSoLD2bqlsfmQbAhXbjhJ8IEf7ASUzBON16lgsoaS4ELeoZbmIZu8eB3p--Jwy400IIWmzKMLwKi_vd04o2MdO7a9Tw7tA_z6-QbQP7Gy4UyfZP0lYJlkszeZR0dLhE1L2OmMMlSjLY2nbXOcUYK1ltK9D6d9WbevUDhRhQ3T8Mx02_tE9IEVyXZ0eFbi6GHDEP5VfkXXQ3fIKmOXayBOK18Blwd1a8Mtl7HS-EhPprfqjkjKGNHcJTICauAg01VLK0QQEMrOAB76DmFTMF1VrvIoAraBXMMYMhnTkSh5rhgzpNEW_aDxKNsc-1LFMnFM9_2KTAOJLfjf-9l7RRvQbSce_CN1di4RAAgYU5W-SurZqzJ59sn11t2pgAbVjsmCk4L34xWgBiqoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggiCIBhEAEyAooCOgmAQIDAgICAoChIvf3BOliBk-DHwfKEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1AdZ7_BlBYaw1_2IeLvj07UIrA0w%26client%3Dca-pub-0518266783580711%26adurl%3D

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/admanager/outstream/rewarded_web_video_en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

a9c2e1bdac2668cc9bfaf7b4c340d0ec6e51f5b0c2bf46a45975c0218ff167ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 00:37:36 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
p3p: CP='CUR ADM OUR NOR STA NID'
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 4010295
pragma: no-cache
server: Kestrel
access-control-max-age: 1000
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/xml
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
vary: Origin,Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 robotocondensed-400.css
static.criteo.net/design/googlefont/robotocondensed/ Frame D62C 2 KB
854 B 61ms
60ms Stylesheet
text/css 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/robotocondensed/robotocondensed-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

66d5e835f06be29e8b5112ee84def9f11eeef96f164d624ca3ba8bd8d3e2cefe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 00:37:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:14:23 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f13f-8cb"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 09 Mar 2025 00:37:36 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 1DC9 0
45 B 78ms
68ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~ltqi3mmr&c=8442358123833&slotId=4221179061916.5&qqid=COaz4MfB8oQDFTiAdwEdTtMMpw&fb=rewarded_web-lima&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=AdChoices&icdi=15x19&vmfc=1&vhc=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/admanager/outstream/rewarded_web_video_en.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Mar 2024 00:37:36 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 206 aaf1806cbf0343ebaf260ab35cc2194b_untitled_design_copy.mp4
static.criteo.net/design/dt/104685/5342976/ Frame 1DC9 484 KB
485 KB 74ms
73ms Media
video/mp4 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/104685/5342976/aaf1806cbf0343ebaf260ab35cc2194b_untitled_design_copy.mp4

Requested by

Host: tdbank.banklocationmaps.ca
URL: https://tdbank.banklocationmaps.ca/en/branch/0.3619702446963833

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

d98d67be84482386f30a77d4b51b861578f7d3ae3a813bacec310c8f33c2ae2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 14 Mar 2024 00:37:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 08 Mar 2024 11:06:49 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "65eaf149-78fd8"
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 0-495575/495576
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
Content-Length: 495576
expires: Sun, 09 Mar 2025 00:37:36 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2A08 42 B
64 B 112ms
111ms Fetch
image/gif 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsucifV7NrjDFv93F3J0qIXcB4LnQN0xMPdisJsWEfCspvGwi42IScUnIoYWIsm2fBgC8rC3QE1tRg_MpGQVtXB0jZzP3cEEMJNZLfyC-GYamp8jX7L6Ta4VABqYVDCaUvcF6YJfOso&sig=Cg0ArKJSzBAs4OnM7RpdEAE&id=lidar2&mcvt=1007&p=0,0,280,1200&mtos=1007,1007,1007,1007,1007&tos=1007,0,0,0,0&v=20240313&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1213588912&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=630945500&rst=1710376655181&rpt=610&met=ie&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Mar 2024 00:37:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 robotocondensed-400-latin.woff2
static.criteo.net/design/googlefont/robotocondensed/ Frame D62C 15 KB
16 KB 130ms
129ms Font
application/octet-stream 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/robotocondensed/robotocondensed-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/robotocondensed/robotocondensed-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/robotocondensed/robotocondensed-400.css
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 00:37:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:14:23 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f13f-3d54"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 09 Mar 2025 00:37:36 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 130ms
130ms XHR
application/json 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240311&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea45733a2856dae9904482eb9e9e7aeb4f8c4aae1546b4955ed78774250351df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tdbank.banklocationmaps.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 00:37:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12268
x-xss-protection: 0

POST
H2 200 all
csm.us.criteo.net/ Frame 5923 0
127 B 60ms
60ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 14 Mar 2024 00:37:36 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 99ms
99ms Script
text/javascript 2607:f8b0:4006:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tdbank.banklocationmaps.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 00:37:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 14 Mar 2024 00:37:37 GMT

GET
H3 200 ads Show response
fundingchoicesmessages.google.com/f/AGSKWxVFmxMjPrcVauzsvyVnPwrmA3w50XcI0eMbNDWIOgTPp0_bhx6qrZdFkQC8ooru3yjhwlqTftf1iDU4ha-kIK3ujqJzwEyW8xpqx4chTcVx2LaLx9oYVO73rpQeFWhXJsuG9wNteCAmhmgiI4jn4jthFFwjY... 54 B
110 B 73ms
73ms Script
application/javascript 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVFmxMjPrcVauzsvyVnPwrmA3w50XcI0eMbNDWIOgTPp0_bhx6qrZdFkQC8ooru3yjhwlqTftf1iDU4ha-kIK3ujqJzwEyW8xpqx4chTcVx2LaLx9oYVO73rpQeFWhXJsuG9wNteCAmhmgiI4jn4jthFFwjY-lmUjywNmZsw9kHmR17ABVOKE1gTGDJ/_/adx/ads?=468x60//adscontent./peeljs.php/advertise-

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.V9gEshnvVaE.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMz5bmzEc-6APBBsh_a6fPvdb0K74Q/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d4f098ff9fd9abcdb54b6f04a7205c2e6fde621ec24c08a9186b9c497c38844f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bVieiWzL8_6e2FLxrl5rpQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tdbank.banklocationmaps.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 00:37:37 GMT
content-security-policy: script-src 'report-sample' 'nonce-bVieiWzL8_6e2FLxrl5rpQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytHikmLw15BiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJp6vL5kkgFgDiHf4eLDwrZvOqgLEuuuns4YCcczz6awpQOyUPoM1CIh96mewxgBx681zrFOB-OSC86wXgViIm-Ni78n1bAI71m6KAQBbyDI5"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 30 KB
11 KB 51ms
51ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db6ebc171ed4e53c6193362ba74a1f2ed954714da66dc7485cfd99e5f1745f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tdbank.banklocationmaps.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 23:55:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2508
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11523
x-xss-protection: 0
server: cafe
etag: 916572542668392311
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Thu, 14 Mar 2024 00:55:49 GMT

POST
H3 204 AGSKWxWcc21owKp835TnxRBxD8jUZr0GpSx3RkQDeWA5xMMkJbeCizNb8lQofLPJ9f2RmOrXSRJgFTKC3xoymd_ncDq5DFDC5TmzLUfBdAAlkiwNc8S4XKVUb3EDf_CRfNY6U_x23jqRDw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 169ms
73ms XHR
text/html 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWcc21owKp835TnxRBxD8jUZr0GpSx3RkQDeWA5xMMkJbeCizNb8lQofLPJ9f2RmOrXSRJgFTKC3xoymd_ncDq5DFDC5TmzLUfBdAAlkiwNc8S4XKVUb3EDf_CRfNY6U_x23jqRDw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-I2COL-YHZwf3qnuFyVLboA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tdbank.banklocationmaps.ca/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 14 Mar 2024 00:37:37 GMT
content-security-policy: script-src 'report-sample' 'nonce-I2COL-YHZwf3qnuFyVLboA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktHikmLw0ZBiqGV4xtQKxDt8PFic0mewhgCxEA_Hxd6T69kEduw70MsIAPf9DZk"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://tdbank.banklocationmaps.ca
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWcc21owKp835TnxRBxD8jUZr0GpSx3RkQDeWA5xMMkJbeCizNb8lQofLPJ9f2RmOrXSRJgFTKC3xoymd_ncDq5DFDC5TmzLUfBdAAlkiwNc8S4XKVUb3EDf_CRfNY6U_x23jqRDw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 197ms
154ms XHR
text/html 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWcc21owKp835TnxRBxD8jUZr0GpSx3RkQDeWA5xMMkJbeCizNb8lQofLPJ9f2RmOrXSRJgFTKC3xoymd_ncDq5DFDC5TmzLUfBdAAlkiwNc8S4XKVUb3EDf_CRfNY6U_x23jqRDw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Olmo36YP_OzXrGk_wyPabg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tdbank.banklocationmaps.ca/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 14 Mar 2024 00:37:37 GMT
content-security-policy: script-src 'report-sample' 'nonce-Olmo36YP_OzXrGk_wyPabg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktHikmJw0pBiqGV4xtQKxDt8PFic0mewhgCxEA_Hxd6T69kELjzbsYURAPfPDe4"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://tdbank.banklocationmaps.ca
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6001 13 KB
5 KB 52ms
50ms Document
text/html 2607:f8b0:4006:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tdbank.banklocationmaps.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 13678
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 13 Mar 2024 20:49:39 GMT
expires: Thu, 13 Mar 2025 20:49:39 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3B33 829 B
1 KB 177ms
67ms Document
text/html 2607:f8b0:4006:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6b73d86bff121dc370d3f09c59f2890d54d29bf158a4c3d5dc9472856d71374a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tePDHw6wOsK98jApFBQbZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tdbank.banklocationmaps.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-tePDHw6wOsK98jApFBQbZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 14 Mar 2024 00:37:37 GMT
expires: Thu, 14 Mar 2024 00:37:37 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H3 204 AGSKWxWcc21owKp835TnxRBxD8jUZr0GpSx3RkQDeWA5xMMkJbeCizNb8lQofLPJ9f2RmOrXSRJgFTKC3xoymd_ncDq5DFDC5TmzLUfBdAAlkiwNc8S4XKVUb3EDf_CRfNY6U_x23jqRDw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 98ms
74ms XHR
text/html 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWcc21owKp835TnxRBxD8jUZr0GpSx3RkQDeWA5xMMkJbeCizNb8lQofLPJ9f2RmOrXSRJgFTKC3xoymd_ncDq5DFDC5TmzLUfBdAAlkiwNc8S4XKVUb3EDf_CRfNY6U_x23jqRDw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-StpNFAoBbR2d-Vbr1mr6HQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tdbank.banklocationmaps.ca/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 14 Mar 2024 00:37:37 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-StpNFAoBbR2d-Vbr1mr6HQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktHikmJw0ZBiqGV4xtQKxDt8PFic0mewhgCxEA_Hxd6T69kEbjTf62UEAPbbDZQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://tdbank.banklocationmaps.ca
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWcc21owKp835TnxRBxD8jUZr0GpSx3RkQDeWA5xMMkJbeCizNb8lQofLPJ9f2RmOrXSRJgFTKC3xoymd_ncDq5DFDC5TmzLUfBdAAlkiwNc8S4XKVUb3EDf_CRfNY6U_x23jqRDw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 98ms
74ms XHR
text/html 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWcc21owKp835TnxRBxD8jUZr0GpSx3RkQDeWA5xMMkJbeCizNb8lQofLPJ9f2RmOrXSRJgFTKC3xoymd_ncDq5DFDC5TmzLUfBdAAlkiwNc8S4XKVUb3EDf_CRfNY6U_x23jqRDw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CeARK-YMJ7uFFi2DQnBxmQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tdbank.banklocationmaps.ca/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 14 Mar 2024 00:37:37 GMT
content-security-policy: script-src 'report-sample' 'nonce-CeARK-YMJ7uFFi2DQnBxmQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktHikmJw0pBiqGV4xtQKxDt8PFic0mewhgCxEA_Hxd6T69kEfqy73scIAPfIDdc"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://tdbank.banklocationmaps.ca
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxU5k8wR-LfMl9t5SeW_iEstc9RM1lACH24nEkFFLapuaQBurEt_9rD6Mdt4xsdz7BLrAWumQm2v1KNphqj0sMEVS8CAVg6RLJGmFWZssy1zAfU0VG-RdhOpeR5w498JnX1qT9-nnw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 94ms
94ms Script
application/javascript 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxU5k8wR-LfMl9t5SeW_iEstc9RM1lACH24nEkFFLapuaQBurEt_9rD6Mdt4xsdz7BLrAWumQm2v1KNphqj0sMEVS8CAVg6RLJGmFWZssy1zAfU0VG-RdhOpeR5w498JnX1qT9-nnw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEwMzc2NjU3LDIzMDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly90ZGJhbmsuYmFua2xvY2F0aW9ubWFwcy5jYS9lbi9icmFuY2gvMC4zNjE5NzAyNDQ2OTYzODMzIixudWxsLFtbOCwiVjlnRXNobnZWYUUiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1965d5326518a1d9be1a9c52b0bbbb358388fa66ef66abe2e0c2893fed07754e

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-mUIbGQSMPUMbqQyxBQPZ-w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tdbank.banklocationmaps.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 00:37:37 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-mUIbGQSMPUMbqQyxBQPZ-w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytHikmLw0JBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJp6vL5kkgFgDiHf4eLDwrZvOqgLEuuuns4YCcczz6awpQOyUPoM1CIh96mewxgBx681zrFOB-OSC86wXgViIh-Ni78n1bAIv2p-2MgIAjBgymg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxV9xsEybOHzpEQyPBBtds0iEZaNGWro6rR5DsLnEaGLonQjYSTLZrhIIrpXxRGPKgXweq8rGTTTdh6nyJvOl9jPIntKHJ4udDgOKhbFFsBNCjC0FVy0ZhdvX147CjFVMZsDD2VZCQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 78ms
78ms XHR
text/html 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV9xsEybOHzpEQyPBBtds0iEZaNGWro6rR5DsLnEaGLonQjYSTLZrhIIrpXxRGPKgXweq8rGTTTdh6nyJvOl9jPIntKHJ4udDgOKhbFFsBNCjC0FVy0ZhdvX147CjFVMZsDD2VZCQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-I_aie0Q1f3tilaU849e89w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tdbank.banklocationmaps.ca/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 14 Mar 2024 00:37:37 GMT
content-security-policy: script-src 'report-sample' 'nonce-I_aie0Q1f3tilaU849e89w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktHikmJw15BiqGV4xtQKxDt8PFic0mewhgCxEA_Hxd6T69kEJizatYURAPZDDXE"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://tdbank.banklocationmaps.ca
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWcc21owKp835TnxRBxD8jUZr0GpSx3RkQDeWA5xMMkJbeCizNb8lQofLPJ9f2RmOrXSRJgFTKC3xoymd_ncDq5DFDC5TmzLUfBdAAlkiwNc8S4XKVUb3EDf_CRfNY6U_x23jqRDw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 83ms
82ms XHR
text/html 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWcc21owKp835TnxRBxD8jUZr0GpSx3RkQDeWA5xMMkJbeCizNb8lQofLPJ9f2RmOrXSRJgFTKC3xoymd_ncDq5DFDC5TmzLUfBdAAlkiwNc8S4XKVUb3EDf_CRfNY6U_x23jqRDw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jaeYW8iqUqWjcOflXcwJ5g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tdbank.banklocationmaps.ca/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 14 Mar 2024 00:37:37 GMT
content-security-policy: script-src 'report-sample' 'nonce-jaeYW8iqUqWjcOflXcwJ5g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktHikmJw15BiqGV4xtQKxDt8PFic0mewhgCxEA_Hxd6T69kEZpy4vZ0RAPdsDcM"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://tdbank.banklocationmaps.ca
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 O8T1Km08OhS5_Tz58jKeajrFynp-IyfJlJwKv1268Sc.js Show response
pagead2.googlesyndication.com/bg/ Frame 6001 39 KB
15 KB 51ms
50ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/O8T1Km08OhS5_Tz58jKeajrFynp-IyfJlJwKv1268Sc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bc4f52a6d3c3a14b9fd3cf9f2329e6a3ac5ca7a7e2327c9949c0abf5dbaf127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 21:21:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11790
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15541
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Mar 2025 21:21:07 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6001 0
10 B 48ms
47ms Image
text/plain 2607:f8b0:4006:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?MWwSug
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 00:37:37 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3B33 0
0 113ms
112ms Image
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240311&jk=1175264901329858&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame ED52 42 B
64 B 110ms
109ms Fetch
image/gif 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss_BNLbZH4wEJ50aUgPVcI8HxgSQ0BYY8vY5ENhYgBfhgVbdzbAaRAxLqziJ2_zgMTtDCQw9g4aABxvY3lErdFmPYyhAxVTNmRsMh5V0_JdGBBdC11EjuBLfIZFxWNEC-JCkRGtfcE&sig=Cg0ArKJSzNWKFpQwbiLWEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=84,767,1000,1114,1160&tos=84,683,233,114,46&v=20240313&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=630945600&rst=1710376656317&rpt=184&met=ie&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Mar 2024 00:37:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame D62C 0
127 B 68ms
68ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 14 Mar 2024 00:37:37 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 1DC9 0
54 B 66ms
65ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~ltqi3mp1&c=8442358123833&slotId=4221179061916.5&qqid=COaz4MfB8oQDFTiAdwEdTtMMpw&fb=rewarded_web-lima&gpm_i=1&gpm_c=1&gpm_a=1&smb=Infinity&mt=video%2Fmp4&vs=1920x1080&gqid=z0byZYW8D-3hxtYPhsumuAg&msm=1&aits=0&webm=0&vp9=0&vamt=video%2Fmp4&hvmf=false&vms=1&bit=0&met.4=arp_a_e.ltqi3mp3~arpf.ltqi3mp3~vil.ltqi3mvq~vfl.ltqi3mxz&ua_e=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/admanager/outstream/rewarded_web_video_en.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Mar 2024 00:37:37 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 119ms
119ms Image
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240311&jk=1175264901329858&bg=!eHulezTNAAZsmiNCTJo7ADQBe5WfONK6pcnmkpCxa-pezAw4HkzbEcblfBty3hwobc7wU-IMtEPlFIN39B9x8Vq0Zl2qAgAAAFJSAAAAAmgBBwoAPzOPzdoHB9j4Hb2acJVJf3tIXXNS9QizQosB561gmH12oam6EkI_XjgfhYdEBFUSofOUEP0UustK0BFSNMOTAJkCzsm-I274vVLz1I4dm5cuZWB6QfLNNMsVF4cihZnn0_GD6u7mfa8sIZRYUlLcZ4Q9jW4uLaZAxaJHAFt8Sh_LLMBFv4f2XhCf-U4dDHiD0km73zsl6Na5I8qwFiYOeZo-ZzQ6goQy6u7Cg2CXKMrF1F7YUj_R6ylo8L2-612muDoj5z63SOfuBfqAMEMCFjVAb-UKNvdR_pFV36ZqCcS5UCfjbTZWJX-p2Lr-pAYqVAroD5VXkBqax__ohS-M2gZ3W-vjf1WHX5PxC9Em3Mj3A4uBMOrhr-dVMkYcyzaPkvHsYwv2Xm17AMkaskm5GwI3nki_tM05TBvrlf2iOMd4gJy25I6KtyQFesK8LsjN7HLmjxvwh2OVGqSepdH7cw9R7K4bYKLJD9fCT1JLUEr0g35TksyGhEz60LvXaoCVhPplhzU_Aj6GbMNB35mVkDOdMrA5zVeas9Aj_8Q9dtbC-625O1bQiTc143hT1pNiaP0OneqrwiutK4tXhZlE4OaMLAFy6pyRBwjrLS1f8YSRbTP35GmiX6lMbqKPp9ZmyT4KDrmNgZgyNczO_OvatO1EPeyU_OlxF6oFKM4BENUb3USQ4YhhvQywjnNJSsTqKZ6opKN7_m5Flnzz7t7tC1-qfb-czrNQ1vDhtV9CBCr2wBxrIsGcmzE6e4_rQ7gLLkhdmOlAZh7GThHGCwWg5BpA0bPC07qFAGWtTuFcvmsIdYOC38LPuqF-WL63LrNCkzoNqjYRAXz55-n-onP_V61hjrO4ku9bwpOU_6Vh6bgg9kphElBrdzA1eU4HRpxLIkufWzDfsdaU0Hg1Ew6HEsjkfD3bH45Ff3HZnboFlXwRIWErwMcxRDuoSV9MbcTaUbNUqsVJcHuemik1dS3ZLH6Q-cX8u7-gF-LdkbBgbuCyMV_vbosTreg_ihrRVnQlCIWH_plynwDejhdPgIPjCgs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tdbank.banklocationmaps.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.banklocationmaps.ca/	1970-01-21 04:42:16	Name: _ga Value: GA1.1.911329593.1710376655
.banklocationmaps.ca/	1970-01-21 03:51:52	Name: cf_clearance Value: 4lx_BAkIo_sqHoupDqguCPWDsyGwYVce6ka66YDQXpA-1710376655-1.0.1.1-cypV_2TlPSzBgVLyG2.PMrmbUipS2zelJJFgRL86FK6R7EwD9uXlAefu8tIFaGZDkImOQSRtLyDbEe7wHPyEhA
.banklocationmaps.ca/	1970-01-21 04:27:52	Name: __gads Value: ID=6d227dbbe549bb44:T=1710376655:RT=1710376655:S=ALNI_MbWKLqdNbFY4X0s85LKlsaKltBGZg
.banklocationmaps.ca/	1970-01-21 04:27:52	Name: __gpi Value: UID=00000dd24852da46:T=1710376655:RT=1710376655:S=ALNI_MbvRZzbw8VqCuk3-h8y3p2aKQrHpw
.banklocationmaps.ca/	1970-01-20 23:25:28	Name: __eoi Value: ID=62dc43ded71d784b:T=1710376655:RT=1710376655:S=AA-AfjaJ9cd0n9nmuzyL7khTAQVX
.criteo.com/	1970-01-21 04:27:52	Name: receive-cookie-deprecation Value: 1
.doubleclick.net/	1970-01-21 04:42:16	Name: IDE Value: AHWqTUmXEaakR6811YGlHMy-s_Msrr926y7sF22pNV5_8nOzuEyBYAdtfzmEfHcFkpI
.adnxs.com/	1970-01-20 21:15:52	Name: XANDR_PANID Value: Xxg2a_lDpzm7WiGfA1c-g0fEdZ0dbu3UEPitW62ayzCSwFzYiMZJTo3218Gu_pZEj6yEpzL0ZNvu53Jzq7xHprhCX0Z3zXH0Jnn0xgDq3Ho.
.adnxs.com/	1970-01-21 04:42:16	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 21:15:52	Name: uuid2 Value: 2359607504706700967
.banklocationmaps.ca/	1970-01-21 04:42:16	Name: _ga_H6HE8K8FPW Value: GS1.1.1710376654.1.0.1710376656.0.0.0
.getrockerbox.com/	1970-01-20 19:49:28	Name: uuid Value: 2359607504706700967
.banklocationmaps.ca/	1970-01-21 03:51:52	Name: FCNEC Value: %5B%5B%22AKsRol8WB1P-stNWKH0T0JLrBcT4dUihtfQrK7THUO8MEV_jzCyiCYumWXaegIiPZ5HTaxK_qbY9vNUo3auR1bmX3MPsNG1ZD_uyBsA2wTyWuo4XeQxSJpKzg_mwuSQ4TFBV9aNdFZcrpp8amWjIbxCzHAU31Bujbg%3D%3D%22%5D%5D

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://tdbank.banklocationmaps.ca/en/branch/0.3619702446963833 Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://tdbank.banklocationmaps.ca/en/branch/0.3619702446963833 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0518266783580711&output=html&h=280&adk=1213588912&adf=1994834710&pi=t.aa~a.2280143961~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1710376655&rafmt=1&to=qs&pwprc=1459622480&format=1200x280&url=https%3A%2F%2Ftdbank.banklocationmaps.ca%2Fen%2Fbranch%2F0.3619702446963833&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710376654532&bpp=1&bdt=558&idt=644&shv=r20240311&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4413029614952&frm=20&pv=1&ga_vid=911329593.1710376655&ga_sid=1710376655&ga_hid=1470471678&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081576%2C95326317%2C95321957%2C95325784%2C95326917&oid=2&pvsid=1175264901329858&tmod=1454563762&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=647 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
other	warning	URL: https://tdbank.banklocationmaps.ca/en/branch/0.3619702446963833 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tdbank.banklocationmaps.ca/en/branch/0.3619702446963833 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tdbank.banklocationmaps.ca/en/branch/0.3619702446963833 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tdbank.banklocationmaps.ca/en/branch/0.3619702446963833 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tdbank.banklocationmaps.ca/en/branch/0.3619702446963833 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tdbank.banklocationmaps.ca/en/branch/0.3619702446963833 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tdbank.banklocationmaps.ca/en/branch/0.3619702446963833 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tdbank.banklocationmaps.ca/en/branch/0.3619702446963833 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tdbank.banklocationmaps.ca/en/branch/0.3619702446963833 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tdbank.banklocationmaps.ca/en/branch/0.3619702446963833 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tdbank.banklocationmaps.ca/en/branch/0.3619702446963833 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://tdbank.banklocationmaps.ca/en/branch/0.3619702446963833 Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.us.criteo.com
cat.va.us.criteo.com
cdnjs.cloudflare.com
csi.gstatic.com
csm.us.criteo.net
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
imageproxy.us.criteo.net
metrics.getrockerbox.com
pagead2.googlesyndication.com
rtb.va.us.criteo.com
secure.adnxs.com
static.criteo.net
tdbank.banklocationmaps.ca
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
104.26.9.177
2001:4860:4802:32::3
2606:4700:20::681a:802
2606:4700:20::ac43:4746
2606:4700::6811:180e
2607:f8b0:4006:808::2004
2607:f8b0:4006:80c::2001
2607:f8b0:4006:80d::2003
2607:f8b0:4006:80e::2002
2607:f8b0:4006:80e::200e
2607:f8b0:4006:816::200a
2607:f8b0:4006:81e::2002
2607:f8b0:4006:823::2008
2607:f8b0:4006:823::200e
2607:f8b0:4006:824::2003
2620:100:a001::16
2620:100:a001::24
2620:100:a001::3
2620:100:a001::4
2620:100:a001::9
68.67.161.182
74.119.119.147
039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d
07c09a241dda6e6032cb2df8b495b34f6a7b62f847a3df04325397308c3e05fc
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b5a4e5208642cc79fa1cbf1c0bc831d41a4bbab2f3be66ae814dd26a9ba9bbf
11af530537e23dff21d8989d86f34f5b5028d0c3af5593af84f82fdf67d26f33
1965d5326518a1d9be1a9c52b0bbbb358388fa66ef66abe2e0c2893fed07754e
29a60e249819b8675c9d0cf865d060af4cff817564c9eae9fc7e3c81b60dbfe3
29af021781dffe2be8f33b5d2b0c7cb900f63f250ee8d3d67add1e6dafd084f6
2b1dc70417154e0ab498ebaf63749a7907fb20e44584523dc509cbc1b93cdcf1
2b671dfeb66e8c94d592c647e2de4744e202496fdbd3d92b78369751a05ecbab
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
340ef860c261eac3877eb68f69737e1982dbfc4c94f56ba8f1e7d20ebe374d17
3bc4f52a6d3c3a14b9fd3cf9f2329e6a3ac5ca7a7e2327c9949c0abf5dbaf127
3edca7294f70460740b307b1b70e7356a6165cb7a76c774f65398d0d052ac8c8
44004199012159c073f8c965213f9e0aecd633dfe1d58641d7f497d3c7423a61
45790a079d926f147a8e00133981b3c990d14c2357bd8c346546d87c426ae8c3
47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4feeed391bc88cc5bc06a907e930838b315d79cc914309575501b96888bbefa0
515d5aa324d649e106651802a86f51eed88830e698a53f0573678f26ad21523b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
594ea28ece633b47536a3549082809e82c6772e5f2f324f26f8bc0f5de6842d2
5a19fa748698c4d7f5fb2c5909be32eefdad86ab21c44e8dfc33ddbd352430fe
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
66d5e835f06be29e8b5112ee84def9f11eeef96f164d624ca3ba8bd8d3e2cefe
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
6b73d86bff121dc370d3f09c59f2890d54d29bf158a4c3d5dc9472856d71374a
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
754cd8295e7ca9abac9b59954b4eb8c0b2f4ffcf1df0adfb8a68e14fe6ed0dd2
7fbac573056d3888f56d346e78203f6fe81d95f118c0f5449798e1314e7d995c
83aee87a0d017ccbef691515af8b09f6992dc83e82ef0b2bcbfdf70a02afc347
84816a31f715acb1f7ab3ad48c0ef5b0021c50b21f16a08ed80da539250f88a3
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
9260386bd75efb7e5895d5d7c723ed642a4ef66484f4b5812871fc4fb61c7ae4
940edc930bb085affde069f3fb69a79bb748c22129a5776a2aa7b803ce04b05a
9b5d9bcaf52a0f987d7b5c0e37524ea97e86c3a5c7a151d641b88dd722b75554
9db6ebc171ed4e53c6193362ba74a1f2ed954714da66dc7485cfd99e5f1745f8
9e4104bcdb7854ff5a09ef9d37fb49632acd44a0dcde2a11ec4304da1d0b0d65
9e8dde790eb52f551cc348fa6f63df469c691025e0ebc91e42cf6f6b52930a7e
9ecc573b27ab4d078257403dd3270d2a8fc6e5c4e248087d03e033043c6bd15d
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a32d83226b99bf308d933b72dbb3de0c52f64a8dce02d1fac907f322c93d7566
a356bf10761d2638cfa6648b36ae1b97b73e892e1b81627bef4fea6ead732eb1
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a9c2e1bdac2668cc9bfaf7b4c340d0ec6e51f5b0c2bf46a45975c0218ff167ba
b029cdf33d03728123977edeb2b995e23917e5fa59be3c2c78b741ff939e3ecd
bf8f953ce6cb8a794bb7a59a326b73dad93a341e1a74fd03a921c85a44b10f1c
c4ffcb380b93be8587df1adff939042b89c5b2f0329458df5f2f2a8c07123297
c5ae06b0ac6d30dbbfc0accc98b91e740bd599a54e9963d0ad3f2f3ed36ed468
c60c7782f1fcbb40335110e5e5494fdd9d1b8823649a71850f27084ce8404aac
c7a1125f0f178a5bd59ac15910b5e06e94821f182ac6006071c2409cde0f2a2b
d4f098ff9fd9abcdb54b6f04a7205c2e6fde621ec24c08a9186b9c497c38844f
d98d67be84482386f30a77d4b51b861578f7d3ae3a813bacec310c8f33c2ae2a
dc28abcfb92d352afc3d14c751e5f7a86f18f208794c133e1b2c5b56ae5a642e
df5c362f10490acc9af44b0ce14030c2cadc4a6f43969b1ced175000e742e84a
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e86ae6dfc4d070a2150b62f73be4bfd9ed2fe69870500729c99db9a5e68b190d
ea45733a2856dae9904482eb9e9e7aeb4f8c4aae1546b4955ed78774250351df
ec124f6e0852fedc520976996ff74e327dee6598dfbfbb08aaf55d9e5dae483d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff3203b9b309c089021f20f44618f1a5bf537b9215143f398b39c958031d058
f6e089ae8b93c90a17aeafefeec1228034acb33caa008f502a1eba2fa74bcb18
fc65e18483f5ea3b9afa3f7c83e818bdbd81c55287c90a149cd3b82997e6a0aa

tdbank.banklocationmaps.ca Open in urlscan Pro 2606:4700:20::ac43:4746 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

106 Requests

98 %HTTPS

86 %IPv6

13 Domains

21 Subdomains

21 IPs

2 Countries

1771 kBTransfer

3730 kBSize

13 Cookies

7 Outgoing links

Page URL History

Redirected requests

106 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

tdbank.banklocationmaps.ca Open in urlscan Pro
2606:4700:20::ac43:4746 Public Scan

Screenshot
Live screenshot

Full Image

106
Requests

98 %
HTTPS

86 %
IPv6

13
Domains

21
Subdomains

21
IPs

2
Countries

1771 kB
Transfer

3730 kB
Size

13
Cookies

106 HTTP transactions
2 data transactions