authentication.td.com Open in urlscan Pro
23.205.106.89 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://easyweb.td.com/waw/ezw/webbanking
Effective URL:
https://authentication.td.com/uap-ui/?consumer=easyweb&locale=en_CA
Submission: On October 18 via manual (October 18th 2023, 6:50:58 pm UTC) from CA — Scanned from CA

Summary HTTP 141 Redirects Links 52 Behaviour Indicators

Summary

This website contacted 27 IPs in 2 countries across 28 domains to perform 141 HTTP transactions. The main IP is 23.205.106.89, located in Ashburn, United States and belongs to AKAMAI-ASN1, NL. The main domain is authentication.td.com. The Cisco Umbrella rank of the primary domain is 114559.
TLS certificate: Issued by Entrust Certification Authority - L1M on December 28th 2022. Valid for: a year.

This is the only time authentication.td.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	23.205.106.68 23.205.106.68	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 26	23.205.106.89 23.205.106.89	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	23.205.106.82 23.205.106.82	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	151.101.129.108 151.101.129.108	54113 (FASTLY) (FASTLY)
6	3.162.103.116 3.162.103.116	16509 (AMAZON-02) (AMAZON-02)
1	99.84.191.50 99.84.191.50	16509 (AMAZON-02) (AMAZON-02)
1 4	68.67.160.114 68.67.160.114	29990 (ASN-APPNEX) (ASN-APPNEX)
13	192.225.158.132 192.225.158.132	30286 (THM) (THM)
2 18	52.1.190.243 52.1.190.243	14618 (AMAZON-AES) (AMAZON-AES)
6	172.253.63.97 172.253.63.97	15169 (GOOGLE) (GOOGLE)
4	3.232.15.196 3.232.15.196	14618 (AMAZON-AES) (AMAZON-AES)
1	52.1.122.252 52.1.122.252	14618 (AMAZON-AES) (AMAZON-AES)
2	23.205.106.75 23.205.106.75	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8 8	72.44.58.73 72.44.58.73	14618 (AMAZON-AES) (AMAZON-AES)
6	172.67.73.236 172.67.73.236	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	142.251.16.113 142.251.16.113	15169 (GOOGLE) (GOOGLE)
6	172.253.122.113 172.253.122.113	15169 (GOOGLE) (GOOGLE)
4	142.251.16.156 142.251.16.156	15169 (GOOGLE) (GOOGLE)
4	142.250.31.94 142.250.31.94	15169 (GOOGLE) (GOOGLE)
2	192.225.158.1 192.225.158.1	30286 (THM) (THM)
1	192.225.158.3 192.225.158.3	30286 (THM) (THM)
1 1	13.249.39.83 13.249.39.83	16509 (AMAZON-02) (AMAZON-02)
1 1	216.200.232.253 216.200.232.253	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	31.13.66.35 31.13.66.35	32934 (FACEBOOK) (FACEBOOK)
1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	67.202.105.22 67.202.105.22	32748 (STEADFAST) (STEADFAST)
2	172.253.115.105 172.253.115.105	15169 (GOOGLE) (GOOGLE)
8 8	172.253.115.156 172.253.115.156	15169 (GOOGLE) (GOOGLE)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
6 12	54.236.156.168 54.236.156.168	14618 (AMAZON-AES) (AMAZON-AES)
1 1	192.184.68.134 192.184.68.134	14618 (AMAZON-AES) (AMAZON-AES)
1 1	204.79.197.200 204.79.197.200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 2	104.18.25.173 104.18.25.173	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	34.111.234.236 34.111.234.236	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	3.225.218.10 3.225.218.10	14618 (AMAZON-AES) (AMAZON-AES)
1 1	107.178.240.89 107.178.240.89	15169 (GOOGLE) (GOOGLE)
2 2	23.61.60.237 23.61.60.237	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	18.211.158.154 18.211.158.154	14618 (AMAZON-AES) (AMAZON-AES)
1	69.147.92.12 69.147.92.12	14777 (YAHOO) (YAHOO)
2 3	52.46.143.56 52.46.143.56	16509 (AMAZON-02) (AMAZON-02)
141	27

1 23.205.106.68 (Ashburn, United States) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-205-106-68.deploy.static.akamaitechnologies.com

easyweb.td.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 23.205.106.89 (Ashburn, United States) 2 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-205-106-89.deploy.static.akamaitechnologies.com

authentication.td.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.205.106.82 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-205-106-82.deploy.static.akamaitechnologies.com

www.wcmcaas.td.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.162.103.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-103-116.iad61.r.cloudfront.net

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.191.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-191-50.iad89.r.cloudfront.net

bcdn.td.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 68.67.160.114 (Fairfield, United States) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 192.225.158.132 (United States)

ASN30286 (THM, US)

tmx.td.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 52.1.190.243 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-190-243.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.253.63.97 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.232.15.196 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-15-196.compute-1.amazonaws.com

data.privacy.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.1.122.252 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-122-252.compute-1.amazonaws.com

td.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.205.106.75 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-205-106-75.deploy.static.akamaitechnologies.com

smetrics.td.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 72.44.58.73 (Ashburn, United States) 8 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-72-44-58-73.compute-1.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.67.73.236 (United States)

ASN13335 (CLOUDFLARENET, US)

c.lytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.251.16.113 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f113.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.253.122.113 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f113.1e100.net

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.16.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.31.94 (Oxford, United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f94.1e100.net

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.225.158.1 (United States)

ASN30286 (THM, US)
PTR: a-sac.h.online-metrix.net

h.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.225.158.3 (United States)

ASN30286 (THM, US)
PTR: d.aa.online-metrix.net

i8n5h0pwuxfod7c7y6h3gsba2wtotrai2ukxd7pk60a7b55031296279sac.d.aa.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.249.39.83 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-249-39-83.iad89.r.cloudfront.net

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.200.232.253 (Frederick, United States) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.13.66.35 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-iad3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.22 (United States) 1 redirects

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-105.static.steadfastdns.net

dp2.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.115.105 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f105.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.253.115.156 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: bg-in-f156.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 54.236.156.168 (Ashburn, United States) 6 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-156-168.compute-1.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.184.68.134 (United States) 1 redirects

ASN14618 (AMAZON-AES, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.79.197.200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.25.173 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.234.236 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 236.234.111.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.225.218.10 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-218-10.compute-1.amazonaws.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.240.89 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 89.240.178.107.bc.googleusercontent.com

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.61.60.237 (Miami, United States) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-61-60-237.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.211.158.154 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-158-154.compute-1.amazonaws.com

exchange.adstanding.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.147.92.12 (Ashburn, United States)

ASN14777 (YAHOO, US)
PTR: e2.ycpi.vip.dca.yahoo.com

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.46.143.56 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	td.com 3 redirects easyweb.td.com — Cisco Umbrella Rank: 223570 authentication.td.com — Cisco Umbrella Rank: 114559 www.wcmcaas.td.com — Cisco Umbrella Rank: 132309 bcdn.td.com — Cisco Umbrella Rank: 446585 tmx.td.com — Cisco Umbrella Rank: 121400 smetrics.td.com — Cisco Umbrella Rank: 47024	1 MB
20	everesttech.net 14 redirects cm.everesttech.net — Cisco Umbrella Rank: 1318 pixel.everesttech.net — Cisco Umbrella Rank: 5480	9 KB
19	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 242 td.demdex.net — Cisco Umbrella Rank: 36173	21 KB
12	doubleclick.net 8 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 98 cm.g.doubleclick.net — Cisco Umbrella Rank: 255	2 KB
10	ensighten.com nexus.ensighten.com — Cisco Umbrella Rank: 3727 data.privacy.ensighten.com — Cisco Umbrella Rank: 9516	134 KB
8	google.com analytics.google.com — Cisco Umbrella Rank: 178 www.google.com — Cisco Umbrella Rank: 2	1015 B
6	lytics.io c.lytics.io — Cisco Umbrella Rank: 11489	50 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	415 KB
6	adnxs.com 1 redirects acdn.adnxs.com — Cisco Umbrella Rank: 663 ib.adnxs.com — Cisco Umbrella Rank: 261	55 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	21 KB
4	google.ca www.google.ca — Cisco Umbrella Rank: 9740	729 B
3	amazon-adsystem.com 2 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 328	2 KB
3	yahoo.com 2 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 1469 ups.analytics.yahoo.com — Cisco Umbrella Rank: 363 ads.yahoo.com — Cisco Umbrella Rank: 8057	805 B
3	online-metrix.net h.online-metrix.net — Cisco Umbrella Rank: 3097 i8n5h0pwuxfod7c7y6h3gsba2wtotrai2ukxd7pk60a7b55031296279sac.d.aa.online-metrix.net	16 KB
2	owneriq.net 2 redirects px.owneriq.net — Cisco Umbrella Rank: 2007	1 KB
2	tribalfusion.com 2 redirects a.tribalfusion.com — Cisco Umbrella Rank: 985 s.tribalfusion.com — Cisco Umbrella Rank: 2451	920 B
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 521	1 KB
1	adstanding.com 1 redirects exchange.adstanding.com — Cisco Umbrella Rank: 223267	169 B
1	pro-market.net 1 redirects fei.pro-market.net — Cisco Umbrella Rank: 2678	321 B
1	ml314.com 1 redirects ml314.com — Cisco Umbrella Rank: 2219	406 B
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 257	636 B
1	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 929	495 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 869	393 B
1	33across.com 1 redirects dp2.33across.com — Cisco Umbrella Rank: 13177	501 B
1	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 504	719 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 116	185 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 1371	697 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 587	636 B
141	28

	Domain	Requested by
26	authentication.td.com	2 redirects authentication.td.com
18	dpm.demdex.net	2 redirects
13	tmx.td.com	authentication.td.com tmx.td.com
12	pixel.everesttech.net	6 redirects
8	cm.g.doubleclick.net	8 redirects
8	cm.everesttech.net	8 redirects
6	analytics.google.com	nexus.ensighten.com
6	c.lytics.io	nexus.ensighten.com
6	www.googletagmanager.com	nexus.ensighten.com
6	nexus.ensighten.com	authentication.td.com nexus.ensighten.com
5	www.google-analytics.com	nexus.ensighten.com authentication.td.com
4	www.google.ca
4	stats.g.doubleclick.net	nexus.ensighten.com authentication.td.com
4	data.privacy.ensighten.com
4	ib.adnxs.com	1 redirects authentication.td.com acdn.adnxs.com
3	s.amazon-adsystem.com	2 redirects
2	px.owneriq.net	2 redirects
2	www.google.com
2	pixel.tapad.com	2 redirects
2	h.online-metrix.net	tmx.td.com
2	smetrics.td.com	authentication.td.com nexus.ensighten.com
2	acdn.adnxs.com	authentication.td.com nexus.ensighten.com
2	www.wcmcaas.td.com	authentication.td.com
1	ads.yahoo.com
1	exchange.adstanding.com	1 redirects
1	fei.pro-market.net	1 redirects
1	ups.analytics.yahoo.com	1 redirects
1	cms.analytics.yahoo.com	1 redirects
1	ml314.com	1 redirects
1	s.tribalfusion.com	1 redirects
1	a.tribalfusion.com	1 redirects
1	c.bing.com	1 redirects
1	cms.quantserve.com	1 redirects
1	analytics.twitter.com
1	dp2.33across.com	1 redirects
1	token.rubiconproject.com
1	www.facebook.com
1	sync.mathtag.com	1 redirects
1	aa.agkn.com	1 redirects
1	i8n5h0pwuxfod7c7y6h3gsba2wtotrai2ukxd7pk60a7b55031296279sac.d.aa.online-metrix.net
1	td.demdex.net	nexus.ensighten.com
1	bcdn.td.com	authentication.td.com
1	easyweb.td.com	1 redirects
141	43

This site contains links to these domains. Also see Links.

Domain
www.td.com
www.tdcanadatrust.com
www.tdbank.com
www.tdcommercialbanking.com
easyweb.td.com
webbroker.td.com
td.intelliresponse.com
twitter.com
facebook.com
www.instagram.com
www.youtube.com
www.linkedin.com

Subject Issuer	Validity	Valid
authentication.td.com Entrust Certification Authority - L1M	`2022-12-28` - `2023-12-28`	a year	crt.sh
www.wcmcaas.td.com Entrust Certification Authority - L1M	`2023-06-01` - `2024-05-31`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2023-03-27` - `2024-04-26`	a year	crt.sh
nexus.ensighten.com Amazon RSA 2048 M02	`2023-09-29` - `2024-10-27`	a year	crt.sh
bcdn.td.com Entrust Certification Authority - L1K	`2023-04-14` - `2024-05-14`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
tmx.td.com Entrust Certification Authority - L1K	`2023-04-10` - `2024-05-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.privacy.ensighten.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-03` - `2024-02-16`	a year	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2024-10-26`	a year	crt.sh
smetrics.td.com Entrust Certification Authority - L1M	`2023-09-13` - `2024-10-11`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-16` - `2024-04-15`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
h.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2023-01-09` - `2024-01-23`	a year	crt.sh
*.d.aa.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2023-03-03` - `2024-03-04`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-07-28` - `2023-10-26`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-31` - `2024-01-30`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://authentication.td.com/uap-ui/?consumer=easyweb&locale=en_CA
Frame ID: 39C218F456037F08B89F030D2AB47FE0
Requests: 79 HTTP requests in this frame

Frame: https://tmx.td.com/RXuELc9lysygvUEQ?fc26e4b73f223181=SCjHawfRLAO677o38NqORYkG9hV81ppchA-Cejvi9CHMZ_sQ2urWgJJ2SD6iv0IRcVuEKTuOku3lEGpmmEcfUiXNXgnBgu_P8sZbQFLL6pwyT64zJ7kAk-rR45TKaIWYx5yahY3QDNJNEmbzMIhevY-Iaf2bfdiTPp-iMGW81ROdShv4NTfX1ty_9s4MDlgFy15-2SfEH3P35Q7d98JdDiDDZsKn&jb=3d3b2e2662736f753555696c6667777326687b673f576966646d75732730303332266a7b6a77354360726f6d6d246a7160354368726d656d27323039313a
Frame ID: 68A7F0728F0B9B28410CFE1482FBE7EA
Requests: 30 HTTP requests in this frame

Frame: https://td.demdex.net/dest5.html?d_nsid=0
Frame ID: 31FB364BD4F8C52D77CF13238A84AF31
Requests: 26 HTTP requests in this frame

Frame: https://h.online-metrix.net/kxSiwvvb3BtGDeQs?6b5da59c26aed77f=7vkOqBMPWGNDamt7dXrtpw8U8OyenS-YX-R2je0t4sTbBmjSao6ACtseogzZPTxnikXRsRIARI7xRepDYARV5QAlFynxM9nvq1eknwFhBbA-8TrnEFebfIEEHEg7Sn2919GVAxM8SHo31AQK4IjWPbsUbvPHGTwoFMXyzRAyxauky9hL1IuIrCT2edbpVJGwDbJPXRmeWhhycpPD7WpRtMUgZTNDIjS0
Frame ID: 3D87EACD3CBAC96E1C485FE58BFBA41C
Requests: 2 HTTP requests in this frame

Frame: https://tmx.td.com/D2gZymgVXpZLHtHu?ec5c7e84e6b6721c=WgYeSwW3F970Jn04JbfZt2Ny25Zwtx7H_2lX4O71-ZqI2n38pEJNvZPbzyskMpHfI0EM5TmCWT9R1fY4HZqjNAttybsktMtck9Jj4KxkYSy6rBVCFMuhWUsd-NdEwBAsr4suiG_3dqtzS1e51fXeSpj-AQSRyz1AgwBmsMFX6nWnnW8NivchpcWAcsYNYvJJBreu-Cn304UPKvIkv0l8jtGqq7Nv6HVy
Frame ID: 5227D8876BCD89D2DC1D99FE2FB358D7
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 18EEFB3F5D34E8D009B823F810B62BC9
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

EasyWeb Login

Page URL History Show full URLs

https://easyweb.td.com/waw/ezw/webbanking HTTP 302
https://authentication.td.com/uap-ui/index.html?consumer=easyweb&locale=en_CA&goto=https%3A%2F%2Feasyweb.t... HTTP 302
https://authentication.td.com/uap-ui/index.html?consumer=easyweb&locale=en_CA HTTP 302
https://authentication.td.com/uap-ui/?consumer=easyweb&locale=en_CA Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Ensighten (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

//nexus\.ensighten\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

141
Requests

69 %
HTTPS

0 %
IPv6

28
Domains

43
Subdomains

27
IPs

2
Countries

2000 kB
Transfer

6618 kB
Size

62
Cookies

52 Outgoing links

These are links going to different origins than the main page.

URL: https://www.td.com/ca/en/personal-banking
Title: Personal

Search URL Search Domain Scan URL

URL: https://www.tdcanadatrust.com/products-services/small-business/smallbusiness-index.jsp
Title: Business

Search URL Search Domain Scan URL

URL: https://www.td.com/ca/products-services/investing-at-td/index.jsp
Title: Investing

Search URL Search Domain Scan URL

URL: http://www.tdbank.com/
Title: United States

Search URL Search Domain Scan URL

URL: https://www.td.com/ca/en/personal-banking/

Search URL Search Domain Scan URL

URL: https://www.td.com/ca/en/personal-banking/my-accounts/
Title: My Accounts

Search URL Search Domain Scan URL

URL: https://www.td.com/ca/en/personal-banking/products/bank-accounts/
Title: Bank Accounts

Search URL Search Domain Scan URL

URL: https://www.td.com/ca/en/personal-banking/products/credit-cards/
Title: Credit Cards

Search URL Search Domain Scan URL

URL: https://www.tdcanadatrust.com/products-services/banking/mortgages.jsp
Title: Mortgages

Search URL Search Domain Scan URL

URL: https://www.tdcanadatrust.com/products-services/borrowing/loans-lines-of-credit/index.jsp
Title: Borrowing

Search URL Search Domain Scan URL

URL: https://www.tdcanadatrust.com/products-services/investing/goals_index.jsp
Title: Saving & Investing

Search URL Search Domain Scan URL

URL: https://www.tdcanadatrust.com/products-services/insurance/insurance-index.jsp
Title: Insurance

Search URL Search Domain Scan URL

URL: https://www.tdcanadatrust.com/products-services/banking/apply-index.jsp
Title: All Products

Search URL Search Domain Scan URL

URL: https://www.tdcanadatrust.com/products-services/small-business/smallbusiness-index_1.jsp
Title: Small Businesses

Search URL Search Domain Scan URL

URL: https://www.tdcommercialbanking.com/home/index.jsp
Title: Commercial Banking

Search URL Search Domain Scan URL

URL: https://www.tdcanadatrust.com/products-services/banking/student-advice/student-banking.jsp
Title: Students

Search URL Search Domain Scan URL

URL: https://www.tdcanadatrust.com/planning/life-events/new-to-canada/index.jsp
Title: New to Canada

Search URL Search Domain Scan URL

URL: https://www.tdcanadatrust.com/products-services/banking/cross-border-banking/index.jsp
Title: Cross Border Banking

Search URL Search Domain Scan URL

URL: https://www.tdcanadatrust.com/products-services/banking/foreign-currency-services/index.jsp
Title: Foreign Exchange Services

Search URL Search Domain Scan URL

URL: https://www.tdcanadatrust.com/products-services/banking/electronic-banking/payandsendmoney.jsp
Title: Ways to Pay

Search URL Search Domain Scan URL

URL: https://www.tdcanadatrust.com/products-services/banking/electronic-banking/index.jsp
Title: Ways to Bank

Search URL Search Domain Scan URL

URL: https://www.tdcanadatrust.com/products-services/banking/green-banking/index.jsp
Title: Green Banking

Search URL Search Domain Scan URL

URL: https://www.td.com/ca/en/personal-banking/branch-locator/
Title: Find Us

Search URL Search Domain Scan URL

URL: https://www.td.com/ca/en/personal-banking/help-centre/
Title: Help

Search URL Search Domain Scan URL

URL: https://easyweb.td.com/
Title: EasyWeb

Search URL Search Domain Scan URL

URL: https://webbroker.td.com/
Title: WebBroker

Search URL Search Domain Scan URL

URL: https://www.tdbank.com/net/accountlogin.aspx
Title: U.S. Banking

Search URL Search Domain Scan URL

URL: https://www.td.com/about-tdbfg/our-business/index.jsp
Title: About TD

Search URL Search Domain Scan URL

URL: http://www.tdcanadatrust.com/products-services/banking/electronic-banking/access-card-security/guarantee.jsp
Title: You are protected

Search URL Search Domain Scan URL

URL: https://www.td.com/ca/en/personal-banking/get-started/
Title: Register online now

Search URL Search Domain Scan URL

URL: http://td.intelliresponse.com/login/
Title: Get Login Help

Search URL Search Domain Scan URL

URL: https://td.intelliresponse.com/cbaw/index.jsp?interfaceID=17&requestType=TopQuestionsRequest&TopTenCategoryName=Two-Step+Verification
Title: Two-Step Verification FAQs

Search URL Search Domain Scan URL

URL: https://www.td.com/privacy-and-security/privacy-and-security/how-we-protect-you/online-security/2fa.jsp
Title: TD Authenticate app: Securely log in from anywhere in the world without texts or phone calls.

Search URL Search Domain Scan URL

URL: https://www.td.com/ca/en/about-td/privacy-and-security/how-you-can-protect-yourself/protect-yourself/types-of-fraud-and-scams
Title: Improve Your Protection Against Online Fraud

Search URL Search Domain Scan URL

URL: https://www.td.com/ca/en/personal-banking/solutions/ways-to-bank/?tdtab=digital-banking
Title: Take banking and investing almost anywhere

Search URL Search Domain Scan URL

URL: https://www.td.com/content/dam/tdct/document/pdf/personal-banking/tdct-accounts-fst-en.pdf
Title: Financial Services Terms

Search URL Search Domain Scan URL

URL: https://www.td.com/content/dam/tdct/document/pdf/aa-eng.pdf
Title: Access Agreement

Search URL Search Domain Scan URL

URL: https://www.td.com/content/dam/tdct/document/pdf/dba-eng.pdf
Title: Digital Banking Agreement

Search URL Search Domain Scan URL

URL: https://www.tdcanadatrust.com/easyweb5/help/banking/acc00151.htm
Title: Business Access Services Schedule

Search URL Search Domain Scan URL

URL: https://www.tdcanadatrust.com/products-services/investing/mutual-funds/webfundcond.jsp
Title: Terms and Agreement

Search URL Search Domain Scan URL

URL: https://www.td.com/to-our-customers/#TD_Asset_Management
Title: Disclosure

Search URL Search Domain Scan URL

URL: https://www.td.com/ca/en/personal-banking/contact-us/
Title: Contact us

Search URL Search Domain Scan URL

URL: https://twitter.com/td_canada
Title: FOOTER.TWITTER

Search URL Search Domain Scan URL

URL: https://facebook.com/tdbankgroup/
Title: FOOTER.FACEBOOK

Search URL Search Domain Scan URL

URL: https://www.instagram.com/TD_Canada/
Title: FOOTER.INSTAGRAM

Search URL Search Domain Scan URL

URL: https://www.youtube.com/tdcanada
Title: FOOTER.YOUTUBE

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/td
Title: FOOTER.LINKEDIN

Search URL Search Domain Scan URL

URL: https://www.td.com/privacy-and-security/privacy-and-security/index.jsp
Title: Privacy and Security

Search URL Search Domain Scan URL

URL: https://www.td.com/to-our-customers/
Title: Legal

Search URL Search Domain Scan URL

URL: http://www.tdcanadatrust.com/customer-service/accessibility/accessibility-at-td/index.jsp
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.tdcanadatrust.com/products-services/index.jsp
Title: CDIC member

Search URL Search Domain Scan URL

URL: https://www.td.com/careers/why-td/index.jsp
Title: We're Hiring

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://easyweb.td.com/waw/ezw/webbanking HTTP 302
https://authentication.td.com/uap-ui/index.html?consumer=easyweb&locale=en_CA&goto=https%3A%2F%2Feasyweb.td.com%2Fwaw%2Fezw%2Fwebbanking&level=4 HTTP 302
https://authentication.td.com/uap-ui/index.html?consumer=easyweb&locale=en_CA HTTP 302
https://authentication.td.com/uap-ui/?consumer=easyweb&locale=en_CA Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=A783776A5245B1E50A490D44%40AdobeOrg&d_nsid=0&ts=1697655052006 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=A783776A5245B1E50A490D44%40AdobeOrg&d_nsid=0&ts=1697655052006

Request Chain 51

https://cm.everesttech.net/cm/dd?d_uuid=64866008341005129681299456859120744030 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZTApDAAAAHn5tgN2

Request Chain 88

https://aa.agkn.com/adscores/g.pixel?sid=9211132908&aam=64866008341005129681299456859120744030 HTTP 302
https://dpm.demdex.net/ibs:dpid=21&dpuuid=212560604673011338506

Request Chain 89

https://sync.mathtag.com/sync/img?mt_exid=10004&mt_exuid=64866008341005129681299456859120744030&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D269%26dpuuid%3D[MM_UUID]%26ddsuuid%3d64866008341005129681299456859120744030 HTTP 302
https://dpm.demdex.net/ibs:dpid=269&dpuuid=1a156530-290d-4800-a5b3-866c757c3888&ddsuuid=64866008341005129681299456859120744030

Request Chain 94

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 302
https://dpm.demdex.net/ibs:dpid=358&dpuuid=1783857810292825748

Request Chain 97

https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D540%26dpuuid%3D%24%7BTA_DEVICE_ID%7D&partner_device_id=64866008341005129681299456859120744030 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=ADB&partner_url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D540%26dpuuid%3D%24%7BTA_DEVICE_ID%7D&partner_device_id=64866008341005129681299456859120744030 HTTP 302
https://dpm.demdex.net/ibs:dpid=540&dpuuid=b1222b6c-b59a-4c3f-841a-312a48c6e89b

Request Chain 105

https://dp2.33across.com/ps/?pid=897&random=104980850 HTTP 302
https://dpm.demdex.net/ibs:dpid=601&dpuuid=212206629217109&random=1697655053

Request Chain 111

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NjQ4NjYwMDgzNDEwMDUxMjk2ODEyOTk0NTY4NTkxMjA3NDQwMzA= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NjQ4NjYwMDgzNDEwMDUxMjk2ODEyOTk0NTY4NTkxMjA3NDQwMzA=&google_tc= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEON_znDbKaiovbFqWbyeysk&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 113

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.everesttech.net%2F1x1%3F HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WlRBcERBQUFBSG41dGdOMg&url=/1/gr%3furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F&google_gid=CAESEFUvs_m-XkdvsPBG83FNu74&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 114

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072980%26val%3D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WlRBcERBQUFBSG41dGdOMg&url=/1/gr%3furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEFUvs_m-XkdvsPBG83FNu74&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 115

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fib.adnxs.com%2Fpxj%3Faction%3Dsetuid(%27__EFGSURFER__.__EFGCK__%27)%26bidder%3D51%26seg%3D2634060der%3D51%26seg%3D2634060 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WlRBcERBQUFBSG41dGdOMg&url=/1/gr%3furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D2634060der%253D51%2526seg%253D2634060 HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D2634060der%253D51%2526seg%253D2634060&google_gid=CAESEFUvs_m-XkdvsPBG83FNu74&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 116

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fexpires%3D30%26nid%3D2181%26put%3D__EFGSURFER__.__EFGCK__%26v%3D11782 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WlRBcERBQUFBSG41dGdOMg&url=/1/gr%3furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2526v%253D11782 HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2526v%253D11782&google_gid=CAESEFUvs_m-XkdvsPBG83FNu74&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 120

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%3D%26piggybackCookie%3D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WlRBcERBQUFBSG41dGdOMg&url=/1/gr%3furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggybackCookie%253D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggybackCookie%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEFUvs_m-XkdvsPBG83FNu74&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 121

https://cms.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=nF65zphSupuHU77Img-nyZte78eHWLzLnF_5JCWX

Request Chain 124

https://c.bing.com/c.gif?uid=64866008341005129681299456859120744030&Red3=MSAdobe_pd&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=1440AA34BF8E62C73CA4B99ABEA46366

Request Chain 125

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D71%26external_user_id%3D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WlRBcERBQUFBSG41dGdOMg&url=/1/gr%3furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEFUvs_m-XkdvsPBG83FNu74&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 127

https://a.tribalfusion.com/i.match?p=b13&u=64866008341005129681299456859120744030&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$ HTTP 302
https://s.tribalfusion.com/z/i.match?p=b13&u=64866008341005129681299456859120744030&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$ HTTP 302
https://dpm.demdex.net/ibs:dpid=22054

Request Chain 130

https://ml314.com/utsync.ashx?eid=50112&et=0&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D22052%26dpuuid%3D[PersonID] HTTP 302
https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3639310649068093506

Request Chain 131

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=64866008341005129681299456859120744030&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58782/cms?partner_id=ADOBE&_hosted_id=64866008341005129681299456859120744030&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-xG741uxE2pEFpQrGJ6sTkPLbYYezd3rxbh8-~A

Request Chain 132

https://fei.pro-market.net/engine?site=141472;size=1x1;mimetype=img;du=67;csync=64866008341005129681299456859120744030 HTTP 302
https://dpm.demdex.net/ibs:dpid=575&dpuuid=-1137379141783501714

Request Chain 133

https://px.owneriq.net/eucm/p/adpq?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D53196%26dpuuid%3D(OIQ_UUID) HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdpm.demdex.net%2fibs%3adpid%3d53196%26dpuuid%3dQ7509414551903271977&uid=Q7509414551903271977&ref=%2Feucm%2Fp%2Fadpq HTTP 302
https://dpm.demdex.net/ibs:dpid=53196&dpuuid=Q7509414551903271977

Request Chain 134

https://exchange.adstanding.com/partners/aam/sync.php HTTP 302
https://dpm.demdex.net/ibs:dpid=59982&dpuuid=

Request Chain 135

https://cm.everesttech.net/cm/yh HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=ZTApDAAAAHn5tgN2&sigv=1&esig=1~a36aa12c22f76575d0272307b6357a804f884296

Request Chain 136

https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433 HTTP 302
https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433&dcc=t HTTP 302
https://dpm.demdex.net/ibs:dpid=139200&dpuuid=8xzTR3E3QwycjUezgHBWdQ&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=64866008341005129681299456859120744030

141 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
authentication.td.com/uap-ui/
Redirect Chain

https://easyweb.td.com/waw/ezw/webbanking
https://authentication.td.com/uap-ui/index.html?consumer=easyweb&locale=en_CA&goto=https%3A%2F%2Feasyweb.td.com%2Fwaw%2Fezw%2Fwebbanking&level=4
https://authentication.td.com/uap-ui/index.html?consumer=easyweb&locale=en_CA
https://authentication.td.com/uap-ui/?consumer=easyweb&locale=en_CA

2 KB
2 KB

161ms
97ms

Document
text/html

23.205.106.89
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://authentication.td.com/uap-ui/?consumer=easyweb&locale=en_CA

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.205.106.89 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-205-106-89.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

889f1af6a366c47d395090ef9a561a6e22374eda9257fb17ebe04d3a8e91edb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Encoding: gzip
Content-Language: en-CA
Content-Length: 1000
Content-Type: text/html;charset=UTF-8
Date: Wed, 18 Oct 2023 18:50:50 GMT
Expires: Wed, 18 Oct 2023 18:50:50 GMT
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=86400
Vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

Cache-Control: max-age=0, no-cache, no-store
Connection: close
Content-Language: en-CA
Content-Type: text/html;charset=UTF-8
Date: Wed, 18 Oct 2023 18:50:50 GMT
Expires: Wed, 18 Oct 2023 18:50:50 GMT
Location: https://authentication.td.com/uap-ui/?consumer=easyweb&locale=en_CA
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=86400
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK td_common_153.js Show response
authentication.td.com/waw/idp/js/ 302 KB
173 KB 132ms
131ms Script
application/javascript 23.205.106.89
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://authentication.td.com/waw/idp/js/td_common_153.js

Requested by

Host: authentication.td.com
URL: https://authentication.td.com/uap-ui/?consumer=easyweb&locale=en_CA

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.205.106.89 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-205-106-89.deploy.static.akamaitechnologies.com

Software

Resource Hash

ac1b49fbc07bc213a11a155a4291f333ea63cf313a48c31db0b73bc612ba08e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://authentication.td.com/uap-ui/?consumer=easyweb&locale=en_CA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Oct 2023 18:50:51 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=86400
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
X-Ion-Hop: 1
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive, Transfer-Encoding
Expires: Wed, 18 Oct 2023 18:50:51 GMT

GET
H/1.1 200
OK styles.de6c1fb9bd284112ed21.css
authentication.td.com/uap-ui/ 312 KB
49 KB 169ms
104ms Stylesheet
text/css 23.205.106.89
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://authentication.td.com/uap-ui/styles.de6c1fb9bd284112ed21.css

Requested by

Host: authentication.td.com
URL: https://authentication.td.com/uap-ui/?consumer=easyweb&locale=en_CA

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.205.106.89 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-205-106-89.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0e3e1391e6b001a1c6e90172499a7f04c875c36810be81a7954bc229ce3994ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://authentication.td.com/uap-ui/?consumer=easyweb&locale=en_CA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 18:50:51 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=86400
Last-Modified: Fri, 06 Oct 2023 19:31:58 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=32243
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 49775
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK runtime-es2015.e748bfeb478370a35d92.js Show response
authentication.td.com/uap-ui/ 1 KB
1 KB 119ms
54ms Script
application/javascript 23.205.106.89
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://authentication.td.com/uap-ui/runtime-es2015.e748bfeb478370a35d92.js

Requested by

Host: authentication.td.com
URL: https://authentication.td.com/uap-ui/?consumer=easyweb&locale=en_CA

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.205.106.89 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-205-106-89.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

6c5acbb82a46a4971660f65131241dffcc28828f4dbd76b8ec7bab0b468250f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://authentication.td.com/uap-ui/?consumer=easyweb&locale=en_CA
Origin: https://authentication.td.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 18:50:51 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=86400
Last-Modified: Thu, 05 Oct 2023 04:54:30 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=24964
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 719
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK polyfills-es2015.965da94d3645816204ff.js Show response
authentication.td.com/uap-ui/ 162 KB
55 KB 113ms
46ms Script
application/javascript 23.205.106.89
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://authentication.td.com/uap-ui/polyfills-es2015.965da94d3645816204ff.js

Requested by

Host: authentication.td.com
URL: https://authentication.td.com/uap-ui/?consumer=easyweb&locale=en_CA

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.205.106.89 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-205-106-89.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

8263dca9319e99b14190a28a9e19654949ae5fc7805a9ff211a8e2b0e8fcd45b

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://authentication.td.com/uap-ui/?consumer=easyweb&locale=en_CA
Origin: https://authentication.td.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 18:50:51 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=86400
Last-Modified: Wed, 04 Oct 2023 02:16:23 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=32790
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 55542
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK scripts.13cd3f9c93f86b02bd4f.js Show response
authentication.td.com/uap-ui/ 214 KB
68 KB 43ms
42ms Script
application/javascript 23.205.106.89
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://authentication.td.com/uap-ui/scripts.13cd3f9c93f86b02bd4f.js

Requested by

Host: authentication.td.com
URL: https://authentication.td.com/uap-ui/?consumer=easyweb&locale=en_CA

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.205.106.89 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-205-106-89.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e409d5c97689db8631775a5d9d7156e7d41abb34ff20b8aa3512e08f66054c3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://authentication.td.com/uap-ui/?consumer=easyweb&locale=en_CA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 18:50:51 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=86400
Last-Modified: Wed, 04 Oct 2023 10:51:15 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=32838
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 69288
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK main-es2015.4fcfeb3aefde5b989f61.js Show response
authentication.td.com/uap-ui/ 2 MB
427 KB 114ms
46ms Script
application/javascript 23.205.106.89
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://authentication.td.com/uap-ui/main-es2015.4fcfeb3aefde5b989f61.js

Requested by

Host: authentication.td.com
URL: https://authentication.td.com/uap-ui/?consumer=easyweb&locale=en_CA

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.205.106.89 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-205-106-89.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

f706cbdcf3c225f1a1fc2f3430c8842ccf694db18ce85c92edacb4fc0684f6c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://authentication.td.com/uap-ui/?consumer=easyweb&locale=en_CA
Origin: https://authentication.td.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 18:50:51 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=86400
Last-Modified: Tue, 03 Oct 2023 21:31:37 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=21719
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 436738
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK weblysleekuisl-webfont.66604a205b26ae0393b2.woff2
authentication.td.com/uap-ui/ 21 KB
21 KB 93ms
93ms Font
application/font-woff2 23.205.106.89
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://authentication.td.com/uap-ui/weblysleekuisl-webfont.66604a205b26ae0393b2.woff2

Requested by

Host: authentication.td.com
URL: https://authentication.td.com/uap-ui/styles.de6c1fb9bd284112ed21.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.205.106.89 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-205-106-89.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

8adf7be5e4b8e09896eb13e9eaa409a3bcf7d35a096c858127816cd520d8b13f

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://authentication.td.com/uap-ui/styles.de6c1fb9bd284112ed21.css
Origin: https://authentication.td.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Oct 2023 18:50:51 GMT
Strict-Transport-Security: max-age=86400
X-Content-Type-Options: nosniff
Last-Modified: Wed, 18 Oct 2023 09:44:25 GMT
Server: Apache
Content-Type: application/font-woff2
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21472
X-XSS-Protection: 1; mode=block
Expires: Wed, 18 Oct 2023 18:50:51 GMT

GET
H/1.1 200
OK i18n-en-ca.json Show response
authentication.td.com/uap-ui/translations/cacheable/easyweb/ 124 KB
29 KB 234ms
234ms XHR
application/json 23.205.106.89
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://authentication.td.com/uap-ui/translations/cacheable/easyweb/i18n-en-ca.json

Requested by

Host: authentication.td.com
URL: https://authentication.td.com/waw/idp/js/td_common_153.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.205.106.89 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-205-106-89.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c226c588db26cba9f39ec78e1d536231426c5cc938671c54c9f7bb64ccf67991

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

domainName: easyweb
Accept: application/json, text/plain, */*
Referer: https://authentication.td.com/uap-ui/?consumer=easyweb&locale=en_CA
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 18 Oct 2023 18:50:51 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=86400
Server: Apache
ETag: "01a19f96653a9242224a2204cc6de001f"
Vary: Accept-Encoding
Content-Type: application/json;charset=UTF-8
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 29171
X-XSS-Protection: 1; mode=block
Expires: Wed, 18 Oct 2023 18:50:51 GMT

GET
H/1.1 200
OK transfer-configuration Show response
authentication.td.com/uap-ui/ 569 B
1006 B 94ms
94ms XHR
application/json 23.205.106.89
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://authentication.td.com/uap-ui/transfer-configuration

Requested by

Host: authentication.td.com
URL: https://authentication.td.com/waw/idp/js/td_common_153.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.205.106.89 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-205-106-89.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c397ee0241d56c708684246428160ede8a16276eb3c85ee8c90518168b42de64

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

domainName: easyweb
Accept: application/json, text/plain, */*
Referer: https://authentication.td.com/uap-ui/?consumer=easyweb&locale=en_CA
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 18 Oct 2023 18:50:51 GMT
Strict-Transport-Security: max-age=86400
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: application/json
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 569
X-XSS-Protection: 1; mode=block
Expires: Wed, 18 Oct 2023 18:50:51 GMT

GET
H/1.1 200
OK generic-config Show response
authentication.td.com/waw/idp/authn/v1/ 896 B
968 B 66ms
66ms XHR
application/json 23.205.106.89
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://authentication.td.com/waw/idp/authn/v1/generic-config

Requested by

Host: authentication.td.com
URL: https://authentication.td.com/waw/idp/js/td_common_153.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.205.106.89 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-205-106-89.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c6be5de48e29c88eecdf1ceeb1e79af23f88462c7e3df7fff59119dd27a60d29

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

domainName: easyweb
Accept: application/json, text/plain, */*
Referer: https://authentication.td.com/uap-ui/?consumer=easyweb&locale=en_CA
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 18 Oct 2023 18:50:51 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=86400
Server: Apache
Vary: Accept-Encoding
Content-Type: application/json
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 469
X-XSS-Protection: 1; mode=block
Clone-ID: BB2
Expires: Wed, 18 Oct 2023 18:50:51 GMT

GET
H/1.1 200
OK oidc-config Show response
authentication.td.com/waw/idp/authn/v1/ 2 B
579 B 156ms
156ms XHR
application/json 23.205.106.89
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://authentication.td.com/waw/idp/authn/v1/oidc-config

Requested by

Host: authentication.td.com
URL: https://authentication.td.com/waw/idp/js/td_common_153.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.205.106.89 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-205-106-89.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

domainName: easyweb
Accept: application/json, text/plain, */*
Referer: https://authentication.td.com/uap-ui/?consumer=easyweb&locale=en_CA
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 18 Oct 2023 18:50:51 GMT
Strict-Transport-Security: max-age=86400
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: application/json
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 2
X-XSS-Protection: 1; mode=block
Clone-ID: BB2
Expires: Wed, 18 Oct 2023 18:50:51 GMT

GET
H/1.1 200
OK remember-me Show response
authentication.td.com/waw/idp/authn/v1/ 27 B
478 B 129ms
129ms XHR
application/json 23.205.106.89
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://authentication.td.com/waw/idp/authn/v1/remember-me

Requested by

Host: authentication.td.com
URL: https://authentication.td.com/waw/idp/js/td_common_153.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.205.106.89 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-205-106-89.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

d49999a1317ad5863acc07dde1aa5f1282440ee94aa27a926dd740fa2ae58758

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

domainName: easyweb
Accept: application/json, text/plain, */*
Referer: https://authentication.td.com/uap-ui/?consumer=easyweb&locale=en_CA
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 18 Oct 2023 18:50:51 GMT
Strict-Transport-Security: max-age=86400
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: application/json
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 27
X-XSS-Protection: 1; mode=block
Clone-ID: BB2
Expires: Wed, 18 Oct 2023 18:50:51 GMT

OPTIONS
H2 200 getEmsContent
www.wcmcaas.td.com/api/ca/em-msg//en/EW_UAP/1/ Frame 0
0 178ms
90ms Preflight
text/html 23.205.106.82
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wcmcaas.td.com/api/ca/em-msg//en/EW_UAP/1/getEmsContent

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.106.82 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-205-106-82.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,domainname
Access-Control-Request-Method: GET
Origin: https://authentication.td.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-headers: accept-language, content-type, domainname
access-control-allow-origin: *
cache-control: max-age=600
content-length: 489
content-type: text/html; charset=iso-8859-1
date: Wed, 18 Oct 2023 18:50:51 GMT
server: Apache
strict-transport-security: max-age=86400
x-dispatcher: dispatcher2canadacentral
x-vhost: caas-publish

GET
H/1.1 200
OK ast.js Show response
acdn.adnxs.com/ast/ 102 KB
35 KB 57ms
18ms Script
application/javascript 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ast/ast.js
Requested by: Host: authentication.td.com
URL: https://authentication.td.com/uap-ui/main-es2015.4fcfeb3aefde5b989f61.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 2462fd4e9d1d45842a17f6d320799cc84e6fcba03515c4a8eae9abc2bb93f219

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://authentication.td.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Expires: Wed, 20 Sep 2023 14:13:27 GMT
Date: Wed, 18 Oct 2023 18:50:51 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 16588
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 35056
X-Served-By: cache-lga21942-LGA, cache-yyz4582-YYZ
Last-Modified: Tue, 19 Sep 2023 14:11:16 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Timer: S1697655052.502946,VS0,VE0
ETag: W/"6509ac04-19874"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Accept-Ranges: bytes
X-Cache-Hits: 17967, 4013

GET
H2 200 Bootstrap.js Show response
nexus.ensighten.com/tdb/uap-prod/ 450 KB
97 KB 397ms
41ms Script
application/javascript 3.162.103.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/tdb/uap-prod/Bootstrap.js
Requested by: Host: authentication.td.com
URL: https://authentication.td.com/uap-ui/main-es2015.4fcfeb3aefde5b989f61.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.103.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-103-116.iad61.r.cloudfront.net
Software: CloudFront /
Resource Hash: 2a2d9a0b4d3771cc1e990ad2ae20b41922608f382d4a5c21703dee7739b42007

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://authentication.td.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 16:01:16 GMT
x-amz-version-id: px5UsMgYAkFbo3bVrpE35JXS0mUfLl8J
content-encoding: br
via: 1.1 9bba1485ff47cf63bc393925f38d12fc.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD61-P1
age: 1910976
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 26 Sep 2023 16:00:37 GMT
server: CloudFront
etag: W/"338cda10513253f66d171f503470cf83"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=300
x-amz-cf-id: tn0xJWfI0LubPoWTHyH4HldvMXWcP-BHIw74czAowX8uoMX-Mfnm1g==

GET
H2 200 dfb31537.js Show response
bcdn.td.com/scripts/dfb31537/ 438 KB
100 KB 436ms
49ms Script
application/javascript 99.84.191.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcdn.td.com/scripts/dfb31537/dfb31537.js
Requested by: Host: authentication.td.com
URL: https://authentication.td.com/uap-ui/main-es2015.4fcfeb3aefde5b989f61.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.191.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-191-50.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 370ae50d75ba8ae403a867926831e9dba2cd6f078e2d1424e13f7c778cd40a0c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://authentication.td.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 c37f72766931ae9c3f146ffa54018d1c.cloudfront.net (CloudFront)
date: Wed, 18 Oct 2023 05:58:28 GMT
last-modified: Thu, 05 Sep 2019 12:10:44 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C2
age: 46386
etag: "7012843ee1c67ec33ff7864d165ea40b"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 102227
x-amz-cf-id: 9BzV5kHbmJyPsk0vAIARWP4YYjR6TmDJdB4Idb_xdeHAKJlmwC43qw==

GET
H/1.1 200
OK getting_started_uap.tpl.html Show response
authentication.td.com/uap-ui/fragments/cacheable/easyweb/ 9 KB
2 KB 129ms
129ms XHR
text/html 23.205.106.89
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://authentication.td.com/uap-ui/fragments/cacheable/easyweb/getting_started_uap.tpl.html

Requested by

Host: authentication.td.com
URL: https://authentication.td.com/waw/idp/js/td_common_153.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.205.106.89 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-205-106-89.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

b003829e27c2fae081e1568a2cf86d0d65e6f2549c13ffd3ec394589e1bbfe69

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

domainName: easyweb
Accept: application/json, text/plain, */*
Referer: https://authentication.td.com/uap-ui/?consumer=easyweb&locale=en_CA
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Oct 2023 18:50:51 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=86400
Server: Apache
ETag: "077732f6e10257169cac58fe989de1d15"
Vary: Accept-Encoding
Content-Type: text/html;charset=ISO-8859-1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 1488
X-XSS-Protection: 1; mode=block
Expires: Wed, 18 Oct 2023 18:50:51 GMT

GET
H/1.1 200
OK legal_uap.tpl.html Show response
authentication.td.com/uap-ui/fragments/cacheable/easyweb/ 2 KB
901 B 87ms
78ms XHR
text/html 23.205.106.89
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://authentication.td.com/uap-ui/fragments/cacheable/easyweb/legal_uap.tpl.html

Requested by

Host: authentication.td.com
URL: https://authentication.td.com/waw/idp/js/td_common_153.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.205.106.89 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-205-106-89.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

a73ab71c9ffb7850a1b0e8f74ff8e1d911a6d52bfe4716da164667a8e2ba205d

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

domainName: easyweb
Accept: application/json, text/plain, */*
Referer: https://authentication.td.com/uap-ui/?consumer=easyweb&locale=en_CA
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Oct 2023 18:50:51 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=86400
Server: Apache
ETag: "05cd89d4c27ef01e0331a1fcde224d784"
Vary: Accept-Encoding
Content-Type: text/html;charset=ISO-8859-1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 362
X-XSS-Protection: 1; mode=block
Expires: Wed, 18 Oct 2023 18:50:51 GMT

GET
H2 200 getEmsContent Show response
www.wcmcaas.td.com/api/ca/em-msg//en/EW_UAP/1/ 21 B
393 B 41ms
41ms XHR
application/json 23.205.106.82
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wcmcaas.td.com/api/ca/em-msg//en/EW_UAP/1/getEmsContent

Requested by

Host: authentication.td.com
URL: https://authentication.td.com/waw/idp/js/td_common_153.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.106.82 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-205-106-82.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

2f756735cc9373185086bec53761d4b488c2370a96fc3bec1b63acc4fb3c0d87

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

domainName: easyweb
Accept: application/json, text/plain, */*
Referer: https://authentication.td.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

x-dispatcher: dispatcher1canadacentral
date: Wed, 18 Oct 2023 18:50:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=86400
x-vhost: caas-publish
content-length: 41
x-xss-protection: 1; mode=block
last-modified: Wed, 18 Oct 2023 04:54:19 GMT
server: Apache
etag: "15-607f66ea3be2b"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=226
accept-ranges: bytes
access-control-allow-headers: accept-language, content-type, domainname

GET
H/1.1 200
OK footer_seat.png
authentication.td.com/uap-ui/assets/img/ 154 KB
154 KB 97ms
54ms Image
image/png 23.205.106.89
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://authentication.td.com/uap-ui/assets/img/footer_seat.png

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.205.106.89 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-205-106-89.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

2e3f935ac779b7440c7ce9981857ed58156acf3c0c4e65bac733b31210f6fb97

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://authentication.td.com/uap-ui/?consumer=easyweb&locale=en_CA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Oct 2023 18:50:51 GMT
Strict-Transport-Security: max-age=86400
X-Content-Type-Options: nosniff
Last-Modified: Fri, 06 Oct 2023 00:28:35 GMT
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 157576
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK icons.4a4e4163bc508eee5cec.woff2
authentication.td.com/uap-ui/ 48 KB
48 KB 134ms
99ms Font
application/font-woff2 23.205.106.89
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://authentication.td.com/uap-ui/icons.4a4e4163bc508eee5cec.woff2?7x0g4p

Requested by

Host: authentication.td.com
URL: https://authentication.td.com/uap-ui/styles.de6c1fb9bd284112ed21.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.205.106.89 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-205-106-89.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

90400b04843bd9ff25ca2b1864b794caf7f50dfd1171707339ab9c0cf63c78c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://authentication.td.com/uap-ui/styles.de6c1fb9bd284112ed21.css
Origin: https://authentication.td.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Oct 2023 18:50:51 GMT
Strict-Transport-Security: max-age=86400
X-Content-Type-Options: nosniff
Last-Modified: Wed, 18 Oct 2023 09:44:25 GMT
Server: Apache
Content-Type: application/font-woff2
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 48892
X-XSS-Protection: 1; mode=block
Expires: Wed, 18 Oct 2023 18:50:51 GMT

GET
H/1.1 200
OK weblysleekuil-webfont.6755d12c56285cf53676.woff2
authentication.td.com/uap-ui/ 18 KB
19 KB 123ms
88ms Font
application/font-woff2 23.205.106.89
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://authentication.td.com/uap-ui/weblysleekuil-webfont.6755d12c56285cf53676.woff2

Requested by

Host: authentication.td.com
URL: https://authentication.td.com/uap-ui/styles.de6c1fb9bd284112ed21.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.205.106.89 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-205-106-89.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

7f8f92a1913474ebb54f27bb9a908eb8006c76665ed14ed7ebea958b661b4b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://authentication.td.com/uap-ui/styles.de6c1fb9bd284112ed21.css
Origin: https://authentication.td.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Oct 2023 18:50:51 GMT
Strict-Transport-Security: max-age=86400
X-Content-Type-Options: nosniff
Last-Modified: Wed, 18 Oct 2023 09:44:25 GMT
Server: Apache
Content-Type: application/font-woff2
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18916
X-XSS-Protection: 1; mode=block
Expires: Wed, 18 Oct 2023 18:50:51 GMT

GET
H/1.1 200
OK country_ca.png
authentication.td.com/uap-ui/assets/img/ 228 B
616 B 79ms
40ms Image
image/png 23.205.106.89
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://authentication.td.com/uap-ui/assets/img/country_ca.png

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.205.106.89 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-205-106-89.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0373017fc21c582e0897f8f97d648ccc9fbd188a315b74940a86cbfdb4f361fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://authentication.td.com/uap-ui/?consumer=easyweb&locale=en_CA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Oct 2023 18:50:51 GMT
Strict-Transport-Security: max-age=86400
X-Content-Type-Options: nosniff
Last-Modified: Wed, 18 Oct 2023 14:20:13 GMT
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 228
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK country_us.png
authentication.td.com/uap-ui/assets/img/ 156 B
544 B 50ms
50ms Image
image/png 23.205.106.89
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://authentication.td.com/uap-ui/assets/img/country_us.png

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.205.106.89 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-205-106-89.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

d6b16b0f2068f7256c58f598770ae2ab34dfa4a4add0316fdd5057b1953a408c

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://authentication.td.com/uap-ui/?consumer=easyweb&locale=en_CA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Oct 2023 18:50:51 GMT
Strict-Transport-Security: max-age=86400
X-Content-Type-Options: nosniff
Last-Modified: Tue, 10 Oct 2023 17:02:20 GMT
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 156
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK td-logo.png
authentication.td.com/uap-ui/assets/img/ 3 KB
3 KB 96ms
38ms Image
image/png 23.205.106.89
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://authentication.td.com/uap-ui/assets/img/td-logo.png

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.205.106.89 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-205-106-89.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e9682e19c129f7675bf49c78b22a6fb88b0d7fe6442cb6f3e2b555b5e94bb3ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://authentication.td.com/uap-ui/?consumer=easyweb&locale=en_CA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Oct 2023 18:50:51 GMT
Strict-Transport-Security: max-age=86400
X-Content-Type-Options: nosniff
Last-Modified: Tue, 03 Oct 2023 01:22:11 GMT
Server: Apache
Content-Type: image/png
X-Cnection: close
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3175
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK showPassword.svg
authentication.td.com/uap-ui/assets/img/ 1 KB
1 KB 265ms
186ms Image
image/svg+xml 23.205.106.89
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://authentication.td.com/uap-ui/assets/img/showPassword.svg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.205.106.89 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-205-106-89.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

508400ff2ebc9f130357060828e64c32f9624fda3aad29452eb7c99d172b614a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://authentication.td.com/uap-ui/?consumer=easyweb&locale=en_CA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Oct 2023 18:50:51 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=86400
Last-Modified: Wed, 18 Oct 2023 09:44:25 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 679
X-XSS-Protection: 1; mode=block
Expires: Wed, 18 Oct 2023 18:50:51 GMT

GET
H/1.1 200
OK tmx-config Show response
authentication.td.com/waw/idp/authn/v1/ 188 B
640 B 96ms
94ms XHR
application/json 23.205.106.89
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://authentication.td.com/waw/idp/authn/v1/tmx-config

Requested by

Host: authentication.td.com
URL: https://authentication.td.com/waw/idp/js/td_common_153.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.205.106.89 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-205-106-89.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

f15f7f5a4a785a47d30ca214b48a92cfcdf48c358e7fa0c497210325be80fac0

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

domainName: easyweb
Accept: application/json, text/plain, */*
Referer: https://authentication.td.com/uap-ui/?consumer=easyweb&locale=en_CA
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 18 Oct 2023 18:50:51 GMT
Strict-Transport-Security: max-age=86400
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: application/json
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 188
X-XSS-Protection: 1; mode=block
Clone-ID: BB2
Expires: Wed, 18 Oct 2023 18:50:51 GMT

POST
H2 200 v3 Show response
ib.adnxs.com/ut/ 166 B
985 B 125ms
53ms XHR
application/json 68.67.160.114
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3

Requested by

Host: authentication.td.com
URL: https://authentication.td.com/waw/idp/js/td_common_153.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.114 Fairfield, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

8417f8caa9ff0ecac62cfacf56ca432546c2cd3e004cef3e1f65f3e201cb5a93

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://authentication.td.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 18:50:51 GMT
an-x-request-uuid: 4c717f97-9285-4cc5-9f6f-477d50ecb87f
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://authentication.td.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 86.48.14.155; 86.48.14.155; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 166
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK TDGraphik-Light-Web.ac32324d8d2bb0cdec57.woff2
authentication.td.com/uap-ui/ 37 KB
37 KB 117ms
117ms Font
application/font-woff2 23.205.106.89
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://authentication.td.com/uap-ui/TDGraphik-Light-Web.ac32324d8d2bb0cdec57.woff2

Requested by

Host: authentication.td.com
URL: https://authentication.td.com/uap-ui/styles.de6c1fb9bd284112ed21.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.205.106.89 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-205-106-89.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

43ad095f34da8d8d17e1aa49feec927460e0f3cd1d58448164d2f65c19477f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://authentication.td.com/uap-ui/styles.de6c1fb9bd284112ed21.css
Origin: https://authentication.td.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Oct 2023 18:50:51 GMT
Strict-Transport-Security: max-age=86400
X-Content-Type-Options: nosniff
Last-Modified: Wed, 18 Oct 2023 09:44:25 GMT
Server: Apache
Content-Type: application/font-woff2
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 37564
X-XSS-Protection: 1; mode=block
Expires: Wed, 18 Oct 2023 18:50:51 GMT

GET
H/1.1 200
OK xvo4f3otxpssf2v0.js Show response
tmx.td.com/ 95 KB
14 KB 260ms
85ms Script
text/javascript 192.225.158.132
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://tmx.td.com/xvo4f3otxpssf2v0.js?a0g5xwv0uoeetc8w=i8n5h0pw&p5a4249bbaswlslz=86818055-74b2-4a56-92dd-57f02ce3c559

Requested by

Host: authentication.td.com
URL: https://authentication.td.com/uap-ui/scripts.13cd3f9c93f86b02bd4f.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.158.132 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

88e583f9872191a9b331874a56f9ec0bf5d3ebfd451dc50e66b9d722eb6538b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://authentication.td.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 18:50:51 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: CP=IVAa PSAa
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=2, max=100
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
DATA 200
OK truncated
/ 89 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK 5a8ec9c2-e2f3-4741-a9db-dfc4b1e053bf
https://authentication.td.com/ 2 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://authentication.td.com/5a8ec9c2-e2f3-4741-a9db-dfc4b1e053bf
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1eec5d0bc72fba33ce753f6009a277e07041fb92d221ae5839bbc5e8fff1d0bb

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Length: 2479
Content-Type: text/javascript

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=A783776A5245B1E50A490D44%40AdobeOrg&d_nsid=0&ts=1697655052006
https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=A783776A5245B1E50A490D44%40AdobeOrg&d_nsid=0&ts=1697655052006

5 KB
2 KB

41ms
41ms

XHR
application/json

52.1.190.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=A783776A5245B1E50A490D44%40AdobeOrg&d_nsid=0&ts=1697655052006

Protocol

HTTP/1.1

Server

52.1.190.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-190-243.compute-1.amazonaws.com

Software

Resource Hash

2f91556c9c3dc00e2fe74f096c80b926145f3448e9f5c580a362fe055c862df6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://authentication.td.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

DCS: dcs-prod-va6-1-v051-0e16aa26e.edge-va6.demdex.com 4 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: y0PMPs2tRf8=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://authentication.td.com
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1550
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-va6-2-v051-0adb51928.edge-va6.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 96Im7CdJSaA=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://authentication.td.com
Location: https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=A783776A5245B1E50A490D44%40AdobeOrg&d_nsid=0&ts=1697655052006
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 178 KB
65 KB 118ms
46ms Script
application/javascript 172.253.63.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6835781

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tdb/uap-prod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

b5e69e1c4a7e365ab5e64866584897927d7246898440e6a942fdf1da98739da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://authentication.td.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 18:50:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66658
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 18 Oct 2023 18:50:52 GMT

GET
H2 204 e.gif
nexus.ensighten.com/error/ 0
274 B 35ms
34ms Image
text/plain 3.162.103.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nexus.ensighten.com/error/e.gif?msg=Cannot%20read%20properties%20of%20undefined%20(reading%20%27getCookie%27)&lnn=-1&fn=&cid=822&client=tdb&publishPath=uap-prod&rid=-1&did=-1&errorName=TypeError
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.103.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-103-116.iad61.r.cloudfront.net
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://authentication.td.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 06:45:09 GMT
via: 1.1 9bba1485ff47cf63bc393925f38d12fc.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: IAD61-P1
age: 43543
x-cache: Hit from cloudfront
cache-control: no-cache, no-store
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: OMnHlg_jZp-AKslkKi1iirp639TeHNyX3pHJ3bEDWecUNQtZVcKKpA==

GET
H2 204 r.rnc
data.privacy.ensighten.com/privacy/v1/b/ 0
107 B 117ms
35ms Image
text/plain 3.232.15.196
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=0&c=822&i=6t2dfu&p=uap-prod&s=330&d=8BV7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjQUAPAhY2xpZW50SWQiOjgyMiwicHVibGlzaFBhdGgiOiJ1YXAtcHJvZCIsImluc3RhbmNlKgDxUiI2dDJkZnUiLCJwYWNrZXQiOjAsIm1vZGUiOiJlbmZvcmNlIiwiY29va2llcyI6e30sImVudmlyb25tZW50IjoiVERDVC1FTiIsInJlcXVlc3RzIjpbeyJkZXN0aW5hdGm2AGAiLCJ0eXBUAPAPYmlsbGluZyIsInN0YXJ0IjoxNjk3NjU1MDUyMDI0XQCgZCI6LTEsInNvdXwAIjoiKwBBdHVzIgwA9AhyZWFzb25zIjpbXSwiZGF0YVBhdHRlchIAQmxpc3QcACJpZF0AwDY1NTA1MjAyNH1dfQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.232.15.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-232-15-196.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://authentication.td.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 18:50:52 GMT
cache-control: no-cache, no-store
server: nginx
expires: Wed, 18 Oct 2023 18:50:51 GMT

GET
H2 204 e.gif
nexus.ensighten.com/error/ 0
274 B 35ms
34ms Image
text/plain 3.162.103.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nexus.ensighten.com/error/e.gif?msg=gtag%20is%20not%20defined&lnn=-1&fn=&cid=822&client=tdb&publishPath=uap-prod&rid=3908453&did=517891&errorName=ReferenceError
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.103.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-103-116.iad61.r.cloudfront.net
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://authentication.td.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 06:45:09 GMT
via: 1.1 9bba1485ff47cf63bc393925f38d12fc.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: IAD61-P1
age: 43543
x-cache: Hit from cloudfront
cache-control: no-cache, no-store
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: JvJB49199x_Ol2H3T4zOCkxCrbnuegNnD9UGGP3MhBqVa_bllhVnLQ==

GET
H2 204 e.gif
nexus.ensighten.com/error/ 0
273 B 35ms
35ms Image
text/plain 3.162.103.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nexus.ensighten.com/error/e.gif?msg=s%20is%20not%20defined&lnn=-1&fn=&cid=822&client=tdb&publishPath=uap-prod&rid=-1&did=-1&errorName=ReferenceError
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.103.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-103-116.iad61.r.cloudfront.net
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://authentication.td.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 06:45:09 GMT
via: 1.1 9bba1485ff47cf63bc393925f38d12fc.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: IAD61-P1
age: 43543
x-cache: Hit from cloudfront
cache-control: no-cache, no-store
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: ifj7zg5xBqYskmgIPScv4K0teup27OK-smtJlZBzeXt5f5z0tQBqow==

GET
H2 200 serverComponent.php Show response
nexus.ensighten.com/tdb/uap-prod/ 278 B
609 B 44ms
44ms Script
text/javascript 3.162.103.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/tdb/uap-prod/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/tdb/uap-prod/code/&publishedOn=Tue%20Sep%2026%2016:00:35%20GMT%202023&ClientID=822&PageID=https%3A%2F%2Fauthentication.td.com%2Fuap-ui%2F%3Fconsumer%3Deasyweb%26locale%3Den_CA%23%2Fuap%2Flogin
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tdb/uap-prod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.103.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-103-116.iad61.r.cloudfront.net
Software: CloudFront /
Resource Hash: 45e04ac11dbb5d37c94fb67f908a63c5ffbd2a11cdeff767802b344398325b5f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://authentication.td.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 18:50:52 GMT
via: 1.1 9bba1485ff47cf63bc393925f38d12fc.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: IAD61-P1
x-cache: Miss from cloudfront
content-type: text/javascript
cache-control: no-cache, no-store
alt-svc: h3=":443"; ma=86400
content-length: 278
x-amz-cf-id: _n-m2D5eUmEotFW-Agkr41w1xvH7kFZpnn5uyZogHeRxQB7d7-JAow==
expires: Wed, 18 Oct 2023 18:50:51 GMT

GET
BLOB 200
OK 397749a2-b005-4cad-92f2-10fcfec8ba0b
https://authentication.td.com/ 140 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://authentication.td.com/397749a2-b005-4cad-92f2-10fcfec8ba0b
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2bc95592b3df2c22a415a38d394b52e9d97d5ba18c9e5b0f8205ada72fbe1923

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Length: 143803
Content-Type: application/javascript

GET
H/1.1 200
OK RXuELc9lysygvUEQ Show response
tmx.td.com/ Frame 68A7 313 KB
51 KB 93ms
92ms Script
text/javascript 192.225.158.132
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://tmx.td.com/RXuELc9lysygvUEQ?fc26e4b73f223181=SCjHawfRLAO677o38NqORYkG9hV81ppchA-Cejvi9CHMZ_sQ2urWgJJ2SD6iv0IRcVuEKTuOku3lEGpmmEcfUiXNXgnBgu_P8sZbQFLL6pwyT64zJ7kAk-rR45TKaIWYx5yahY3QDNJNEmbzMIhevY-Iaf2bfdiTPp-iMGW81ROdShv4NTfX1ty_9s4MDlgFy15-2SfEH3P35Q7d98JdDiDDZsKn&jb=3d3b2e2662736f753555696c6667777326687b673f576966646d75732730303332266a7b6a77354360726f6d6d246a7160354368726d656d27323039313a

Requested by

Host: tmx.td.com
URL: https://tmx.td.com/xvo4f3otxpssf2v0.js?a0g5xwv0uoeetc8w=i8n5h0pw&p5a4249bbaswlslz=86818055-74b2-4a56-92dd-57f02ce3c559

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.158.132 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

532d3519198622825fac06bc59dabf3941241fe3db330c2fec55b827f09990aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://authentication.td.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 18:50:52 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
tmx-nonce: 60a7b55031296279
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=2, max=99
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK AzbMZhZeExASrkf9
tmx.td.com/ Frame 68A7 81 B
475 B 239ms
79ms Image
image/png 192.225.158.132
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tmx.td.com/AzbMZhZeExASrkf9?42a4395f6cdac2a3=ewaflmywc8DxRFnHySmqmkA2wvFk4NChOgpvQ-oZstVJ2-B1dyU5NjDmbCfziC_HzbHN9T4pf2H61PVrp8NlBMA4Cjuq1LbwWKZaQ7xU0zHMM9S-thzcVYXMdG2A1sWUgsKsqhJAo-_95CaxTewagZu2ZKjUDYQH6aMGrquKv2CtilvXLwA

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.158.132 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://authentication.td.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Oct 2023 18:50:52 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 5XoyBZKDN_H2oKj9
tmx.td.com/ Frame 68A7 81 B
475 B 244ms
82ms Image
image/png 192.225.158.132
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tmx.td.com/5XoyBZKDN_H2oKj9?5bdfe9eb0eb01f7e=gMLiq2NgSc40YD1XTbqVfr8nSZWkgCtVgQHTmxGKBEh9EkTnlGNQXn5xj0wDrtbwFu6eZumG4SBTsovyswBQ9khnZv100SFImw3KvrsAKcFzYgqawVLCRUFZhz4wAhh2WJisYP0FpcsO-JUOgI6gV-F5vqKe6mRxhl-2DIYWpisMg0smZYE

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.158.132 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://authentication.td.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Oct 2023 18:50:52 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 178 KB
65 KB 51ms
50ms Script
application/javascript 172.253.63.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6868519&l=dataLayer&cx=c

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tdb/uap-prod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

ab10514574cbb2ff92eb71016b2c14dee1eb5c34965bb823ced39a94ee2bd7c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://authentication.td.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 18:50:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66621
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 18 Oct 2023 18:50:52 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 127 KB
49 KB 44ms
44ms Script
application/javascript 172.253.63.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-196335417-1&l=dataLayer&cx=c

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tdb/uap-prod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

0eeb87bdba6df7b99990c1b3a9f6cd61f96bb0ba2311494c038c0a47e6591570

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://authentication.td.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 18:50:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49881
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 18 Oct 2023 18:50:52 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 172 KB
63 KB 59ms
59ms Script
application/javascript 172.253.63.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-196335417-7&l=dataLayer&cx=c

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tdb/uap-prod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

2bafd59a69fa70ee382eefa0a5ec69c492d12493e2630f92b524171f0ba9b5bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://authentication.td.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 18:50:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64374
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 18 Oct 2023 18:50:52 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 263 KB
88 KB 68ms
67ms Script
application/javascript 172.253.63.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-31RJ2TXDZY&l=dataLayer&cx=c

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tdb/uap-prod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

398514ed4ea7cd2386d39868ffc498ab4ab318ef43b58650d1608d5dd343475f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://authentication.td.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 18:50:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90199
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 18 Oct 2023 18:50:52 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 247 KB
85 KB 81ms
81ms Script
application/javascript 172.253.63.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-899CC1L385&l=dataLayer&cx=c

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tdb/uap-prod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

3eaeb889294d9e53960e05e2e9d72166c4a1032695356b3cb3a4bcb4fa1a4ad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://authentication.td.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 18:50:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86601
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 18 Oct 2023 18:50:52 GMT

GET
H3 200 9692b889dbf6a7ea59d5212efaa3268c.js Show response
nexus.ensighten.com/tdb/uap-prod/code/ 107 KB
36 KB 35ms
35ms Script
application/javascript 3.162.103.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/tdb/uap-prod/code/9692b889dbf6a7ea59d5212efaa3268c.js?conditionId0=423140
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tdb/uap-prod/Bootstrap.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 3.162.103.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-103-116.iad61.r.cloudfront.net
Software: CloudFront /
Resource Hash: 6e74a861684834fdb30a4b69d4bd38e48e5fcf2ba4abccbd46bd073f0976423e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://authentication.td.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 02 Sep 2023 13:36:14 GMT
x-amz-version-id: a3aBYSgrG9Vskgjz5z7i29J6mXx3P_NU
content-encoding: gzip
via: 1.1 e4938fc434947f57a79af6b9b403df6e.cloudfront.net (CloudFront)
age: 3993279
x-amz-cf-pop: IAD61-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 07 Jul 2023 18:49:45 GMT
server: CloudFront
etag: W/"e37206d2fa72ba867a9e67abe419ac15"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: F9GY4dtuLFQO7Fg0pcgBP4jGFY9ua6j6MURFr7h3Ohp_6-NR087a3w==

GET
H/1.1 200
OK dest5.html Show response
td.demdex.net/ Frame 31FB 7 KB
3 KB 143ms
36ms Document
text/html 52.1.122.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://td.demdex.net/dest5.html?d_nsid=0

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tdb/uap-prod/Bootstrap.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.1.122.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-122-252.compute-1.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://authentication.td.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-va6-1-v051-092df1381.edge-va6.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: om4DFAfkTOQ=
content-encoding: gzip
date: Wed, 18 Oct 2023 18:50:52 GMT
last-modified: Mon, 9 Oct 2023 09:23:27 GMT
vary: accept-encoding

GET
H2 200 id Show response
smetrics.td.com/ 48 B
460 B 226ms
142ms XHR
application/x-javascript 23.205.106.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.td.com/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=A783776A5245B1E50A490D44%40AdobeOrg&mid=65139350862331819461327353824832626796&ts=1697655052314

Requested by

Host: authentication.td.com
URL: https://authentication.td.com/waw/idp/js/td_common_153.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.106.75 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-205-106-75.deploy.static.akamaitechnologies.com

Software

jag /

Resource Hash

ca1257949386803b5327045028d8ccd63a1fb80e7627c8e55b2fa28c8113f3c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://authentication.td.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 18:50:52 GMT
strict-transport-security: max-age=86400
x-content-type-options: nosniff
server: jag
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://authentication.td.com
p3p: CP="This is not a P3P policy"
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 48
x-xss-protection: 1; mode=block
expires: Wed, 18 Oct 2023 18:50:52 GMT

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=ZTApDAAAAHn5tgN2
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=64866008341005129681299456859120744030
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZTApDAAAAHn5tgN2

42 B
940 B

38ms
38ms

Image
image/gif

52.1.190.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZTApDAAAAHn5tgN2

Protocol

HTTP/1.1

Server

52.1.190.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-190-243.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://authentication.td.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

DCS: dcs-prod-va6-1-v051-084efdc85.edge-va6.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: ix+c908FSHo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZTApDAAAAHn5tgN2
Date: Wed, 18 Oct 2023 18:50:52 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 latest.min.js Show response
c.lytics.io/api/tag/4d241117027984f3a7b3954ef3d9e9b9/ 66 KB
22 KB 1106ms
39ms Script
application/javascript 172.67.73.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/tag/4d241117027984f3a7b3954ef3d9e9b9/latest.min.js

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tdb/uap-prod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.73.236 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c75bfb6a92b6ad0b8e55968c517daedeea73042b4a0e959a7d0a787cde0d797

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://authentication.td.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 18:50:53 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 18 Oct 2023 18:13:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2242
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bCmcLuZWY0LXYbRDhWr6OQebuWlJZE0l8QEEfRfFzJxrXO%2Ba7RvyiE3GC0Kti%2BVw5bNUf2Bg5cQkeloBJTW5lAWtk9mX5hajooQT2ELOnp%2FZyPmq%2F4rYtrXH5Rg3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
content-encoding: br
cache-control: max-age=7200
cf-ray: 8182f833fdc0c47a-EWR

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 1123ms
36ms Script
text/javascript 142.251.16.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tdb/uap-prod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f113.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://authentication.td.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 18 Oct 2023 18:26:14 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1479
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 18 Oct 2023 20:26:14 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
248 B 118ms
44ms Ping
text/plain 172.253.122.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-31RJ2TXDZY&gtm=45je3ag0&_p=1536805549&_gaz=1&cid=243945480.1697655052&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&uid=&sid=1697655052&sct=1&seg=0&dl=https%3A%2F%2Fauthentication.td.com%2Fuap-ui%2F%3Fconsumer%3Deasyweb%26locale%3Den_CA&dt=EasyWeb%20Login&en=page_view&_fv=1&_nsi=1&_ss=2&_ee=1&ep.debug_mode=true
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tdb/uap-prod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.253.122.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bh-in-f113.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://authentication.td.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 18:50:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://authentication.td.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
257 B 369ms
44ms Ping
text/plain 142.251.16.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-31RJ2TXDZY&cid=243945480.1697655052&gtm=45je3ag0&aip=1
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tdb/uap-prod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bl-in-f156.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://authentication.td.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 18:50:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://authentication.td.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
107 B 1152ms
54ms Image
image/gif 142.250.31.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-31RJ2TXDZY&cid=243945480.1697655052&gtm=45je3ag0&aip=1&z=1060317908

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.94 Oxford, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://authentication.td.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 18:50:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
45 B 87ms
45ms Ping
text/plain 172.253.122.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-899CC1L385&gtm=45je3ag0&_p=1536805549&_gaz=1&cid=243945480.1697655052&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&uid=&sid=1697655052&sct=1&seg=0&dl=https%3A%2F%2Fauthentication.td.com%2Fuap-ui%2F%3Fconsumer%3Deasyweb%26locale%3Den_CA&dt=EasyWeb%20Login&en=page_view&_fv=1&_ss=1&_ee=1&ep.debug_mode=true
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tdb/uap-prod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.253.122.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bh-in-f113.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://authentication.td.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 18:50:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://authentication.td.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
54 B 337ms
44ms Ping
text/plain 142.251.16.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-899CC1L385&cid=243945480.1697655052&gtm=45je3ag0&aip=1
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tdb/uap-prod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.16.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bl-in-f156.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://authentication.td.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 18:50:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://authentication.td.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
408 B 1112ms
47ms Image
image/gif 142.250.31.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-899CC1L385&cid=243945480.1697655052&gtm=45je3ag0&aip=1&z=1951782052

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.94 Oxford, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://authentication.td.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 18:50:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
45 B 65ms
45ms Ping
text/plain 172.253.122.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-31RJ2TXDZY&gtm=45je3ag0&_p=1536805549&cid=243945480.1697655052&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=2&uid=&dl=https%3A%2F%2F%2Fauthentication.td.com%2Fuap-ui%2Flogin%2F%3Fconsumer%3Deasyweb%26locale%3Den_CA&sid=1697655052&sct=1&seg=1&dt=EasyWeb%20Login&en=page_view&_ee=1&ep.debug_mode=true&ep.event_name=page_view&ep.authentication_status=not-authenticated&ep.client_id_google=GA%20ClientID%20Not%20Ready&ep.user_id_google_1=&ep.user_id_google=&ep.gclid=&ep.dclid=&ep.client_id_google_1=GA%20ClientID%20Not%20Ready&ep.site_language=ca-en&_et=3&up.UserId=&up.user_id_google_1=&up.client_id_google_1=GA%20ClientID%20Not%20Ready
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tdb/uap-prod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.253.122.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bh-in-f113.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://authentication.td.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 18:50:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://authentication.td.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 44ms
44ms Ping
text/plain 172.253.122.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-899CC1L385&gtm=45je3ag0&_p=1536805549&cid=243945480.1697655052&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=2&uid=&dl=https%3A%2F%2F%2Fauthentication.td.com%2Fuap-ui%2Flogin%2F%3Fconsumer%3Deasyweb%26locale%3Den_CA&sid=1697655052&sct=1&seg=1&dt=EasyWeb%20Login&en=page_view&_ee=1&ep.debug_mode=true&ep.event_name=page_view&ep.authentication_status=not-authenticated&ep.client_id_google=GA%20ClientID%20Not%20Ready&ep.user_id_google_1=&ep.user_id_google=&ep.gclid=&ep.dclid=&ep.client_id_google_1=GA%20ClientID%20Not%20Ready&ep.site_language=ca-en&_et=4&up.UserId=&up.user_id_google_1=&up.client_id_google_1=GA%20ClientID%20Not%20Ready
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tdb/uap-prod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.253.122.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bh-in-f113.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://authentication.td.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 18:50:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://authentication.td.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK clear.png Show response
tmx.td.com/fp/ Frame 68A7 81 B
537 B 248ms
83ms XHR
image/png 192.225.158.132
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://tmx.td.com/fp/clear.png

Requested by

Host: tmx.td.com
URL: https://tmx.td.com/RXuELc9lysygvUEQ?fc26e4b73f223181=SCjHawfRLAO677o38NqORYkG9hV81ppchA-Cejvi9CHMZ_sQ2urWgJJ2SD6iv0IRcVuEKTuOku3lEGpmmEcfUiXNXgnBgu_P8sZbQFLL6pwyT64zJ7kAk-rR45TKaIWYx5yahY3QDNJNEmbzMIhevY-Iaf2bfdiTPp-iMGW81ROdShv4NTfX1ty_9s4MDlgFy15-2SfEH3P35Q7d98JdDiDDZsKn&jb=3d3b2e2662736f753555696c6667777326687b673f576966646d75732730303332266a7b6a77354360726f6d6d246a7160354368726d656d27323039313a

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.158.132 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*, i8n5h0pw/60a7b5503129627986818055-74b2-4a56-92dd-57f02ce3c559
Referer: https://authentication.td.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 18:50:52 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Wed, 18 Oct 2023 18:50:52 GMT
Server: Apache
Etag: cb2f7986c8da420ab462d876be8f3376
Content-Type: image/png
Access-Control-Allow-Origin: https://authentication.td.com
Cache-Control: private, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
Expires: Mon, 16 Oct 2028 18:50:52 GMT

GET
H/1.1 204
No Content aTb5wVU3awSHK2qW Show response
tmx.td.com/ Frame 68A7 0
387 B 83ms
82ms Script
text/javascript 192.225.158.132
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.158.132 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://authentication.td.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Oct 2023 18:50:52 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK AiyvCQSHL7ETcVuC Show response
tmx.td.com/ Frame 68A7 134 B
654 B 81ms
80ms Script
text/javascript 192.225.158.132
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://tmx.td.com/AiyvCQSHL7ETcVuC?0c9ad43f8b0d472f=Us7jLHINE6z4KOl-miaOQhAlEC65DeXDt0Vb0HCSvTiwOz9_CE7TR92kEUcdV4_9LQdTwNFUAmyZNSWp16ge_ltKU_6o2-qgwbymFg5hM5l2vQGZlZVJoCS5U9gJmVuircR0Y6YC2TNG7Qjn8Nl8Bjwg3_D8VGt5RQ

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.158.132 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

ae8dd97d122ea91c6559c332285745599586f9ceb955aa735c69e69b29cded14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://authentication.td.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Oct 2023 18:50:52 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK kxSiwvvb3BtGDeQs Show response
h.online-metrix.net/ Frame 3D87 103 KB
15 KB 256ms
85ms Document
text/html 192.225.158.1
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/kxSiwvvb3BtGDeQs?6b5da59c26aed77f=7vkOqBMPWGNDamt7dXrtpw8U8OyenS-YX-R2je0t4sTbBmjSao6ACtseogzZPTxnikXRsRIARI7xRepDYARV5QAlFynxM9nvq1eknwFhBbA-8TrnEFebfIEEHEg7Sn2919GVAxM8SHo31AQK4IjWPbsUbvPHGTwoFMXyzRAyxauky9hL1IuIrCT2edbpVJGwDbJPXRmeWhhycpPD7WpRtMUgZTNDIjS0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.158.1 , United States, ASN30286 (THM, US),

Reverse DNS

a-sac.h.online-metrix.net

Software

Apache /

Resource Hash

49dae03d2548676841076fc616953b2281fb30b7e3d77ded3095fcbbac07eccc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://authentication.td.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Wed, 18 Oct 2023 18:50:52 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK D2gZymgVXpZLHtHu Show response
tmx.td.com/ Frame 5227 90 KB
13 KB 85ms
84ms Document
text/html 192.225.158.132
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://tmx.td.com/D2gZymgVXpZLHtHu?ec5c7e84e6b6721c=WgYeSwW3F970Jn04JbfZt2Ny25Zwtx7H_2lX4O71-ZqI2n38pEJNvZPbzyskMpHfI0EM5TmCWT9R1fY4HZqjNAttybsktMtck9Jj4KxkYSy6rBVCFMuhWUsd-NdEwBAsr4suiG_3dqtzS1e51fXeSpj-AQSRyz1AgwBmsMFX6nWnnW8NivchpcWAcsYNYvJJBreu-Cn304UPKvIkv0l8jtGqq7Nv6HVy

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.158.132 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

73e59ad6b64cc9f9b23f4ac5170a5e328f9826dcb88650cfb3aeccee469f47b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://authentication.td.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Wed, 18 Oct 2023 18:50:52 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=98
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
204 aTb5wVU3awSHK2qW Show response
tmx.td.com/ Frame 68A7 0
218 B 141ms
85ms Script
text/javascript 192.225.158.132
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://tmx.td.com/aTb5wVU3awSHK2qW?d8a39542e2fdf7b1=jQ9Y34ubeI8FSsWEQypr2O5tZ-pieJOqeE_xlMW8h7A67tfakwBKX1Tn607zp0R8vOHHXK7HT-99Fkk1niep-LVXPbnEJIg62vulXn3oVONxUdf2KIbD5C1cGEqlhHOQ2s90CBh7FTbJURcwYBbq5CnVYyF4LGynqftlyoo&ja=393b3f312e26633d2536383224723d3630246e353336303878333030322461643f313638387a393238302673707b3d327a382664707035392e313638302e333232322c33343030243930383024313630382e313032382c3136323824333230382c322e30246f743f6338383a69606b646b3737646c6464643b6d61383433393c3530366a39633561246f6e3f3626736b6c3f3a342e6c683d60767472712d334125304e2d3046617d746a676e766b636376696f6626766c2e6b6f6d253a4475637225756925304e2d314663676e71776d677025314665617b71756d622d32366c6761616e672d3344656c574b432670643d3124706a3f373a6432386969346a636e626531393162353130376165326c3b6064623a643624686a3f3631363031393d3530626b3235316e3a65633a3e39313561693b663565383463246a716d3d556b6e64677f712d32383130266271623f4160726f6d672d3a323131302668716f773f576b6c646f7f7b2462736a753d4360706f6f672e6e68633f3c2e6c646d3538246c6d76723d3224747a6c354365657a6963612d3046546366636f75746d7a246d617c68703f34323233663363326a6d6138326d3663633d3430323a3a616431373d3c3231666c34373a3833363166346561693a366c63313461666a663730313933313934692e66723d6074767273273141273046253a4e637d7460656e74616161766b676e2e7466266b6d6d253a467763702f7769273046253b4e61676e7b756d657a2733466769737977676a2d30366c6763636e65273144676c5f43492d303b253a467561782732446e6767696e247835726c756f696c5d666e63736a2735456e696e7b6529706c756f6b6e5d75616e646f757b576f656461615d726c637b65702735456e696e7b6529706c756f6b6e5d636c6f62655d696b706f62697427374564636c71672170647d65616e577175696b69746b6f6d253545646964716521786c7765696c5d736a6d636b7f69746d253d4566616471652372647567696c577a67616c786c637b657027354764616c7b6d23786c7d67696e57746c615d786c6179677a2d374566696c716721726e75656b6e5f6c6d74696c7e7225354d64616e716d21706c776f616c5f737e675d7469677565702735456e696e7b6529706c756f6b6e5d6869766125374d6e636c736d26656e5f613f776760676c5f6d604f4c2d3230312632253032204f70656c4f442732304d53273030302c3027303043607a6d65697d6d29576d60474e273a30474c51442d3030455b253032312c32253032284f786d6c4f4c2d3230455b2732324544534c2530384d51253238312c32253032436a706f6d617d6f21576d624b697c5565604961742532325f6d60474c494e454e455d6b6e7176616e6b6d6657617a7261797b273340273a30455856576a6e656e6c5f6f6b6e6f6378273142253a3847505457636f6c67705f60776e6665725d60696e665f6e6c6d637427314227303045505c5d6e6c6761745f6a6e656c662d33422530384d5a545f6e7263655f666770766a25334a2d30384550545f73606364677057746578767d7a675f6c6764273142273030475a545f7c6d7a7c757a655f63676f7070677b73696f6c576a7274632d33402732324758565d7465707c777a6557636f6d7870657171616f6e5f706f7c6125334a253032455a565f766778747d7a675766616c74657a5d616c6b7b6f74726d78616125334a253032455a565f715047422d3b402d32384f455357676c676f6d6e745f6b666c67785f7d696c762531402530324f455b57646a6f5772656e6c67725d6f61706d61722d3b402532384f47515f7176616c6661726c57666d726176617461746571273b42253232474d515f746d78767772675d666e6d61742d3b402d32384f45535776657a767d72655f64646763745f64696c676170273340273230474d5157746d7874757a675f6a6364665f666e67697625334a2530324f47515f766778747d7a675768696c665f6e6e6f6376576c696e67697a2733422d32324d45515d76677074657057637a7269795f6f6a686561762d33422530385f474247445f616d6c6d705f607766666d7a5d6e6c676174253b402530325f4542474e576b6d6d707a65717165665d74677a74757a6d5d69737c6325334a273232554d42474c5d6b676f70726d737167645d76657a7675726d57677c632d3342253a325747404f4c5f636d65787065737b65665d74677a747770655f6d7c6139253b4225323855454045445f636f6f787a6773736d645d76657a767570675f733b7c612d334a2532305f4742454e57636f6d727a6d7173656c5f766778767772675d73337c6b5d7b726f6225334a273232554d42474c5d6c6d6075675772676c64677065705d696e6e67273b422d3230574d40474e5d6c6570746a577c6778747d72672733402732325545424f445d6c7269775f627d646667707b253342273a385545424f4c5d6e6f71675f616d6e746d70762d334a2532305f4742454e576d756c7661576672617f313424676e5d683f3166663d6c646e343f3430646c613432356d36326267386d3534643a3537363633323466363235312e756f6c7e3d496e7c676c273038496e632c2e7f656c7235496c76656e2732324b72697b2d30384f78656e4744273232476667696e672e6b61643d392666643d353036313b32343f3c643a393a6539626e6037323a3e633432323a3c603236396163643066313364&jb=39373c2664713d4d6778696e6e6925324637263827323020576b6c646d75732730304e5c2d303831382e30253b402530325f696e36362d3b40253238783436292730304372706c6d5f676a4b617425324e3733352c3b3625323220434a544d442530412530326c6b6965253a38456d63636f29253a32436a70676d6525304e3933382e382e373b39312c37322732305b69646972612532463d31372c313e

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.158.132 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://authentication.td.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 18:50:52 GMT
Strict-Transport-Security: max-age=31536000
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK 8oOFQcUbZ43bKZfk
i8n5h0pwuxfod7c7y6h3gsba2wtotrai2ukxd7pk60a7b55031296279sac.d.aa.online-metrix.net/ Frame 68A7 81 B
438 B 419ms
81ms Image
image/png 192.225.158.3
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i8n5h0pwuxfod7c7y6h3gsba2wtotrai2ukxd7pk60a7b55031296279sac.d.aa.online-metrix.net/8oOFQcUbZ43bKZfk?5de215dc1f4352b2=fQWpuSSkYcY8SIWADecnhleUPAMZ2_FDPEi3d5vuhqvXUbCRfTlO4p5GSKOoqjELFB7heHumIurKa2bRA911djKpYjUU1zwzhwY-cXHJ3IKk_EUupEXyY3NECCepigFim-hgoMU4FKn6qVVBpuKHlVFyscOWHsXzPGbLW1VU1YhdFgq0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.158.3 , United States, ASN30286 (THM, US),

Reverse DNS

d.aa.online-metrix.net

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://authentication.td.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Oct 2023 18:50:53 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 s01367330727055 Show response
smetrics.td.com/b/ss/tdtdct,tdglobal/10/JS-2.20.0/ 5 KB
2 KB 103ms
101ms Script
application/x-javascript 23.205.106.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.td.com/b/ss/tdtdct,tdglobal/10/JS-2.20.0/s01367330727055?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=18%2F9%2F2023%2011%3A50%3A52%203%20420&d.&nsid=0&jsonv=1&.d&mid=65139350862331819461327353824832626796&aamlh=7&ce=UTF-8&ns=tdbank&pageName=%2Fauthentication.td.com%2Fuap-ui%2Flogin&g=https%3A%2F%2Fauthentication.td.com%2Fuap-ui%2F%3Fconsumer%3Deasyweb%26locale%3Den_CA%23%2Fuap%2Flogin&ch=ca-en&server=authentication.td.com&events=event1&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&v1=D%3DpageName&v3=1&c4=1%3A30PM&v4=1&c5=Wednesday&v5=1&c6=Weekday&c7=ew&c12=not-authenticated&c13=New&v18=D%3Dc4&v19=D%3Dc5&c20=D%3Ds_vi&v20=D%3Dc6&c21=D%3DUser-Agent&v23=ew&v24=D%3Dc7&v32=D%3Dc12&v33=D%3Dc13&v39=D%3Ds_vi&v68=D%3Dc21&c70=tdtdct%2Ctdglobal&c74=https%3A%2F%2Fauthentication.td.com%2Fuap-ui%2F%3Fconsumer%3Deasyweb%26locale%3Den_CA%23%2Fuap%2Flogin&c75=AppMeasurement%20-%202.20.0&v132=easyweb&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=A783776A5245B1E50A490D44%40AdobeOrg&AQE=1

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tdb/uap-prod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.205.106.75 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-205-106-75.deploy.static.akamaitechnologies.com

Software

jag /

Resource Hash

2fb2aa73046aaa29889e60ee7b9c46ee53743e83e204128977534c8d8ff341dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://authentication.td.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-aam-tid: 9pJG/2w2Rro=
date: Wed, 18 Oct 2023 18:50:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=86400
p3p: CP="This is not a P3P policy"
content-length: 1719
x-xss-protection: 1; mode=block
dcs: dcs-prod-va6-2-v051-00d247f51.edge-va6.demdex.com 7 ms
pragma: no-cache
last-modified: Thu, 19 Oct 2023 18:50:52 GMT
server: jag
etag: 3645686466241953792-4617874003332874414
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
expires: Wed, 18 Oct 2023 18:50:52 GMT

GET
BLOB 200
OK 13590dc1-67ce-4cd5-836b-64206a10ecc7
https://authentication.td.com/ Frame 68A7 0
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://authentication.td.com/13590dc1-67ce-4cd5-836b-64206a10ecc7
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Length: 0
Content-Type: application/javascript

GET
BLOB 200
OK 3183f08f-8a47-4943-9f87-a21adac70bef
https://authentication.td.com/ Frame 68A7 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://authentication.td.com/3183f08f-8a47-4943-9f87-a21adac70bef
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48de11a215d9a36b379bce266af1317ade133a5f3fd0fa752c83218b9960184a

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK f0796cf7-c7eb-4a73-bcc3-1f13bbba615a
https://authentication.td.com/ Frame 68A7 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://authentication.td.com/f0796cf7-c7eb-4a73-bcc3-1f13bbba615a
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48de11a215d9a36b379bce266af1317ade133a5f3fd0fa752c83218b9960184a

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK b7572336-2a10-4577-bf16-f2674db1c286
https://authentication.td.com/ Frame 68A7 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://authentication.td.com/b7572336-2a10-4577-bf16-f2674db1c286
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48de11a215d9a36b379bce266af1317ade133a5f3fd0fa752c83218b9960184a

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK efaeb52e-4533-4352-8893-4f5d39a374fc
https://authentication.td.com/ Frame 68A7 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://authentication.td.com/efaeb52e-4533-4352-8893-4f5d39a374fc
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48de11a215d9a36b379bce266af1317ade133a5f3fd0fa752c83218b9960184a

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK 35437da3-6027-4436-8c8e-896b3bcefa4c
https://authentication.td.com/ Frame 68A7 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://authentication.td.com/35437da3-6027-4436-8c8e-896b3bcefa4c
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48de11a215d9a36b379bce266af1317ade133a5f3fd0fa752c83218b9960184a

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK 24b37876-7e7a-4363-b382-e44a86c1ebef
https://authentication.td.com/ Frame 68A7 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://authentication.td.com/24b37876-7e7a-4363-b382-e44a86c1ebef
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48de11a215d9a36b379bce266af1317ade133a5f3fd0fa752c83218b9960184a

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK 2a2fa485-5fc0-43f6-98f1-e42dc07465df
https://authentication.td.com/ Frame 68A7 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://authentication.td.com/2a2fa485-5fc0-43f6-98f1-e42dc07465df
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48de11a215d9a36b379bce266af1317ade133a5f3fd0fa752c83218b9960184a

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK 8eef3ceb-0a3a-4e08-bd39-bcd4c4a53639
https://authentication.td.com/ Frame 68A7 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://authentication.td.com/8eef3ceb-0a3a-4e08-bd39-bcd4c4a53639
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48de11a215d9a36b379bce266af1317ade133a5f3fd0fa752c83218b9960184a

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK 78b18356-c836-4a62-8e23-b127f1c1897f
https://authentication.td.com/ Frame 68A7 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://authentication.td.com/78b18356-c836-4a62-8e23-b127f1c1897f
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48de11a215d9a36b379bce266af1317ade133a5f3fd0fa752c83218b9960184a

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK 7091266b-5d0c-424c-892e-0d638e1b0a90
https://authentication.td.com/ Frame 68A7 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://authentication.td.com/7091266b-5d0c-424c-892e-0d638e1b0a90
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48de11a215d9a36b379bce266af1317ade133a5f3fd0fa752c83218b9960184a

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK 6ac1e4f4-aa36-4211-81d6-780fa7ffd3c6
https://authentication.td.com/ Frame 68A7 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://authentication.td.com/6ac1e4f4-aa36-4211-81d6-780fa7ffd3c6
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48de11a215d9a36b379bce266af1317ade133a5f3fd0fa752c83218b9960184a

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK 87c3e052-e000-4945-93ef-b01ae6f0674d
https://authentication.td.com/ Frame 68A7 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://authentication.td.com/87c3e052-e000-4945-93ef-b01ae6f0674d
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48de11a215d9a36b379bce266af1317ade133a5f3fd0fa752c83218b9960184a

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK e5719dc2-6b36-4b4f-926d-7556aa18c3d3
https://authentication.td.com/ Frame 68A7 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://authentication.td.com/e5719dc2-6b36-4b4f-926d-7556aa18c3d3
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48de11a215d9a36b379bce266af1317ade133a5f3fd0fa752c83218b9960184a

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK 152d8455-0951-4315-b0d3-71db6c6fcad8
https://authentication.td.com/ Frame 68A7 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://authentication.td.com/152d8455-0951-4315-b0d3-71db6c6fcad8
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48de11a215d9a36b379bce266af1317ade133a5f3fd0fa752c83218b9960184a

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK ca3ac9a4-8bb1-40eb-88e5-0be01682dd6d
https://authentication.td.com/ Frame 68A7 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://authentication.td.com/ca3ac9a4-8bb1-40eb-88e5-0be01682dd6d
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48de11a215d9a36b379bce266af1317ade133a5f3fd0fa752c83218b9960184a

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK 859fd857-57d5-47f3-b596-a259e41837fb
https://authentication.td.com/ Frame 68A7 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://authentication.td.com/859fd857-57d5-47f3-b596-a259e41837fb
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48de11a215d9a36b379bce266af1317ade133a5f3fd0fa752c83218b9960184a

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK 94fcf8cf-f7e5-4ca8-a822-e10b1a0f2e8a
https://authentication.td.com/ Frame 68A7 1 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://authentication.td.com/94fcf8cf-f7e5-4ca8-a822-e10b1a0f2e8a
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2582eb48101c14aab5e8fa2a66b48f589da7c8e292e6b97a3b1da444bcbb81c9

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Length: 1357
Content-Type: application/javascript

GET
H/1.1

200
OK

ibs:dpid=21&dpuuid=212560604673011338506
dpm.demdex.net/ Frame 31FB
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9211132908&aam=64866008341005129681299456859120744030
https://dpm.demdex.net/ibs:dpid=21&dpuuid=212560604673011338506

42 B
940 B

37ms
37ms

Image
image/gif

52.1.190.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=21&dpuuid=212560604673011338506

Protocol

HTTP/1.1

Server

52.1.190.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-190-243.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

DCS: dcs-prod-va6-1-v051-0f8955875.edge-va6.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: rqDfixweRdA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Wed, 18 Oct 2023 18:50:52 GMT
via: 1.1 7f7e359e1c06a914d3d305785359b84c.cloudfront.net (CloudFront)
server: AAWebServer
x-amz-cf-pop: IAD89-C1
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://dpm.demdex.net/ibs:dpid=21&dpuuid=212560604673011338506
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
x-amz-cf-id: 7ZUJ7j_ZuU7bYL_dM1nQykdY73I31Ci4b_It82JFWG1-_VrLZvstAw==
expires: 0

GET
H/1.1

200
OK

ibs:dpid=269&dpuuid=1a156530-290d-4800-a5b3-866c757c3888&ddsuuid=64866008341005129681299456859120744030
dpm.demdex.net/ Frame 31FB
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=10004&mt_exuid=64866008341005129681299456859120744030&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D269%26dpuuid%3D[MM_UUID]%26ddsuuid%3d64866008341005...
https://dpm.demdex.net/ibs:dpid=269&dpuuid=1a156530-290d-4800-a5b3-866c757c3888&ddsuuid=64866008341005129681299456859120744030

42 B
940 B

38ms
37ms

Image
image/gif

52.1.190.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=269&dpuuid=1a156530-290d-4800-a5b3-866c757c3888&ddsuuid=64866008341005129681299456859120744030

Protocol

HTTP/1.1

Server

52.1.190.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-190-243.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

DCS: dcs-prod-va6-2-v051-0eb9a6e6c.edge-va6.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: xtgGTL7uS+g=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date: Wed, 18 Oct 2023 18:50:53 GMT
Server: MT3 1075 283b7e3 master ord ord-pixel-x5 config_version:"1969"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://dpm.demdex.net/ibs:dpid=269&dpuuid=1a156530-290d-4800-a5b3-866c757c3888&ddsuuid=64866008341005129681299456859120744030
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 18 Oct 2023 18:50:52 GMT

GET
H/1.1 204
No Content aTb5wVU3awSHK2qW Show response
tmx.td.com/ Frame 68A7 0
387 B 81ms
81ms Script
text/javascript 192.225.158.132
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.158.132 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://authentication.td.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Oct 2023 18:50:53 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=97
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 31FB 0
185 B 104ms
35ms Image
text/plain 31.13.66.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=753587888034357&ev=Adobe-Audience-Manager-Segment&cd[segID]=1830319&noscript=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-iad3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 18 Oct 2023 18:50:53 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 204
204 Jtui5oZFTBwTjeTD
tmx.td.com/ Frame 68A7 0
400 B 107ms
106ms Image
image/png 192.225.158.132
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tmx.td.com/Jtui5oZFTBwTjeTD?1f1816b81b2b4249=DodpeNQOLAQeoD2bzttxfYLhHF6ZxBY29MSvXX1ThDHXGJLQCkKJ0ew923hxM2cWcgWr-UTrYisG1g2Z-0MCZ2m793N2LL5XvV7lp8rEFlLjzSIKpr26To_I5sHZjBXyXsmnRbU5RgCZI4B6j0m3eTJOAuFLupsTTVlO-aHdY2jAymU_nXIj2_FjrbYjBZyezoNBzNWprODiali7d_aQyj8AXasXwdM&jf=3c3330267b69645f7a6c643f766c725f4a444c407661565e494f6d744d356c512473696c576669746d3d313631353637373835332671616c5d747978653f7565603865616673612e7b6b6c5f6365793d3b32353b313831333034383f3061383e343a6165316630303231303e383a3a61303634386b673366323b30313035383b3632303830363635363238636737393d6b3739646d6561613b333637646b63383535696d3138383d37353a64323365343764623d3a3338623b3033363b63393a63696232666739383366386b383b31663b3732333139643c3a643f36313065306e663734643c6532633b383f6666353166373a626167373b3635383931633e3738626366393026716b6c5f736965353b3234363832303330326632326763616b306130353e66613938336332676a34346566316e6639396a383a3533363b66353134613831313f306b3064316d356461323164333130303a6630323a313232386132396036393830696069346b6163313e3264306430343164313f6b3539303a30663130643535343a6165396e323b3869366530393336633639626463376b2e7169667a3d32

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.158.132 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://authentication.td.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Oct 2023 18:50:53 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=97
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 VjwXvpvhmQS2ASuj
h.online-metrix.net/ Frame 3D87 0
400 B 85ms
84ms Image
image/png 192.225.158.1
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.online-metrix.net/VjwXvpvhmQS2ASuj?2f20dbee006549e7=UrT-SP7letnvMBZiN5RiMhtxwI4L5nKD1h-3Y9GLftvZIP-s7fVGKvuyJp4YNp_AmbgJQ8WnWlLQaSlYjTrNT7iv6Swakx0rflpjJgSOUOAY2L4SR97T2Zl3hCmlkGpQi7U0UZpvXWMofIHPADeHVnDIHfaZ0yW-VZkaT_SV7rdPDg37yNdgSX5TNkXWD127eYEuY0Z8mPbtsEXQyTY-k8niAEw0B7c&jf=3c3330267b69645f7a6c643f766c725f585179713058496771354475686f4a692473696c576669746d3d313631353637373835332671616c5d747978653f7565603865616673612e7b6b6c5f6365793d3b32353b313831333034383f3061383e343a6165316630303231303e383a3a61303634386b673366323b30313035383b3632303830366363673530316061636d3d603d3669616465693363313638363061663a3b63313139343b3030643b66336063333a3a366c313d6666366e3a383a333f35373360386b3a30383831323b37376164376162613e6e303d623d3963663d606264303a363064673c6d3238393c343436343567386437356569693039653b3364646b6426716b6c5f736965353b32343638323033303260653b643339393a3331363f33623139313663303b326235306b6e3263316a653432613763313b3a35633b3b376a346c6263626c61303a603a34336163383b3030323a31323263603b39613462616b3e6038306964663730673061316c313533643f696330366e35363a65673666323530643c3f3569373f64613839306461663a63333734312e7169667a3d33

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.158.1 , United States, ASN30286 (THM, US),

Reverse DNS

a-sac.h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://h.online-metrix.net/kxSiwvvb3BtGDeQs?6b5da59c26aed77f=7vkOqBMPWGNDamt7dXrtpw8U8OyenS-YX-R2je0t4sTbBmjSao6ACtseogzZPTxnikXRsRIARI7xRepDYARV5QAlFynxM9nvq1eknwFhBbA-8TrnEFebfIEEHEg7Sn2919GVAxM8SHo31AQK4IjWPbsUbvPHGTwoFMXyzRAyxauky9hL1IuIrCT2edbpVJGwDbJPXRmeWhhycpPD7WpRtMUgZTNDIjS0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Oct 2023 18:50:53 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=358&dpuuid=1783857810292825748
dpm.demdex.net/ Frame 31FB
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
https://dpm.demdex.net/ibs:dpid=358&dpuuid=1783857810292825748

42 B
940 B

40ms
40ms

Image
image/gif

52.1.190.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=358&dpuuid=1783857810292825748

Protocol

HTTP/1.1

Server

52.1.190.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-190-243.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

DCS: dcs-prod-va6-2-v051-0e0a73935.edge-va6.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 7a7JrtqBQ6E=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Wed, 18 Oct 2023 18:50:53 GMT
an-x-request-uuid: 0faec646-4ecf-4542-be29-fe48af8bf86c
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dpm.demdex.net/ibs:dpid=358&dpuuid=1783857810292825748
x-proxy-origin: 86.48.14.155; 86.48.14.155; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 31FB 0
719 B 154ms
40ms Image
text/plain 69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=6404&puid=64866008341005129681299456859120744030&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: d67ad46d58ddbab9fb03c088eabaaff8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 4d241117027984f3a7b3954ef3d9e9b9
c.lytics.io/c/ 35 B
533 B 69ms
69ms Image
image/gif 172.67.73.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/4d241117027984f3a7b3954ef3d9e9b9?_e=pv&_sesstart=1&_tz=-7&_ul=en-US&_sz=1600x1200&event=pv&spaurl=%2Fauthentication.td.com%2Fuap-ui%2Flogin&cif=&lio.performPullAndSend=false&_ts=1697655053488&_nmob=t&_device=desktop&url=authentication.td.com%2Fuap-ui%2F%3Fconsumer%3Deasyweb%26locale%3Den_CA%23%2Fuap%2Flogin&_v=3.0.33&_uid=df218ca4-7002-49d7-9635-50b660642e50&_getid=t

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.73.236 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://authentication.td.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 18:50:53 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 35
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a3S10s7ojAc2kBUs9c9pkA9FKpGdCTrPkRa7Xdpww%2BZwtKyzwY4emz%2FkAhKfNlOAUC9ywXBILLXNpbk5X9s1Nm1f9UJKsorrCx1crb8mIJiHF4jia0fPWTIvRXko"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
cf-ray: 8182f8346e47c47a-EWR
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H/1.1

200
OK

ibs:dpid=540&dpuuid=b1222b6c-b59a-4c3f-841a-312a48c6e89b
dpm.demdex.net/ Frame 31FB
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D540%26dpuuid%3D%24%7BTA_DEVICE_ID%7D&partner_device_id=64866008341005129681299456859...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=ADB&partner_url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D540%26dpuuid%3D%24%7BTA_DEVICE_ID%7D&partner_device_id=64866008341005129681299...
https://dpm.demdex.net/ibs:dpid=540&dpuuid=b1222b6c-b59a-4c3f-841a-312a48c6e89b

42 B
940 B

39ms
38ms

Image
image/gif

52.1.190.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=540&dpuuid=b1222b6c-b59a-4c3f-841a-312a48c6e89b

Protocol

HTTP/1.1

Server

52.1.190.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-190-243.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

DCS: dcs-prod-va6-2-v051-060507f47.edge-va6.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: g4DR0gNhTfE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Wed, 18 Oct 2023 18:50:53 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://dpm.demdex.net/ibs:dpid=540&dpuuid=b1222b6c-b59a-4c3f-841a-312a48c6e89b
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
148 B 46ms
45ms XHR
text/plain 142.251.16.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1536805549&t=pageview&_s=1&dl=https%3A%2F%2Fauthentication.td.com%2Fuap-ui%2F%3Fconsumer%3Deasyweb%26locale%3Den_CA&ul=en-us&de=UTF-8&dt=EasyWeb%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4CDAAUABAAAAACAAI~&jid=2087764723&gjid=135077061&cid=243945480.1697655052&uid=&tid=UA-196335417-1&_gid=484598828.1697655054&_r=1&gtm=457e3ag0&jsscut=1&z=332483497

Requested by

Host: authentication.td.com
URL: https://authentication.td.com/waw/idp/js/td_common_153.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f113.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://authentication.td.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 18:50:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://authentication.td.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
67 B 43ms
43ms XHR
text/plain 142.251.16.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1536805549&t=pageview&_s=1&dl=https%3A%2F%2Fauthentication.td.com%2Fuap-ui%2F%3Fconsumer%3Deasyweb%26locale%3Den_CA&ul=en-us&de=UTF-8&dt=EasyWeb%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4CDAAUABAAAAACgAI~&jid=469472226&gjid=91499675&cid=243945480.1697655052&uid=&tid=UA-196335417-7&_gid=484598828.1697655054&_r=1&gtm=457e3ag0&jsscut=1&z=1012850870

Requested by

Host: authentication.td.com
URL: https://authentication.td.com/waw/idp/js/td_common_153.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f113.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://authentication.td.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 18:50:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://authentication.td.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 37ms
36ms Image
image/gif 142.251.16.113
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1536805549&t=pageview&_s=2&dl=https%3A%2F%2F%2Fauthentication.td.com%2Fuap-ui%2Flogin%2F%3Fconsumer%3Deasyweb%26locale%3Den_CA&ul=en-us&de=UTF-8&dt=EasyWeb%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4CDAAUABAAAAACgAI~&jid=&gjid=&cid=243945480.1697655052&uid=&tid=UA-196335417-1&_gid=484598828.1697655054&gtm=457e3ag0&jsscut=1&cd1=page_view&cd2=not-authenticated&cd3=GA%20ClientID%20Not%20Ready&cd4=&cd5=GA%20ClientID%20Not%20Ready&cd6=&cd15=&cd16=&cd22=ca-en&z=1554382313

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f113.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://authentication.td.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 16:30:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 8413
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
193 B 36ms
35ms Image
image/gif 142.251.16.113
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1536805549&t=pageview&_s=2&dl=https%3A%2F%2F%2Fauthentication.td.com%2Fuap-ui%2Flogin%2F%3Fconsumer%3Deasyweb%26locale%3Den_CA&ul=en-us&de=UTF-8&dt=EasyWeb%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4CDAAUABAAAAACgAIAC~&jid=&gjid=&cid=243945480.1697655052&uid=&tid=UA-196335417-7&_gid=484598828.1697655054&gtm=457e3ag0&jsscut=1&cd1=page_view&cd2=not-authenticated&cd3=GA%20ClientID%20Not%20Ready&cd4=&cd5=GA%20ClientID%20Not%20Ready&cd6=&cd15=&cd16=&cd22=ca-en&z=513675705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f113.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://authentication.td.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 16:30:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 8413
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 44ms
43ms XHR
text/plain 142.251.16.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-196335417-1&cid=243945480.1697655052&jid=2087764723&gjid=135077061&_gid=484598828.1697655054&_u=4CDAAUAAAAAAACAAI~&z=970939291

Requested by

Host: authentication.td.com
URL: https://authentication.td.com/waw/idp/js/td_common_153.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f156.1e100.net

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://authentication.td.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 18 Oct 2023 18:50:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://authentication.td.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 43ms
43ms XHR
text/plain 142.251.16.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-196335417-7&cid=243945480.1697655052&jid=469472226&gjid=91499675&_gid=484598828.1697655054&_u=4CDAAUABAAAAACgAI~&z=848378968

Requested by

Host: authentication.td.com
URL: https://authentication.td.com/waw/idp/js/td_common_153.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f156.1e100.net

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://authentication.td.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 18 Oct 2023 18:50:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://authentication.td.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 df218ca4-7002-49d7-9635-50b660642e50 Show response
c.lytics.io/api/personalize/4d241117027984f3a7b3954ef3d9e9b9/user/_uid/ 301 B
546 B 140ms
139ms Script
application/json 172.67.73.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/personalize/4d241117027984f3a7b3954ef3d9e9b9/user/_uid/df218ca4-7002-49d7-9635-50b660642e50?segments=true&mergestate=true&state=%7B%22_uid%22%3A%22df218ca4-7002-49d7-9635-50b660642e50%22%2C%22_nmob%22%3A%22t%22%2C%22_device%22%3A%22desktop%22%2C%22url%22%3A%22authentication.td.com%2Fuap-ui%2F%3Fconsumer%3Deasyweb%26locale%3Den_CA%23%2Fuap%2Flogin%22%2C%22_v%22%3A%223.0.33%22%7D&ts=1697655053593&callback=u_417581226117948800

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tdb/uap-prod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.73.236 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01230e61230a91ec2dd8b2fbe826de157493002c1b6ccc46277404970627440b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://authentication.td.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 18:50:53 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w2fXyqYyXfuAJYgBFVMP%2Fkw5eB2%2BtZGMiVugFPpbRq9vvTudGm%2FGcEYetrhhSNeMXsUpvEeG1hPS6N1VbLtX4sd89wKlbEa9dEZwedH79c4ziiYGyLKIizz%2Bkyh1"}],"group":"cf-nel","max_age":604800}
cf-ray: 8182f8350f1cc47a-EWR
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Cookie, *

GET
H/1.1

200
OK

ibs:dpid=601&dpuuid=212206629217109&random=1697655053
dpm.demdex.net/ Frame 31FB
Redirect Chain

https://dp2.33across.com/ps/?pid=897&random=104980850
https://dpm.demdex.net/ibs:dpid=601&dpuuid=212206629217109&random=1697655053

42 B
941 B

48ms
48ms

Image
image/gif

52.1.190.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=601&dpuuid=212206629217109&random=1697655053

Protocol

HTTP/1.1

Server

52.1.190.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-190-243.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

DCS: dcs-prod-va6-1-v051-0bd875ce1.edge-va6.demdex.com 12 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: Ag7rnjX8TCc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Wed, 18 Oct 2023 18:50:53 GMT
referrer-policy: unsafe-url
server: 33XP019
x-33x-status: 200004000C
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://dpm.demdex.net/ibs:dpid=601&dpuuid=212206629217109&random=1697655053
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 376ms
49ms Image
image/gif 172.253.115.105
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-196335417-1&cid=243945480.1697655052&jid=2087764723&_u=4CDAAUAAAAAAACAAI~&z=1396284357

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f105.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://authentication.td.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 18:50:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
107 B 47ms
46ms Image
image/gif 142.250.31.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-196335417-1&cid=243945480.1697655052&jid=2087764723&_u=4CDAAUAAAAAAACAAI~&z=1396284357

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.94 Oxford, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://authentication.td.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 18:50:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 380ms
56ms Image
image/gif 172.253.115.105
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-196335417-7&cid=243945480.1697655052&jid=469472226&_u=4CDAAUABAAAAACgAI~&z=478416727

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f105.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://authentication.td.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 18:50:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
107 B 53ms
53ms Image
image/gif 142.250.31.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-196335417-7&cid=243945480.1697655052&jid=469472226&_u=4CDAAUABAAAAACgAI~&z=478416727

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.94 Oxford, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://authentication.td.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 18:50:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content aTb5wVU3awSHK2qW Show response
tmx.td.com/ Frame 68A7 0
387 B 83ms
83ms Script
text/javascript 192.225.158.132
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.158.132 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://authentication.td.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Oct 2023 18:50:53 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=96
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEON_znDbKaiovbFqWbyeysk&google_cver=1
dpm.demdex.net/ Frame 31FB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NjQ4NjYwMDgzNDEwMDUxMjk2ODEyOTk0NTY4NTkxMjA3NDQwMzA=
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NjQ4NjYwMDgzNDEwMDUxMjk2ODEyOTk0NTY4NTkxMjA3NDQwMzA=&google_tc=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEON_znDbKaiovbFqWbyeysk&google_cver=1?gdpr=0&gdpr_consent=

42 B
940 B

41ms
41ms

Image
image/gif

52.1.190.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEON_znDbKaiovbFqWbyeysk&google_cver=1?gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

52.1.190.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-190-243.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

DCS: dcs-prod-va6-2-v051-00e970a10.edge-va6.demdex.com 6 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: b+kk9U8wToI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Wed, 18 Oct 2023 18:50:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEON_znDbKaiovbFqWbyeysk&google_cver=1?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
analytics.twitter.com/i/ Frame 31FB 43 B
393 B 185ms
62ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?p_user_id=64866008341005129681299456859120744030&p_id=38594

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-response-time: 6
date: Wed, 18 Oct 2023 18:50:53 GMT
strict-transport-security: max-age=631138519
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: 8dc61449003c06f2
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 2a0c069733fc7a30c108bdfb311b419dcdee21739887da916b67f297816efbac
content-length: 43

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame 31FB
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.everesttech.net%2F1x1%3F
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WlRBcERBQUFBSG41dGdOMg&url=/1/gr%3furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F&google_gid=CAESEFUvs_m-XkdvsPBG83FNu74&google_cver=1
https://pixel.everesttech.net/1x1

128 B
796 B

35ms
34ms

Image
image/png

54.236.156.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 54.236.156.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-236-156-168.compute-1.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 18:50:54 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b51c-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type: image/png
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Wed, 18 Oct 2023 18:50:54 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame 31FB
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072980%26val%3D__EFGSURFER__.__EFGCK__
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WlRBcERBQUFBSG41dGdOMg&url=/1/gr%3furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEF...
https://pixel.everesttech.net/1x1

128 B
691 B

35ms
35ms

Image
image/png

54.236.156.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 54.236.156.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-236-156-168.compute-1.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 18:50:54 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b51c-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type: image/png
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Wed, 18 Oct 2023 18:50:54 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame 31FB
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fib.adnxs.com%2Fpxj%3Faction%3Dsetuid(%27__EFGSURFER__.__EFGCK__%27)%26bidder%3D51%26seg%3D2634060der%3D51%26seg%3D2634060
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WlRBcERBQUFBSG41dGdOMg&url=/1/gr%3furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%25...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D26...
https://pixel.everesttech.net/1x1

128 B
691 B

35ms
35ms

Image
image/png

54.236.156.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 54.236.156.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-236-156-168.compute-1.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 18:50:54 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b51c-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type: image/png
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Wed, 18 Oct 2023 18:50:54 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame 31FB
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fexpires%3D30%26nid%3D2181%26put%3D__EFGSURFER__.__EFGCK__%26v%3D11782
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WlRBcERBQUFBSG41dGdOMg&url=/1/gr%3furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpir...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2...
https://pixel.everesttech.net/1x1

128 B
691 B

35ms
35ms

Image
image/png

54.236.156.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 54.236.156.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-236-156-168.compute-1.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 18:50:54 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b51c-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type: image/png
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Wed, 18 Oct 2023 18:50:54 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 pathfora.min.js Show response
c.lytics.io/static/ 102 KB
22 KB 40ms
40ms Script
text/javascript 172.67.73.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/static/pathfora.min.js

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tdb/uap-prod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.73.236 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef880693571db60a665cceffeea7d30335d5727dda98f8a9c1429352fdff8be1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://authentication.td.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 18:50:54 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 18 Oct 2023 18:03:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2866
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xJMYlVDGUmnfKHn5huNuyjHYp2wEraDb2CNWRqAq6Mx8Eme8jYEJ5QEA1A4rFPG91sDFJnvixeUf8lyraTt%2BELW5fOo0VjfVVV%2BW6dmBwfGcad6TYgMRz0hCkx9N"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
content-encoding: br
cache-control: max-age=7200
cf-ray: 8182f8391d4ac47a-EWR

GET
H2 200 pathfora.min.css
c.lytics.io/static/ 20 KB
4 KB 38ms
38ms Stylesheet
text/css 172.67.73.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/static/pathfora.min.css

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tdb/uap-prod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.73.236 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea99bd3fb4ae5d61320b918295829a784d4cef63b321451db06a6bbe4314f0d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://authentication.td.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 18:50:54 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 18 Oct 2023 17:23:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5231
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jgBmCS5ubyrZrS%2F3iwE7UlH%2Fqw%2BOY3xPuSmc3q76doxeP9Wv8Q2DphMT7Es9giR3j1PtcexMuPX0IWyT2b34jNf6YCcOZb1ImB3XKSiz091k66NdrKqt2V1NQJqY"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
content-encoding: br
cache-control: max-age=7200
cf-ray: 8182f8396debc47a-EWR

GET
H2 200 config.js Show response
c.lytics.io/api/program/campaign/config/4d241117027984f3a7b3954ef3d9e9b9/ 327 B
494 B 40ms
39ms Script
application/javascript 172.67.73.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/program/campaign/config/4d241117027984f3a7b3954ef3d9e9b9/config.js

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tdb/uap-prod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.73.236 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc4c2153c9fde72db771ada7f07538ca5b475e39023f06c285d6c58517f2f41d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://authentication.td.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 18:50:54 GMT
strict-transport-security: max-age=63072000;
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 18 Oct 2023 18:03:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2870
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L3gDDksP2U35Dj%2BfcPCxviHWBoQYJDNv6FrJSY0ZX9CM4CAn7Epner1gm6UEtQ%2BOt3BJQ8gP%2Fp0zT%2FNM8Icm8oQB30%2BbckK%2BVkiaY1INHbsq4ir594pDGIN7PUod"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
content-encoding: br
cache-control: max-age=7200
cf-ray: 8182f8397df9c47a-EWR

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame 31FB
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%3D%26piggybackCookie%3D__EFGSURFER__.__EFGCK__
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WlRBcERBQUFBSG41dGdOMg&url=/1/gr%3furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fv...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggyb...
https://pixel.everesttech.net/1x1

128 B
691 B

35ms
35ms

Image
image/png

54.236.156.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 54.236.156.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-236-156-168.compute-1.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 18:50:54 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b51c-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type: image/png
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Wed, 18 Oct 2023 18:50:54 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

ibs:dpid=1175&gdpr=0&dpuuid=nF65zphSupuHU77Img-nyZte78eHWLzLnF_5JCWX
dpm.demdex.net/ Frame 31FB
Redirect Chain

https://cms.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=nF65zphSupuHU77Img-nyZte78eHWLzLnF_5JCWX

42 B
940 B

42ms
42ms

Image
image/gif

52.1.190.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=nF65zphSupuHU77Img-nyZte78eHWLzLnF_5JCWX

Protocol

HTTP/1.1

Server

52.1.190.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-190-243.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

DCS: dcs-prod-va6-1-v051-0d0e87c0b.edge-va6.demdex.com 4 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: C8F6o/TJRy0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Wed, 18 Oct 2023 18:50:54 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=nF65zphSupuHU77Img-nyZte78eHWLzLnF_5JCWX
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 r.rnc
data.privacy.ensighten.com/privacy/v1/b/ 0
106 B 36ms
35ms Image
text/plain 3.232.15.196
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=1&c=822&i=6t2dfu&p=uap-prod&s=15773&d=8BV7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjQUAPAhY2xpZW50SWQiOjgyMiwicHVibGlzaFBhdGgiOiJ1YXAtcHJvZCIsImluc3RhbmNlKgDxUiI2dDJkZnUiLCJwYWNrZXQiOjEsIm1vZGUiOiJlbmZvcmNlIiwiY29va2llcyI6e30sImVudmlyb25tZW50IjoiVERDVC1FTiIsInJlcXVlc3RzIjpbeyJkZXN0aW5hdGm2APACYWJvdXQ6YmxhbmsiLCJ0eXBfAFBpZnJhbV4AQHN0YXJ5AMA2OTc2NTUwNTIyMzlnAEZkIjoxFABwNDQsInNvdZEAwDoiYXBwZW5kQ2hpbNEAwHN0YXR1cyI6ImxvYRAA9AhyZWFzb25zIjpbXSwiZGF0YVBhdHRlchIAQmxpc3QcABNpYwDLOTc3ODkzNjIyfSx7uwD2J2h0dHBzOi8vd3d3Lmdvb2dsZXRhZ21hbmFnZXIuY29tL2d0YWcvanM_aWQ9REMtNjgzNTc4MeYAnXNjcmlwdCIsIuYAPTAzMOYANzMwNuYAs2luc2VydEJlZm9yKAEP5wAqrzYzNDI5NDU3ODbnAFsfNucADEBtdXRhKQKiT2JzZXJ2ZXJDTC8BD-0AMh851AEI8QBuZXh1cy5lbnNpZ2h0ZW7PAUR0ZGIvLAMTL5AA8A9vbXBvbmVudC5waHA_bmFtZXNwYWNlPUJvb3RzdHKMAiByJoQCQGljSnNvAx89WQAOY2NvZGUvJqID8BVlZE9uPVR1ZSUyMFNlcCUyMDI2JTIwMTY6MDA6MzUlMjBHTVQWAFIwMjMmQ-QD0UQ9ODIyJlBhZ2VJRD2jAvEDJTNBJTJGJTJGYXV0aGVudGljVAEwLnRk1wAwJTJG1QAgdWkkAPAOM0Zjb25zdW1lciUzRGVhc3l3ZWIlMjZsb2NhbGUTAHJuX0NBJTIzNQCPJTJGbG9naW7TAhIvNjHsAQAXONMCD-wBQo83NjkyOTA4MMADCYNzbWV0cmljcxEB9nAvaWQ_ZF92aXNpZF92ZXI9NC40LjAmZF9maWVsZGdyb3VwPUEmbWNvcmdpZD1BNzgzNzc2QTUyNDVCMUU1MEE0OTBENDQlNDBBZG9iZU9yZyZtaWQ9NjUxMzkzNTA4NjIzMzE4MTk0NjEzMjczNTM4MjQ4MzI2MjY3OTYmdHM92AQ2MzE0WgEyeGhy-wIKEAU-MzE0VwEAFAAFEAWyWEhSX01BTkFHRVJBAAI8A29hbGxvd2UTBSGvNjQ4NzQ1MjI4MCwEBw9TAasfNVMBABc1qgIPUwFHHzFTAQcPOQQT8Bo5NjkyYjg4OWRiZjZhN2VhNTlkNTIxMmVmYWEzMjY4Yy5qcz9jb25kaVYFgUlkMD00MjMxIwgDewcPlQYHPjMwNxgBANYDBWsCD5UGPK84NDg2ODkxNDk3FgGKHzgWAQwP2ARCBRwBHzgcAQcPmAgR8AJVQS0xOTYzMzU0MTctMSZsPRQJpkxheWVyJmN4PWOABA8YAgkeMwIBJzgzMAMPGAI8rzU3Mjk1MDc1NjT8AHAPwggACfwAD_4BQgUCAQ8aAwgP_gEeHzf-ASQOgQY_NDEw_gFHrzgzMzcwMDgwMzn-ATgP_AAlDv4BCvwAD_4BQgQCAR80LgYID_4BEQGUDF82ODUxOfoBJB0y-AMoNDKLDQ_4AzyfOTI1MDkzNjY2uAsID_gAUg_2AQAJ-AAP9gFCBf4AD6MNCGBhbmFseXTLCgKQDgDgC_VCL2cvY29sbGVjdD92PTImdGlkPUctMzFSSjJUWERaWSZndG09NDVqZTNhZzAmX3A9MTUzNjgwNTU0OSZfZ2F6PTEmY2lkPTI0Mzk0NTQ4MC4xeA_wFSZ1bD1lbi11cyZzcj0xNjAweDEyMDAmaXI9MSZ1YWE9JnVhYgUAMGZ2bAcAgG1iPTAmdWFtDAARcAUAEHYGANB3PTAmX2V1PUVBJl9zOgCGaWQ9JnNpZD0JC_8AJnNjdD0xJnNlZz0wJmRs1gxDkCZkdD1FYXN5V_IMIDBM2AzwCSZlbj1wYWdlX3ZpZXcmX2Z2PTEmX25zaQcA8AVzcz0yJl9lZT0xJmVwLmRlYnVnXx0RQD10cnWSDwRPCYBlbmRCZWFjbyUNDegPLzQ1PQUAABQABVMJr1NFTkRCRUFDT07FCzuvOTMzMDI4NTE0M0YFBwC4Dv8Ecy5nLmRvdWJsZWNsaWNrLm5ldFECDR9jLwIFCWoCSGFpcD0MEQ8oAYSfNzI4MzEyNDEwbAUsCXMDD2YJIw6WDC80NmgHSK82OTQwNDY3ODM1IgIHD24FEQ_6ADAPcAUACfoAD3AFQgUAAQ9wBTGvODk5Q0MxTDM4NXAF_x8QcxUGD2kFLh84RAIAABQAD2kFT38yMzk0NTI0rQkJD2kFGQdKAg9pBUEAFAEjZW78FgJzFxA0FAAPKAFOnzY1MjQzMzY0MW8ELgciAQ9pBTYvOTLRDEdQNjg2NjACAA_RDCwvRy36AC4PJQMACfoAD2kFQwMAAR8xUBQID9kKPA86AwYP0gpAMDImddIKDbcKD5AXEQFeFw-YFxYPNgsHHzHdCg8PygoEAN0KYGV2ZW50X90YBw4LOmVwLk8YEF_GBHd1cz1ub3QtGgAgZWRDAAKAHEJfaWRfmQxkPUdBJTIwshjgJTIwTm90JTIwUmVhZHkwAEZ1c2VyLgA-XzE9FQABEwAwZ2NsXQEAggsFCgAMbAAvXzFuAA3wFXNpdGVfbGFuZ3VhZ2U9Y2EtZW4mX2V0PTMmdXAuVXNlcklkPQsADpYAP3VwLm8AGwdREw_yCgouNTBXFAEUAA-JBU6fNzgzMDY4MzY1jwMxB5IECf4LCmgOD48D__8WEDSEAw-PA2QeMewSEDUUAA-PA05AOTQ4NmIcHzYYCQiRdGQuZGVtZGV4nw_AZGVzdDUuaHRtbD9krhBPZD0wIwgeEAaaBA9-IQcuMzHFHSg3NYUOAPIeD34hN582MDM3ODU0MTjyEwgP_QBYDgAbCv0ADx8JQwQEAQ_qGQgMbx3wVGIvc3MvdGR0ZGN0LHRkZ2xvYmFsLzEwL0pTLTIuMjAuMC9zMDEzNjczMzA3MjcwNTU_QVFCPTEmbmRoPTEmcGY9MSZjYWxsYmFjaz1zX2NfaWxbMV0uZG9Qb3N0YmFja3MmZZET0HQ9MTglMkY5JTJGMjAVIIAwMTElM0E1MAUA8AEyJTIwMyUyMDQyMCZkLiZu0xNgMCZqc29uRxM_LmQmFx8Y8AxhYW1saD03JmNlPVVURi04Jm5zPXRkYmFuayagE19OYW1lPVAJFi8mZ0EUQw0XITMmY2hNCAItIhc9FwkzaW9ubyARJl8JIXM9BwD0NDEmYWFtYj1SS2hwUno4a3JnMnRMTzZwZ3VYV3A1b2xrQWNVbmlRWVBIYU1XV2dkSjN4elBXUW1kajB5JnYxPUQlM0QRATAmdjO8FSA0PZMBcDMwUE0mdjQRAOA1PVdlZG5lc2RheSZ2NRIAYDY9V2VlaxAAn2M3PWV3JmMxMsYJAMBjMTM9TmV3JnYxOD1oAGJjNCZ2MTkLAFE1JmMyMAsAY3Nfdmkmdg0AUmM2JmMylgAAtwWgLUFnZW50JnYyM2YAMXYyNDIAYmM3JnYzMgsAYzEyJnYzMwwAQjMmdjNgAAJVABM2eAByMjEmYzcwPd8CNCUyQ-ECTyZjNzTaAVbQNzU9QXBwTWVhc3VyZfAmQCUyMC2KIwFfA2MmdjEzMj1AIxAm1CEEHRfxBmM9MjQmaj0xLjYmdj1OJms9WSZidz0XQSZiaD1AFw9bIhk5QVFFRhUPUiYGLTY0vQQgMzILKAXBBg-tGTyfODgzOTEwNDM21g4ID7cE_____xUN7ysLtwQPdAlCBL0EHzf2GQgjYy5rHXBpby9hcGkv7Cv2HzRkMjQxMTE3MDI3OTg0ZjNhN2IzOTU0ZWYzZDllOWI5L2xhdGVzdC5taW4uanNyCw9dIwgdNXILTzM0OTGOFEiPNDY5MDAyNDgZHAgP-wBUAOQZCowWC_sAH20eLEIDAQEPHiwJBvgaFi2aFADyLRdqbB-4MSZfdj1qMTAxJmFVHxF0RRMCUh4A2xgNGRQPJgoCAnErHy2mKxgGnh8UZDYLD-IeAJpzZD0yNC1iaXTEHyF2cJQIAtEfIGplox-wdT00Q0RBQVVBQkEBAHBDQUFJfiZq7B2wMDg3NzY0NzIzJmcQAJ8xMzUwNzcwNjE5IAgAtRMAiiALfyYQX1MrljQ4NDU5ODgyOGsgMDQmX1UgAkMSEjerIFBqc3NjdYYMQHo9MzOwAjY0OTdSAw8vKwM9MzUzRh0CFAAFBwkP3Ck-nzgzMDEzMjA5M1EDCA9QAv___0QUZ6AEkjQ2OTQ3MjIyNp8EAFEsTzk2NzWeBB0vNyaeBCSQMTAxMjg1MDg3iTUDFyQPnwQFHTRnFCAzNRQAD58ER583MDM1Njk4NzVLKhIP7wbnD08C_1IGTAkPHQsTHjQlGykzNQ04D9UQPX85NTAzNTA5LQMiD94AHgBGLQsACwreAA8AC0IUOOQAD7kRCA-wCAYP5AAdLTM46Tg_MzU06ThIBN4AHzLeAFMPzwUBCN4AD8IBSh8zvg4IAK0fD9wpAQbBDFF0PWRjJqYpAH0LIDMmthcE0QwPuwsAD8QdBgATDB8yIwwGD1QHCAVxDABvDCJBQXEMp3o9OTcwOTM5Mjk9Kg9OBwUAiTEMQQMAFAAPTgdH0DYxNjk4MTkwODN9XX0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.232.15.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-232-15-196.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://authentication.td.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 18:50:54 GMT
cache-control: no-cache, no-store
server: nginx
expires: Wed, 18 Oct 2023 18:50:53 GMT

GET
H2 204 r.rnc
data.privacy.ensighten.com/privacy/v1/b/ 0
106 B 36ms
36ms Image
text/plain 3.232.15.196
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=2&c=822&i=6t2dfu&p=uap-prod&s=2798&d=8BV7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjQUAPAhY2xpZW50SWQiOjgyMiwicHVibGlzaFBhdGgiOiJ1YXAtcHJvZCIsImluc3RhbmNlKgDxUiI2dDJkZnUiLCJwYWNrZXQiOjEsIm1vZGUiOiJlbmZvcmNlIiwiY29va2llcyI6e30sImVudmlyb25tZW50IjoiVERDVC1FTiIsInJlcXVlc3RzIjpbeyJkZXN0aW5hdGm2APAsaHR0cHM6Ly9zdGF0cy5nLmRvdWJsZWNsaWNrLm5ldC9qL2NvbGxlY3Q_dD1kYyZhaXA9MSZfcj0zJnYJAPAldj1qMTAxJnRpZD1VQS0xOTYzMzU0MTctMSZjaWQ9MjQzOTQ1NDgwLjE2OTc2NTUwNTImahkAsDA4Nzc2NDcyMyZnEAD2CTEzNTA3NzA2MSZfZ2lkPTQ4NDU5ODgyODgAwjQmX3U9NENEQUFVQQEA8AhDQUFJfiZ6PTk3MDkzOTI5MSIsInR5cB8BoHhociIsInN0YXI2AQR7AEAzNTgzJAE1ZCI6jwACFAAwc291TgHSOiJYSFJfTUFOQUdFUkEAwHR1cyI6ImFsbG93ZaEB9AhyZWFzb25zIjpbXSwiZGF0YVBhdHRlchIAQmxpc3QcABJpZgDfNjE2OTgxOTA4M30se3sBUx83ewELkjQ2OTQ3MjIyNnoBjzkxNDk5Njc1eQESEUJ6ASJDZ3kBnzg0ODM3ODk2OHkBEB83eQEAPzcsInkBR684NTI4MDUyODY4eQH_gfBgYy5seXRpY3MuaW8vYXBpL3BlcnNvbmFsaXplLzRkMjQxMTE3MDI3OTg0ZjNhN2IzOTU0ZWYzZDllOWI5L3VzZXIvX3VpZC9kZjIxOGNhNC03MDAyLTQ5ZDctOTYzNS01MGI2NjA2NDJlNTA_c2VnEAXAcz10cnVlJm1lcmdl7AQSZRAAAgsA_wQlN0IlMjJfdWlkJTIyJTNBJTIyXAARAC0AIDJDOgBAbm1vYg4AATsAEHQKAAIYAGBkZXZpY2UQAAEaAHBkZXNrdG9wEAABIAAwdXJsDAABHACgYXV0aGVudGljYZoFoC50ZC5jb20lMkYeBvAUdWklMkYlM0Zjb25zdW1lciUzRGVhc3l3ZWIlMjZsb2NhbGUTAHJuX0NBJTIzNQCAJTJGbG9naW5hAAFtACBfdgsAAWwAYDMuMC4zMw8AZzdEJnRzPQ8F8BA5MyZjYWxsYmFjaz11XzQxNzU4MTIyNjExNzk0ODgwzQYDZQV_c2NyaXB0ImgFAR45aAU3NzM17wMxbXV05wCiT2JzZXJ2ZXJDTEgAAm8FP2xvYWwFIn84NTE4Nzg28wMJD3oC_809NzM0aQYKegKgcmVtb3ZlQ2hpbGMCAP8DAeIHD3MCKz84MDlmBgcIcwIAcAD2A2ljL3BhdGhmb3JhLm1pbi5qc0AHD1QDBkw0MjQw2gA_NDI5VANO0Dc2NjI1MTI0MTJ9XX0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.232.15.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-232-15-196.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://authentication.td.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 18:50:54 GMT
cache-control: no-cache, no-store
server: nginx
expires: Wed, 18 Oct 2023 18:50:53 GMT

GET
H/1.1

200
OK

ibs:dpid=1957&dpuuid=1440AA34BF8E62C73CA4B99ABEA46366
dpm.demdex.net/ Frame 31FB
Redirect Chain

https://c.bing.com/c.gif?uid=64866008341005129681299456859120744030&Red3=MSAdobe_pd&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=1440AA34BF8E62C73CA4B99ABEA46366

42 B
940 B

38ms
37ms

Image
image/gif

52.1.190.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=1957&dpuuid=1440AA34BF8E62C73CA4B99ABEA46366

Protocol

HTTP/1.1

Server

52.1.190.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-190-243.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

DCS: dcs-prod-va6-2-v051-06f4cd915.edge-va6.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: Sfdc6XcyRjY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Wed, 18 Oct 2023 18:50:53 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2EBD830EEA1740E398D5FA0424B69B1D Ref B: YTO01EDGE0414 Ref C: 2023-10-18T18:50:54Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://dpm.demdex.net/ibs:dpid=1957&dpuuid=1440AA34BF8E62C73CA4B99ABEA46366
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame 31FB
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D71%26external_user_id%3D__EFGSURFER__.__EFGCK__
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WlRBcERBQUFBSG41dGdOMg&url=/1/gr%3furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__&google_...
https://pixel.everesttech.net/1x1

128 B
691 B

35ms
35ms

Image
image/png

54.236.156.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 54.236.156.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-236-156-168.compute-1.amazonaws.com
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 18:50:54 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b51c-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type: image/png
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Wed, 18 Oct 2023 18:50:54 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1 204
204 -1188IHNqoxR12y- Show response
tmx.td.com/ Frame 68A7 0
218 B 83ms
82ms Script
text/javascript 192.225.158.132
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://tmx.td.com/-1188IHNqoxR12y-?e531e9106654510b=sGYbaSOhqhoBw-PylPukPsfL4Z9r1K_1fHXJQslQINficRfUKHsrLWkanI6teYks3fHPJkYWrBf3Fiw_wziXOBtuc4DS4QeIYnF8X-AZVNoIaovrJBDSiw03htLOv4Vvvtihbp3Rtf8PguuWHbtvkobaLBwDUtLA8pEPX6su0RMXcoX-jydw7DcZnCjoOonl1sR14vdbWHM1WbEUnVZAEvJl19eydC0&je=393430267a643d267a66743f343b3333332f393d32302c3d3932322d333730322e353938392f393538302c353132322f333d30302c373138312d313d30322e33313a392f3335303824373135382d313538322c373b3b312d313738382e35393b392f333532322c343233392539373830243539343c2f313732382c3630363825333530382c373b333a2f313732302c3d3a35312d3935303024353035322531353032243a3331322531373230

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.158.132 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://authentication.td.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Wed, 18 Oct 2023 18:50:54 GMT
Strict-Transport-Security: max-age=31536000
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=95
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1

200
OK

ibs:dpid=22054
dpm.demdex.net/ Frame 31FB
Redirect Chain

https://a.tribalfusion.com/i.match?p=b13&u=64866008341005129681299456859120744030&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$
https://s.tribalfusion.com/z/i.match?p=b13&u=64866008341005129681299456859120744030&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$
https://dpm.demdex.net/ibs:dpid=22054

42 B
954 B

36ms
36ms

Image
image/gif

52.1.190.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=22054

Protocol

HTTP/1.1

Server

52.1.190.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-190-243.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

DCS: dcs-prod-va6-2-v051-0c306b3f7.edge-va6.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: L3J7YWWHSEM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error: 300
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Wed, 18 Oct 2023 18:50:54 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 2387
content-type: text/html
location: https://dpm.demdex.net/ibs:dpid=22054
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 8182f83d0d2fa1f0-YYZ
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 18EE 52 KB
17 KB 17ms
17ms Document
text/html 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tdb/uap-prod/Bootstrap.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://authentication.td.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 32106
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 18 Oct 2023 18:50:54 GMT
ETag: W/"623de86a-cf34"
Expires: Sun, 01 Oct 2023 09:55:16 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 165, 83974
X-Served-By: cache-lga13626-LGA, cache-yyz4582-YYZ
X-Timer: S1697655055.751773,VS0,VE0

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 18EE 0
594 B 61ms
60ms Script
text/html 68.67.160.114
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.114 Fairfield, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 18:50:54 GMT
an-x-request-uuid: 1a1b2fb0-0209-47b7-8504-c67bbea1f60a
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 86.48.14.155; 86.48.14.155; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=22052&dpuuid=3639310649068093506
dpm.demdex.net/ Frame 31FB
Redirect Chain

https://ml314.com/utsync.ashx?eid=50112&et=0&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D22052%26dpuuid%3D[PersonID]
https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3639310649068093506

42 B
940 B

38ms
38ms

Image
image/gif

52.1.190.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3639310649068093506

Protocol

HTTP/1.1

Server

52.1.190.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-190-243.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

DCS: dcs-prod-va6-2-v051-0aaf1a784.edge-va6.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: OFbFuOdERIo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Wed, 18 Oct 2023 18:50:53 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/html; charset=utf-8
location: https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3639310649068093506
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 185
expires: 0,Thu, 19 Oct 2023 14:50:54 GMT

GET
H/1.1

200
OK

ibs:dpid=30646
dpm.demdex.net/ Frame 31FB
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=64866008341005129681299456859120744030&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58782/cms?partner_id=ADOBE&_hosted_id=64866008341005129681299456859120744030&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-xG741uxE2pEFpQrGJ6sTkPLbYYezd3rxbh8-~A

42 B
940 B

38ms
37ms

Image
image/gif

52.1.190.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-xG741uxE2pEFpQrGJ6sTkPLbYYezd3rxbh8-~A

Protocol

HTTP/1.1

Server

52.1.190.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-190-243.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

DCS: dcs-prod-va6-1-v051-08e982cdb.edge-va6.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: K8U2o59iTTs=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-xG741uxE2pEFpQrGJ6sTkPLbYYezd3rxbh8-~A
date: Wed, 18 Oct 2023 18:50:55 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

ibs:dpid=575&dpuuid=-1137379141783501714
dpm.demdex.net/ Frame 31FB
Redirect Chain

https://fei.pro-market.net/engine?site=141472;size=1x1;mimetype=img;du=67;csync=64866008341005129681299456859120744030
https://dpm.demdex.net/ibs:dpid=575&dpuuid=-1137379141783501714

42 B
940 B

43ms
37ms

Image
image/gif

52.1.190.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=575&dpuuid=-1137379141783501714

Protocol

HTTP/1.1

Server

52.1.190.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-190-243.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

DCS: dcs-prod-va6-2-v051-05f4fa275.edge-va6.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: xDOpy/NuQSE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Wed, 18 Oct 2023 18:50:54 GMT
via: 1.1 google
server: Apache-Coyote/1.1
anserver: gapp12.c.datonics-gcp-01.internal
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: *
location: https://dpm.demdex.net/ibs:dpid=575&dpuuid=-1137379141783501714
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 0
expires: Mon, 1 Jan 1990 0:0:0 GMT

GET
H/1.1

200
OK

ibs:dpid=53196&dpuuid=Q7509414551903271977
dpm.demdex.net/ Frame 31FB
Redirect Chain

https://px.owneriq.net/eucm/p/adpq?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D53196%26dpuuid%3D(OIQ_UUID)
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdpm.demdex.net%2fibs%3adpid%3d53196%26dpuuid%3dQ7509414551903271977&uid=Q7509414551903271977&ref=%2Feucm%2Fp%2Fadpq
https://dpm.demdex.net/ibs:dpid=53196&dpuuid=Q7509414551903271977

42 B
940 B

38ms
38ms

Image
image/gif

52.1.190.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=53196&dpuuid=Q7509414551903271977

Protocol

HTTP/1.1

Server

52.1.190.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-190-243.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

DCS: dcs-prod-va6-1-v051-083023bad.edge-va6.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: g1+hiiIhRiw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date: Wed, 18 Oct 2023 18:50:55 GMT
Server: Apache/2.4.6 (CentOS)
X-Powered-By: PHP/7.3.33
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://dpm.demdex.net/ibs:dpid=53196&dpuuid=Q7509414551903271977
Content-Type: text/html
Cache-Control: max-age=42641
Connection: keep-alive
Content-Length: 154

GET
H/1.1

200
OK

ibs:dpid=59982&dpuuid=
dpm.demdex.net/ Frame 31FB
Redirect Chain

https://exchange.adstanding.com/partners/aam/sync.php
https://dpm.demdex.net/ibs:dpid=59982&dpuuid=

42 B
958 B

36ms
36ms

Image
image/gif

52.1.190.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=59982&dpuuid=

Protocol

HTTP/1.1

Server

52.1.190.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-190-243.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

DCS: dcs-prod-va6-2-v051-001ad7028.edge-va6.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: jZ5Rkf9LSek=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error: 300,104
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Wed, 18 Oct 2023 18:50:55 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
location: https://dpm.demdex.net/ibs:dpid=59982&dpuuid=
cache-control: no-store
expires: 0

GET
H2

204

v1
ads.yahoo.com/cms/ Frame 31FB
Redirect Chain

https://cm.everesttech.net/cm/yh
https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=ZTApDAAAAHn5tgN2&sigv=1&esig=1~a36aa12c22f76575d0272307b6357a804f884296

0
194 B

355ms
33ms

Image
text/plain

69.147.92.12
YAHOO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=ZTApDAAAAHn5tgN2&sigv=1&esig=1~a36aa12c22f76575d0272307b6357a804f884296

Protocol

Server

69.147.92.12 Ashburn, United States, ASN14777 (YAHOO, US),

Reverse DNS

e2.ycpi.vip.dca.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 18:50:55 GMT
strict-transport-security: max-age=31536000
cache-control: no-store
x-content-type-options: nosniff
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=ZTApDAAAAHn5tgN2&sigv=1&esig=1~a36aa12c22f76575d0272307b6357a804f884296
Date: Wed, 18 Oct 2023 18:50:55 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 31FB
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433
https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433&dcc=t
https://dpm.demdex.net/ibs:dpid=139200&dpuuid=8xzTR3E3QwycjUezgHBWdQ&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=64866008341005129681299456859120744030

43 B
479 B

46ms
46ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=64866008341005129681299456859120744030

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Oct 2023 18:50:55 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 5JMZVSNJ483JMGDCGDR5
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS: dcs-prod-va6-2-v051-0c306b3f7.edge-va6.demdex.com 4 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: EKbjE3/bSSQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=64866008341005129681299456859120744030
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 18EE 0
594 B 42ms
41ms Script
text/html 68.67.160.114
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.114 Fairfield, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 18:50:55 GMT
an-x-request-uuid: a0174ec5-de47-4e35-b6e2-66063f72a480
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 86.48.14.155; 86.48.14.155; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 r.rnc
data.privacy.ensighten.com/privacy/v1/b/ 0
106 B 36ms
35ms Image
text/plain 3.232.15.196
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.privacy.ensighten.com/privacy/v1/b/r.rnc?n=3&c=822&i=6t2dfu&p=uap-prod&s=903&d=8BV7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjQUAPAhY2xpZW50SWQiOjgyMiwicHVibGlzaFBhdGgiOiJ1YXAtcHJvZCIsImluc3RhbmNlKgDxUiI2dDJkZnUiLCJwYWNrZXQiOjMsIm1vZGUiOiJlbmZvcmNlIiwiY29va2llcyI6e30sImVudmlyb25tZW50IjoiVERDVC1FTiIsInJlcXVlc3RzIjpbeyJkZXN0aW5hdGm2APJCaHR0cHM6Ly9jLmx5dGljcy5pby9hcGkvcHJvZ3JhbS9jYW1wYWlnbi9jb25maWcvNGQyNDExMTcwMjc5ODRmM2E3YjM5NTRlZjNkOWU5YjkvKACQLmpzIiwidHlwrgDwDnNjcmlwdCIsInN0YXJ0IjoxNjk3NjU1MDU0Mjk4tgAYZBQAgDM0Miwic2914ABgOiJtdXRhqwCiT2JzZXJ2ZXJDTEgAkHR1cyI6ImxvYTcB9AhyZWFzb25zIjpbXSwiZGF0YVBhdHRlchIAQmxpc3QcABNpagDPODYwMzQ2MzMxfSx7EQEE8A5hY2RuLmFkbnhzLmNvbS9kbXAvYXN5bmNfdXNlcgkAVi5odG1s5QBQaWZyYW2SAQ3lAD03NDHlADc4NDjlAKBhcHBlbmRDaGlszgA_c3Rh3gArnzQyNTI2NDI0NN4AUx823gAAFzneAA_DAUPANDI1MjY0MjQ5fV19
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.232.15.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-232-15-196.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://authentication.td.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 18:50:57 GMT
cache-control: no-cache, no-store
server: nginx
expires: Wed, 18 Oct 2023 18:50:56 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 44ms
43ms Ping
text/plain 172.253.122.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-31RJ2TXDZY&gtm=45je3ag0&_p=1536805549&cid=243945480.1697655052&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEA&_s=3&uid=&sid=1697655052&sct=1&seg=1&dl=https%3A%2F%2Fauthentication.td.com%2Fuap-ui%2F%3Fconsumer%3Deasyweb%26locale%3Den_CA&dt=EasyWeb%20Login&en=scroll&ep.debug_mode=true&epn.percent_scrolled=90&_et=46
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tdb/uap-prod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.253.122.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bh-in-f113.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://authentication.td.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 18:50:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://authentication.td.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 44ms
44ms Ping
text/plain 172.253.122.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-899CC1L385&gtm=45je3ag0&_p=1536805549&cid=243945480.1697655052&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEA&_s=3&uid=&sid=1697655052&sct=1&seg=1&dl=https%3A%2F%2Fauthentication.td.com%2Fuap-ui%2F%3Fconsumer%3Deasyweb%26locale%3Den_CA&dt=EasyWeb%20Login&en=scroll&ep.debug_mode=true&epn.percent_scrolled=90&_et=19
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/tdb/uap-prod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.253.122.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bh-in-f113.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://authentication.td.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Oct 2023 18:50:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://authentication.td.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

271 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

62 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.td.com/waw/idp/authn/v1	1969-12-31 23:59:59	Name: JSESSIONID Value: ywryxYZbaNFtFBkcJ_MQVTeMJAD7YWqEDpoL7d30.BB2
easyweb.td.com/waw/ezw	1970-01-20 15:34:18	Name: TD-persist Value: BDCB
authentication.td.com/uap-ui	1969-12-31 23:59:59	Name: JSESSIONID Value: xNDMHcgHzQbz4r7g4JawUfgMiRBAZRMUl4dVSmOs.BB2
authentication.td.com/	1969-12-31 23:59:59	Name: authenticationContextInfo Value: resumePath%3D%26ogRequired%3Dtrue%26ogCookieName%3Dcom.td.ew.SSO_GUID%26ec%3Dnull%26flowType%3Dropc
.td.com/	1969-12-31 23:59:59	Name: uapCookieInfo Value: ec%3Dnull%26lang%3Den_CA%26consumer%3Deasyweb%26tsnConsumerAppId%3Dnull%26redirect_uri%3Dhttps%3A%2F%2Feasyweb.td.com%2Fwaw%2Fezw%2Fwebbanking
authentication.td.com/	1970-01-20 15:34:18	Name: TD-persist Value: BDCB
.td.com/	1970-01-21 01:10:15	Name: HD4bjx6N Value: A_9SIESLAQAAygCAkIAsCY-8intoAlJvWJLvS-Co5K2csTo4b5-7IXnzTJubAVYwDpuuctQxwH8AAEB3AAAAAA\|1\|0\|9b85ada35610783e0b8f7bc45cdf91049769f03a
.adnxs.com/	1970-01-20 17:43:51	Name: icu Value: ChgIpt9cEAoYASABKAEwi9LAqQY4AUABSAEQi9LAqQYYAA..
.adnxs.com/	1970-01-20 17:43:51	Name: uuid2 Value: 1783857810292825748
tmx.td.com/	1970-01-21 01:10:15	Name: thx_guid Value: 0d04ade0ff77737c775491c38375f701
tmx.td.com/	1970-01-21 01:10:15	Name: tmx_guid Value: AAzkBYSWIJ8ZKWqE6pOsR9QXvnxnrnUMhU7GsAoEnkpnuBSSr7jc0GF9SbUxDqnsIPHSUUyp8iFXjsdvetkkB3gJmMs6YQ
.td.com/	1970-01-21 00:19:51	Name: bmuid Value: 1697655052106-4CF4E785-1A53-49D8-8D18-6150F015C101
.demdex.net/	1970-01-20 19:53:27	Name: demdex Value: 64866008341005129681299456859120744030
.td.com/	1969-12-31 23:59:59	Name: cdContextId Value: 2
.td.com/	1970-01-20 17:43:51	Name: _gcl_au Value: 1.1.348627678.1697655052
.td.com/	1969-12-31 23:59:59	Name: AMCVS_A783776A5245B1E50A490D44%40AdobeOrg Value: 1
.everesttech.net/	1970-01-21 00:19:51	Name: everest_g_v2 Value: g_surferid~ZTApDAAAAHn5tgN2
.td.com/	1970-01-21 01:10:15	Name: _ga_31RJ2TXDZY Value: GS1.1.1697655052.1.1.1697655052.60.0.0
.td.com/	1970-01-21 01:10:15	Name: _ga_899CC1L385 Value: GS1.1.1697655052.1.1.1697655052.60.0.0
.td.com/	1970-01-21 00:19:51	Name: cdSNum Value: 1697655052403-sjn0000471-a77ddd7f-83fa-46b1-bb3d-f132e8265136
.dpm.demdex.net/	1970-01-20 19:53:27	Name: dpm Value: 64866008341005129681299456859120744030
.td.com/	1970-01-21 01:10:15	Name: s_ecid Value: MCMID%7C65139350862331819461327353824832626796
.td.com/	1970-01-21 01:10:15	Name: AMCV_A783776A5245B1E50A490D44%40AdobeOrg Value: 1585540135%7CMCIDTS%7C19649%7CMCMID%7C65139350862331819461327353824832626796%7CMCAAMLH-1698259852%7C7%7CMCAAMB-1698259852%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1697662252s%7CNONE%7CMCSYNCSOP%7C411-19656%7CMCAID%7CNONE%7CvVersion%7C4.4.0
.td.com/	1970-01-20 16:17:27	Name: s_pers Value: %20s_vnum%3D1697698800635%2526vn%253D1%7C1697698800635%3B%20s_invisit%3Dtrue%7C1697656852639%3B%20s_nr%3D1697655052641-New%7C1700247052641%3B
.td.com/	1969-12-31 23:59:59	Name: s_sess Value: %20s_cc%3Dtrue%3B
.agkn.com/	1970-01-21 00:19:51	Name: ab Value: 0001%3AGKgBmk3aAwF8q%2BUKuR2g53oJtkh%2BNBKL
.td.com/	1970-01-20 19:53:27	Name: AAMC_td_0 Value: REGION%7C7
.authentication.td.com/	1970-01-20 16:17:27	Name: aam_oas Value: aam%3Dtest
.authentication.td.com/	1970-01-20 15:35:41	Name: aam_wcm Value: Province%3Don%2CROC%2CCountry%3DCA
.authentication.td.com/	1970-01-20 16:17:27	Name: aam_uuid Value: 64866008341005129681299456859120744030
.mathtag.com/	1970-01-21 01:00:10	Name: uuid Value: 1a156530-290d-4800-a5b3-866c757c3888
.td.com/	1970-01-20 15:34:16	Name: seerses Value: e
.td.com/	1970-01-21 01:10:15	Name: seerid Value: df218ca4-7002-49d7-9635-50b660642e50
.td.com/	1970-01-21 01:10:15	Name: _ga Value: GA1.2.243945480.1697655052
.td.com/	1970-01-20 15:35:41	Name: _gid Value: GA1.2.484598828.1697655054
.td.com/	1970-01-20 15:34:15	Name: _gat_gtag_UA_196335417_1 Value: 1
.td.com/	1970-01-20 15:34:15	Name: _gat_gtag_UA_196335417_7 Value: 1
.lytics.io/	1970-01-21 01:10:15	Name: seerid Value: df218ca4-7002-49d7-9635-50b660642e50
.rubiconproject.com/	1970-01-21 00:19:51	Name: khaos Value: LNW3ZISU-8-LH1Z
.rubiconproject.com/	1970-01-21 00:19:51	Name: audit Value: 1\|RyWuSlFYGg6/pz9IVHwV/VvJjV5kxXpsTldLQBo1dK76iLMg9tLrddP5Mecmu+PbRhzPspVU9v/yUhTWCqUS/Lu8MdjV0SuE+M4Aw+shNlVK3obhy3xJYytYew6TVXJxNgJCpCPmN5pn9iCXir43YTqkC6JVrqj9oxw3IrM1QdF01qAbJMnMkX2NFdeBSG8D5IYzazhYCkuma+WVcS1g3g==
.tapad.com/	1970-01-20 17:00:39	Name: TapAd_TS Value: 1697655053585
.tapad.com/	1970-01-20 17:00:39	Name: TapAd_DID Value: b1222b6c-b59a-4c3f-841a-312a48c6e89b
.tapad.com/	1970-01-20 17:00:39	Name: TapAd_3WAY_SYNCS Value:
.33across.com/	1970-01-21 00:19:51	Name: 33x_ps Value: u%3D212206629217109%3As1%3D1697655053698%3Ats%3D1697655053698
.doubleclick.net/	1970-01-21 01:10:15	Name: IDE Value: AHWqTUm9fz5K9Uj1vl5l90AUKCXeGsZGnO_2zf-4iE9onbEsnsTbVThv47wFiY9hzwQ
.twitter.com/	1970-01-21 01:10:15	Name: personalization_id Value: "v1_KQaY8InmLKeNDLh5Gtnx7Q=="
.everesttech.net/	1970-01-20 16:18:53	Name: ev_sync_ax Value: 20231018
.everesttech.net/	1969-12-31 23:59:59	Name: everest_session_v2 Value: ZTApDgAAAaMafjPr
.quantserve.com/	1970-01-20 17:43:51	Name: d Value: ENsBDAGbKrmvYA
.quantserve.com/	1970-01-21 01:04:29	Name: mc Value: 6530290e-8460d-715e9-36564
.bing.com/	1970-01-21 00:55:51	Name: MUID Value: 1440AA34BF8E62C73CA4B99ABEA46366
.c.bing.com/	1970-01-20 15:44:19	Name: MR Value: 0
.ml314.com/	1970-01-21 00:21:17	Name: pi Value: 3639310649068093506
.tribalfusion.com/	1970-01-20 17:43:51	Name: ANON_ID Value: aunsmAwl6h7bQQwbPBqU87aWmZaOA3vq64mMVHDRenQPbYULeZbLIZc14oc6LSCDIPVA7Zbt4wlF0K54
.yahoo.com/	1970-01-21 00:20:12	Name: A3 Value: d=AQABBA8pMGUCEGGZIewDJDRKCGTNwxqF2UgFEgEBAQF6MWU6ZSXaxyMA_eMAAA&S=AQAAAjMaVluL2BegsuANwXdCj9w
.analytics.yahoo.com/	1970-01-21 00:19:51	Name: IDSYNC Value: 19cu~2eju
.owneriq.net/	1970-01-21 01:10:15	Name: si Value: Q7509414551903271977
.owneriq.net/	1970-01-20 15:48:39	Name: p2 Value: adpq
.everesttech.net/	1970-01-20 16:18:53	Name: ev_sync_yh Value: 20231018
.demdex.net/	1970-01-20 19:53:27	Name: dextp Value: 21-1-1697655052842\|269-1-1697655053215\|358-1-1697655053317\|481-1-1697655053417\|540-1-1697655053518\|601-1-1697655053619\|771-1-1697655053719\|1123-1-1697655053820\|1083-1-1697655053921\|1085-1-1697655054021\|1086-1-1697655054122\|1087-1-1697655054223\|1088-1-1697655054323\|1175-1-1697655054424\|1957-1-1697655054528\|19913-1-1697655054629\|22054-1-1697655054730\|22052-1-1697655054831\|30646-1-1697655054932\|575-1-1697655055033\|53196-1-1697655055134\|59982-1-1697655055235\|83349-1-1697655055336\|139200-1-1697655055437
.amazon-adsystem.com/	1970-01-20 21:44:19	Name: ad-id Value: A8_CwWyQmUZMjeXl5s_rkq8
.amazon-adsystem.com/	1970-01-21 01:10:15	Name: ad-privacy Value: 0

20 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://authentication.td.com/waw/idp/js/td_common_153.js Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
rendering	warning	URL: https://authentication.td.com/waw/idp/js/td_common_153.js Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
other	warning	URL: https://bcdn.td.com/scripts/dfb31537/dfb31537.js(Line 7) Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
rendering	warning	URL: https://authentication.td.com/waw/idp/js/td_common_153.js Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
worker	warning	URL: blob:https://authentication.td.com/efaeb52e-4533-4352-8893-4f5d39a374fc(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:5902/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://authentication.td.com/b7572336-2a10-4577-bf16-f2674db1c286(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:5901/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://authentication.td.com/f0796cf7-c7eb-4a73-bcc3-1f13bbba615a(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:5900/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://authentication.td.com/3183f08f-8a47-4943-9f87-a21adac70bef(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:63333/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://authentication.td.com/8eef3ceb-0a3a-4e08-bd39-bcd4c4a53639(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:5931/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://authentication.td.com/24b37876-7e7a-4363-b382-e44a86c1ebef(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:3389/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://authentication.td.com/35437da3-6027-4436-8c8e-896b3bcefa4c(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:5903/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://authentication.td.com/859fd857-57d5-47f3-b596-a259e41837fb(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:2112/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://authentication.td.com/7091266b-5d0c-424c-892e-0d638e1b0a90(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:6039/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://authentication.td.com/ca3ac9a4-8bb1-40eb-88e5-0be01682dd6d(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:7070/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://authentication.td.com/e5719dc2-6b36-4b4f-926d-7556aa18c3d3(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:5938/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://authentication.td.com/152d8455-0951-4315-b0d3-71db6c6fcad8(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:5279/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://authentication.td.com/78b18356-c836-4a62-8e23-b127f1c1897f(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:5939/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://authentication.td.com/87c3e052-e000-4945-93ef-b01ae6f0674d(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:6040/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://authentication.td.com/2a2fa485-5fc0-43f6-98f1-e42dc07465df(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:5950/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://authentication.td.com/6ac1e4f4-aa36-4211-81d6-780fa7ffd3c6(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:5944/' failed: WebSocket is closed before the connection is established.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
aa.agkn.com
acdn.adnxs.com
ads.yahoo.com
analytics.google.com
analytics.twitter.com
authentication.td.com
bcdn.td.com
c.bing.com
c.lytics.io
cm.everesttech.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
data.privacy.ensighten.com
dp2.33across.com
dpm.demdex.net
easyweb.td.com
exchange.adstanding.com
fei.pro-market.net
h.online-metrix.net
i8n5h0pwuxfod7c7y6h3gsba2wtotrai2ukxd7pk60a7b55031296279sac.d.aa.online-metrix.net
ib.adnxs.com
ml314.com
nexus.ensighten.com
pixel.everesttech.net
pixel.tapad.com
px.owneriq.net
s.amazon-adsystem.com
s.tribalfusion.com
smetrics.td.com
stats.g.doubleclick.net
sync.mathtag.com
td.demdex.net
tmx.td.com
token.rubiconproject.com
ups.analytics.yahoo.com
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.wcmcaas.td.com
104.18.25.173
104.244.42.3
107.178.240.89
13.249.39.83
142.250.31.94
142.251.16.113
142.251.16.156
151.101.129.108
172.253.115.105
172.253.115.156
172.253.122.113
172.253.63.97
172.67.73.236
18.211.158.154
192.184.68.134
192.225.158.1
192.225.158.132
192.225.158.3
204.79.197.200
216.200.232.253
23.205.106.68
23.205.106.75
23.205.106.82
23.205.106.89
23.61.60.237
3.162.103.116
3.225.218.10
3.232.15.196
31.13.66.35
34.111.113.62
34.111.234.236
52.1.122.252
52.1.190.243
52.46.143.56
54.236.156.168
67.202.105.22
68.67.160.114
69.147.92.12
69.173.151.100
72.44.58.73
99.84.191.50
01230e61230a91ec2dd8b2fbe826de157493002c1b6ccc46277404970627440b
0373017fc21c582e0897f8f97d648ccc9fbd188a315b74940a86cbfdb4f361fb
0e3e1391e6b001a1c6e90172499a7f04c875c36810be81a7954bc229ce3994ea
0eeb87bdba6df7b99990c1b3a9f6cd61f96bb0ba2311494c038c0a47e6591570
1eec5d0bc72fba33ce753f6009a277e07041fb92d221ae5839bbc5e8fff1d0bb
2462fd4e9d1d45842a17f6d320799cc84e6fcba03515c4a8eae9abc2bb93f219
2582eb48101c14aab5e8fa2a66b48f589da7c8e292e6b97a3b1da444bcbb81c9
2a2d9a0b4d3771cc1e990ad2ae20b41922608f382d4a5c21703dee7739b42007
2bafd59a69fa70ee382eefa0a5ec69c492d12493e2630f92b524171f0ba9b5bd
2bc95592b3df2c22a415a38d394b52e9d97d5ba18c9e5b0f8205ada72fbe1923
2e3f935ac779b7440c7ce9981857ed58156acf3c0c4e65bac733b31210f6fb97
2f756735cc9373185086bec53761d4b488c2370a96fc3bec1b63acc4fb3c0d87
2f91556c9c3dc00e2fe74f096c80b926145f3448e9f5c580a362fe055c862df6
2fb2aa73046aaa29889e60ee7b9c46ee53743e83e204128977534c8d8ff341dd
370ae50d75ba8ae403a867926831e9dba2cd6f078e2d1424e13f7c778cd40a0c
398514ed4ea7cd2386d39868ffc498ab4ab318ef43b58650d1608d5dd343475f
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eaeb889294d9e53960e05e2e9d72166c4a1032695356b3cb3a4bcb4fa1a4ad3
43ad095f34da8d8d17e1aa49feec927460e0f3cd1d58448164d2f65c19477f97
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45e04ac11dbb5d37c94fb67f908a63c5ffbd2a11cdeff767802b344398325b5f
48de11a215d9a36b379bce266af1317ade133a5f3fd0fa752c83218b9960184a
49dae03d2548676841076fc616953b2281fb30b7e3d77ded3095fcbbac07eccc
508400ff2ebc9f130357060828e64c32f9624fda3aad29452eb7c99d172b614a
50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23
532d3519198622825fac06bc59dabf3941241fe3db330c2fec55b827f09990aa
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c5acbb82a46a4971660f65131241dffcc28828f4dbd76b8ec7bab0b468250f8
6c75bfb6a92b6ad0b8e55968c517daedeea73042b4a0e959a7d0a787cde0d797
6e74a861684834fdb30a4b69d4bd38e48e5fcf2ba4abccbd46bd073f0976423e
73e59ad6b64cc9f9b23f4ac5170a5e328f9826dcb88650cfb3aeccee469f47b0
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7f8f92a1913474ebb54f27bb9a908eb8006c76665ed14ed7ebea958b661b4b7a
8263dca9319e99b14190a28a9e19654949ae5fc7805a9ff211a8e2b0e8fcd45b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8417f8caa9ff0ecac62cfacf56ca432546c2cd3e004cef3e1f65f3e201cb5a93
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
889f1af6a366c47d395090ef9a561a6e22374eda9257fb17ebe04d3a8e91edb9
88e583f9872191a9b331874a56f9ec0bf5d3ebfd451dc50e66b9d722eb6538b4
8adf7be5e4b8e09896eb13e9eaa409a3bcf7d35a096c858127816cd520d8b13f
90400b04843bd9ff25ca2b1864b794caf7f50dfd1171707339ab9c0cf63c78c7
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
a73ab71c9ffb7850a1b0e8f74ff8e1d911a6d52bfe4716da164667a8e2ba205d
ab10514574cbb2ff92eb71016b2c14dee1eb5c34965bb823ced39a94ee2bd7c8
ac1b49fbc07bc213a11a155a4291f333ea63cf313a48c31db0b73bc612ba08e5
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae8dd97d122ea91c6559c332285745599586f9ceb955aa735c69e69b29cded14
b003829e27c2fae081e1568a2cf86d0d65e6f2549c13ffd3ec394589e1bbfe69
b5e69e1c4a7e365ab5e64866584897927d7246898440e6a942fdf1da98739da7
bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c226c588db26cba9f39ec78e1d536231426c5cc938671c54c9f7bb64ccf67991
c397ee0241d56c708684246428160ede8a16276eb3c85ee8c90518168b42de64
c6be5de48e29c88eecdf1ceeb1e79af23f88462c7e3df7fff59119dd27a60d29
ca1257949386803b5327045028d8ccd63a1fb80e7627c8e55b2fa28c8113f3c0
d49999a1317ad5863acc07dde1aa5f1282440ee94aa27a926dd740fa2ae58758
d6b16b0f2068f7256c58f598770ae2ab34dfa4a4add0316fdd5057b1953a408c
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e409d5c97689db8631775a5d9d7156e7d41abb34ff20b8aa3512e08f66054c3b
e9682e19c129f7675bf49c78b22a6fb88b0d7fe6442cb6f3e2b555b5e94bb3ca
ea99bd3fb4ae5d61320b918295829a784d4cef63b321451db06a6bbe4314f0d4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef880693571db60a665cceffeea7d30335d5727dda98f8a9c1429352fdff8be1
f15f7f5a4a785a47d30ca214b48a92cfcdf48c358e7fa0c497210325be80fac0
f706cbdcf3c225f1a1fc2f3430c8842ccf694db18ce85c92edacb4fc0684f6c3
fc4c2153c9fde72db771ada7f07538ca5b475e39023f06c285d6c58517f2f41d

authentication.td.com Open in urlscan Pro 23.205.106.89 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

141 Requests

69 %HTTPS

0 %IPv6

28 Domains

43 Subdomains

27 IPs

2 Countries

2000 kBTransfer

6618 kBSize

62 Cookies

52 Outgoing links

Page URL History

Redirected requests

141 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

authentication.td.com Open in urlscan Pro
23.205.106.89 Public Scan

Screenshot
Live screenshot

Full Image

141
Requests

69 %
HTTPS

0 %
IPv6

28
Domains

43
Subdomains

27
IPs

2
Countries

2000 kB
Transfer

6618 kB
Size

62
Cookies

141 HTTP transactions
1 data transactions