authorization.td.com Open in urlscan Pro
152.199.0.64 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.member-services.ca/?qs=7983da438a25766856492b7ceaa4233404ed147313626d7937c93e8497455491493f3c2f41105eb151bf77e4c3ad...
Effective URL:
https://authorization.td.com/as/authorization.oauth2?response_type=code&client_id=ac1d3321-7783-4140-9382-687a2cd6a3b7&pfidpa...
Submission: On July 08 via api (July 8th 2022, 3:58:10 pm UTC) from CA — Scanned from CA

Summary HTTP 47 Redirects Behaviour Indicators

Summary

This website contacted 13 IPs in 1 countries across 24 domains to perform 47 HTTP transactions. The main IP is 152.199.0.64, located in and belongs to . The main domain is authorization.td.com.
TLS certificate: Issued by Entrust Certification Authority - L1M on March 31st 2022. Valid for: a year.

This is the only time authorization.td.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.111.216.93 13.111.216.93	22606 (EXACT-7) (EXACT-7)
4 16	152.199.0.240 152.199.0.240	15133 (EDGECAST) (EDGECAST)
4	2600:1400:d:5... 2600:1400:d:586::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 17	35.155.39.212 35.155.39.212	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:80b::2008	15169 (GOOGLE) (GOOGLE)
1 2	152.199.0.64 152.199.0.64	() ()
1	54.148.151.110 54.148.151.110	16509 (AMAZON-02) (AMAZON-02)
1	34.203.48.147 34.203.48.147	14618 (AMAZON-AES) (AMAZON-AES)
8 8	34.238.212.152 34.238.212.152	14618 (AMAZON-AES) (AMAZON-AES)
1 1	143.204.146.35 143.204.146.35	16509 (AMAZON-02) (AMAZON-02)
1 1	216.200.232.249 216.200.232.249	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	68.67.181.202 68.67.181.202	29990 (ASN-APPNEX) (ASN-APPNEX)
1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	107.178.246.49 107.178.246.49	15169 (GOOGLE) (GOOGLE)
1 1	67.202.105.24 67.202.105.24	32748 (STEADFAST) (STEADFAST)
8 8	142.250.80.34 142.250.80.34	15169 (GOOGLE) (GOOGLE)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
6 12	54.236.94.205 54.236.94.205	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2620:116:800b... 2620:116:800b:21:a021:b886:81cc:55cf	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 2	2606:4700:440... 2606:4700:4400::ac40:98f5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	34.111.234.236 34.111.234.236	15169 (GOOGLE) (GOOGLE)
1 1	76.13.32.147 76.13.32.147	26101 (YAHOO-BF1) (YAHOO-BF1)
1 1	2600:1901:0:8... 2600:1901:0:8eee::	15169 (GOOGLE) (GOOGLE)
2 2	23.3.125.39 23.3.125.39	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	44.205.34.96 44.205.34.96	14618 (AMAZON-AES) (AMAZON-AES)
1	2001:4998:14:... 2001:4998:14:800::1001	14777 (YAHOO) (YAHOO)
2 3	52.46.151.131 52.46.151.131	16509 (AMAZON-02) (AMAZON-02)
47	13

1 13.111.216.93 (United States) 1 redirects

ASN22606 (EXACT-7, US)
PTR: click.member-services.ca

click.member-services.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 152.199.0.240 (United States) 4 redirects

ASN15133 (EDGECAST, US)

myinsurance.td.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1400:d:586::1e80 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 35.155.39.212 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-155-39-212.us-west-2.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80b::2008 (New York, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 152.199.0.64 (None, ) 1 redirects

ASN- ()

authentication.td.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
authorization.td.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.148.151.110 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-148-151-110.us-west-2.compute.amazonaws.com

td.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.203.48.147 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-203-48-147.compute-1.amazonaws.com

tdbankfinancialgroup.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.238.212.152 (Ashburn, United States) 8 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-238-212-152.compute-1.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.146.35 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-146-35.ewr52.r.cloudfront.net

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.200.232.249 (Frederick, United States) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.181.202 (Secaucus, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 555.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.246.49 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.24 (United States) 1 redirects

ASN32748 (STEADFAST, US)
PTR: ip24.67-202-105.static.steadfastdns.net

dp2.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.80.34 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 54.236.94.205 (Ashburn, United States) 6 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-94-205.compute-1.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800b:21:a021:b886:81cc:55cf (United States) 1 redirects

ASN14618 (AMAZON-AES, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:98f5 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.234.236 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 236.234.111.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.13.32.147 (Lockport, United States) 1 redirects

ASN26101 (YAHOO-BF1, US)
PTR: spcms.pbp.vip.bf1.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:8eee:: (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.3.125.39 (Secaucus, United States) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-3-125-39.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.205.34.96 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-205-34-96.compute-1.amazonaws.com

exchange.adstanding.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4998:14:800::1001 (United States)

ASN14777 (YAHOO, US)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.46.151.131 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	everesttech.net 14 redirects cm.everesttech.net — Cisco Umbrella Rank: 850 pixel.everesttech.net — Cisco Umbrella Rank: 3023	9 KB
18	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 192 td.demdex.net — Cisco Umbrella Rank: 47240	20 KB
18	td.com 5 redirects myinsurance.td.com authentication.td.com authorization.td.com	724 KB
8	doubleclick.net 8 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 205	837 B
4	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 418	99 KB
3	amazon-adsystem.com 2 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 286	2 KB
2	owneriq.net 2 redirects px.owneriq.net — Cisco Umbrella Rank: 1004	1 KB
2	yahoo.com 1 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 847 ads.yahoo.com — Cisco Umbrella Rank: 1058	1 KB
2	tribalfusion.com 2 redirects a.tribalfusion.com — Cisco Umbrella Rank: 802 s.tribalfusion.com — Cisco Umbrella Rank: 2209	1005 B
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 444	929 B
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 244	2 KB
1	adstanding.com 1 redirects exchange.adstanding.com — Cisco Umbrella Rank: 125920	169 B
1	pro-market.net 1 redirects fei.pro-market.net — Cisco Umbrella Rank: 2763	305 B
1	ml314.com 1 redirects ml314.com — Cisco Umbrella Rank: 1532	407 B
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 182	613 B
1	quantserve.com 1 redirects pixel.quantserve.com — Cisco Umbrella Rank: 443	495 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 516	354 B
1	33across.com 1 redirects dp2.33across.com — Cisco Umbrella Rank: 10195	500 B
1	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 711	718 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 462	685 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 445	632 B
1	omtrdc.net tdbankfinancialgroup.tt.omtrdc.net — Cisco Umbrella Rank: 79509	724 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 89	40 KB
1	member-services.ca 1 redirects click.member-services.ca	202 B
47	24

	Domain	Requested by
17	dpm.demdex.net	1 redirects myinsurance.td.com
16	myinsurance.td.com	4 redirects myinsurance.td.com
12	pixel.everesttech.net	6 redirects
8	cm.g.doubleclick.net	8 redirects
8	cm.everesttech.net	8 redirects
4	assets.adobedtm.com	myinsurance.td.com assets.adobedtm.com
3	s.amazon-adsystem.com	2 redirects
2	px.owneriq.net	2 redirects
2	pixel.tapad.com	2 redirects
2	ib.adnxs.com	2 redirects
1	ads.yahoo.com
1	exchange.adstanding.com	1 redirects
1	fei.pro-market.net	1 redirects
1	cms.analytics.yahoo.com	1 redirects
1	ml314.com	1 redirects
1	s.tribalfusion.com	1 redirects
1	a.tribalfusion.com	1 redirects
1	c.bing.com	1 redirects
1	pixel.quantserve.com	1 redirects
1	analytics.twitter.com
1	dp2.33across.com	1 redirects
1	token.rubiconproject.com
1	sync.mathtag.com	1 redirects
1	aa.agkn.com	1 redirects
1	tdbankfinancialgroup.tt.omtrdc.net	myinsurance.td.com
1	td.demdex.net	assets.adobedtm.com
1	authorization.td.com	myinsurance.td.com
1	authentication.td.com	1 redirects
1	www.googletagmanager.com	assets.adobedtm.com
1	click.member-services.ca	1 redirects
47	30

This site contains no links.

Subject Issuer	Validity	Valid
myinsurance.td.com Entrust Certification Authority - L1M	`2021-10-15` - `2022-10-15`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-10` - `2022-09-10`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
authentication.td.com Entrust Certification Authority - L1M	`2022-03-31` - `2023-04-29`	a year	crt.sh
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-11` - `2022-10-12`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-22` - `2023-02-22`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://authorization.td.com/as/authorization.oauth2?response_type=code&client_id=ac1d3321-7783-4140-9382-687a2cd6a3b7&pfidpadapterid=uapdapter&scope=sapm.tdia.sapi.r%20gps.ap.acc.r%20gps.ap.pol.r%20gps.cif.prts.r%20gps.ra.affgrps.r%20docm.cmod.fldr.r%20docm.tdidocs.repo.r%20edge.pc.account.r%20edge.pc.account.w%20edge.pc.account.a%20edge.pc.policy.r%20edge.pc.policy.w%20edge.pc.policy.a%20edge.pc.quote.r%20edge.pc.quote.w%20edge.pc.quote.a%20edge.pc.claim.r%20edge.pc.claim.w%20edge.pc.claim.a%20edge.pc.none.r%20edge.pc.none.w%20edge.pc.none.a%20edge.bc.account.r%20edge.bc.account.w%20edge.bc.account.a%20edge.bc.policy.r%20edge.bc.policy.w%20edge.bc.policy.a%20edge.cc.policy.r%20edge.cc.policy.w%20edge.cc.policy.a%20edge.cc.claim.r%20edge.cc.claim.w%20edge.cc.claim.a%20gps.ap.mtv.r%20gps.ap.licv.r%20prts.cm.prtsgps.r%20astp.altr.asnp.r%20astp.altr.asnp.w%20vlet.dcc.vlet.w%20enr.tdw.prdc.r%20enr.tdw.prdc.w%20enr.dipor.enr.r&nonce=69b8583a-1378-4421-a83f-263b751e15a4&redirect_uri=https://myinsurance.td.com/waw/ins/pol/application/login&state=action:default;cxid:c7d49e50-1009-49bd-83a5-9cc210b07447
Frame ID: 895389C37A1FB2F9A3C80A502F2CF6DD
Requests: 22 HTTP requests in this frame

Frame: https://td.demdex.net/dest5.html?d_nsid=0
Frame ID: A310A978517AB502CA5641A68EFDFEF0
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://click.member-services.ca/?qs=7983da438a25766856492b7ceaa4233404ed147313626d7937c93e8497455491493f3c2f... HTTP 302
https://myinsurance.td.com/ HTTP 301
https://myinsurance.td.com/waw/ins/pol/ HTTP 302
https://myinsurance.td.com/waw/ins/pol/view/portfolio/summary HTTP 302
https://myinsurance.td.com/waw/ins/pol/login HTTP 302
https://myinsurance.td.com/waw/ins/pol/application/login Page URL
https://authentication.td.com/uap-ui/login-bootstrap?lang=en_CA&tsnConsumerAppId=urn:appid:WIP&consumer=di... HTTP 302
https://authorization.td.com/as/authorization.oauth2?response_type=code&client_id=ac1d3321-7783-4140-9382... Page URL

Detected technologies

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

47
Requests

49 %
HTTPS

25 %
IPv6

24
Domains

30
Subdomains

13
IPs

1
Countries

886 kB
Transfer

2622 kB
Size

45
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.member-services.ca/?qs=7983da438a25766856492b7ceaa4233404ed147313626d7937c93e8497455491493f3c2f41105eb151bf77e4c3ada552f3494313735913a2 HTTP 302
https://myinsurance.td.com/ HTTP 301
https://myinsurance.td.com/waw/ins/pol/ HTTP 302
https://myinsurance.td.com/waw/ins/pol/view/portfolio/summary HTTP 302
https://myinsurance.td.com/waw/ins/pol/login HTTP 302
https://myinsurance.td.com/waw/ins/pol/application/login Page URL
https://authentication.td.com/uap-ui/login-bootstrap?lang=en_CA&tsnConsumerAppId=urn:appid:WIP&consumer=dipse&client_id=ac1d3321-7783-4140-9382-687a2cd6a3b7&pfidpadapterid=uapdapter&scope=sapm.tdia.sapi.r%20gps.ap.acc.r%20gps.ap.pol.r%20gps.cif.prts.r%20gps.ra.affgrps.r%20docm.cmod.fldr.r%20docm.tdidocs.repo.r%20edge.pc.account.r%20edge.pc.account.w%20edge.pc.account.a%20edge.pc.policy.r%20edge.pc.policy.w%20edge.pc.policy.a%20edge.pc.quote.r%20edge.pc.quote.w%20edge.pc.quote.a%20edge.pc.claim.r%20edge.pc.claim.w%20edge.pc.claim.a%20edge.pc.none.r%20edge.pc.none.w%20edge.pc.none.a%20edge.bc.account.r%20edge.bc.account.w%20edge.bc.account.a%20edge.bc.policy.r%20edge.bc.policy.w%20edge.bc.policy.a%20edge.cc.policy.r%20edge.cc.policy.w%20edge.cc.policy.a%20edge.cc.claim.r%20edge.cc.claim.w%20edge.cc.claim.a%20gps.ap.mtv.r%20gps.ap.licv.r%20prts.cm.prtsgps.r%20astp.altr.asnp.r%20astp.altr.asnp.w%20vlet.dcc.vlet.w%20enr.tdw.prdc.r%20enr.tdw.prdc.w%20enr.dipor.enr.r&response_type=code&redirect_uri=https://myinsurance.td.com/waw/ins/pol/application/login&state=action:default;cxid:c7d49e50-1009-49bd-83a5-9cc210b07447 HTTP 302
https://authorization.td.com/as/authorization.oauth2?response_type=code&client_id=ac1d3321-7783-4140-9382-687a2cd6a3b7&pfidpadapterid=uapdapter&scope=sapm.tdia.sapi.r%20gps.ap.acc.r%20gps.ap.pol.r%20gps.cif.prts.r%20gps.ra.affgrps.r%20docm.cmod.fldr.r%20docm.tdidocs.repo.r%20edge.pc.account.r%20edge.pc.account.w%20edge.pc.account.a%20edge.pc.policy.r%20edge.pc.policy.w%20edge.pc.policy.a%20edge.pc.quote.r%20edge.pc.quote.w%20edge.pc.quote.a%20edge.pc.claim.r%20edge.pc.claim.w%20edge.pc.claim.a%20edge.pc.none.r%20edge.pc.none.w%20edge.pc.none.a%20edge.bc.account.r%20edge.bc.account.w%20edge.bc.account.a%20edge.bc.policy.r%20edge.bc.policy.w%20edge.bc.policy.a%20edge.cc.policy.r%20edge.cc.policy.w%20edge.cc.policy.a%20edge.cc.claim.r%20edge.cc.claim.w%20edge.cc.claim.a%20gps.ap.mtv.r%20gps.ap.licv.r%20prts.cm.prtsgps.r%20astp.altr.asnp.r%20astp.altr.asnp.w%20vlet.dcc.vlet.w%20enr.tdw.prdc.r%20enr.tdw.prdc.w%20enr.dipor.enr.r&nonce=69b8583a-1378-4421-a83f-263b751e15a4&redirect_uri=https://myinsurance.td.com/waw/ins/pol/application/login&state=action:default;cxid:c7d49e50-1009-49bd-83a5-9cc210b07447 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://click.member-services.ca/?qs=7983da438a25766856492b7ceaa4233404ed147313626d7937c93e8497455491493f3c2f41105eb151bf77e4c3ada552f3494313735913a2 HTTP 302
https://myinsurance.td.com/ HTTP 301
https://myinsurance.td.com/waw/ins/pol/ HTTP 302
https://myinsurance.td.com/waw/ins/pol/view/portfolio/summary HTTP 302
https://myinsurance.td.com/waw/ins/pol/login HTTP 302
https://myinsurance.td.com/waw/ins/pol/application/login

Request Chain 20

https://cm.everesttech.net/cm/dd?d_uuid=89087189296448334713960808692166604905 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YshUDQAAAJ8ynANw

Request Chain 21

https://aa.agkn.com/adscores/g.pixel?sid=9211132908&aam=89087189296448334713960808692166604905 HTTP 302
https://dpm.demdex.net/ibs:dpid=21&dpuuid=213130604206311554708

Request Chain 22

https://sync.mathtag.com/sync/img?mt_exid=10004&mt_exuid=89087189296448334713960808692166604905&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D269%26dpuuid%3D[MM_UUID]%26ddsuuid%3d89087189296448334713960808692166604905 HTTP 302
https://dpm.demdex.net/ibs:dpid=269&dpuuid=aefc62c8-540d-4700-9a87-326127f3d2cf&ddsuuid=89087189296448334713960808692166604905

Request Chain 23

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
https://dpm.demdex.net/ibs:dpid=358&dpuuid=6236205030853610296

Request Chain 25

https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D540%26dpuuid%3D%24%7BTA_DEVICE_ID%7D&partner_device_id=89087189296448334713960808692166604905 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=ADB&partner_url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D540%26dpuuid%3D%24%7BTA_DEVICE_ID%7D&partner_device_id=89087189296448334713960808692166604905 HTTP 302
https://dpm.demdex.net/ibs:dpid=540&dpuuid=d0e37977-98a0-4345-8796-0be2b7901eae

Request Chain 26

https://dp2.33across.com/ps/?pid=897&random=857285357 HTTP 302
https://dpm.demdex.net/ibs:dpid=601&dpuuid=211854788138471&random=1657295886

Request Chain 27

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=ODkwODcxODkyOTY0NDgzMzQ3MTM5NjA4MDg2OTIxNjY2MDQ5MDU= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=ODkwODcxODkyOTY0NDgzMzQ3MTM5NjA4MDg2OTIxNjY2MDQ5MDU=&google_tc= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEIzhLA23tpk8ZeQUNLp0LXs&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 29

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.everesttech.net%2F1x1%3F HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WXNoVURRQUFBSjh5bkFOdw&url=/1/gr%3furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F&google_gid=CAESEMb5Mj0hQ0eGJ3psA1LWpaY&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 30

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072980%26val%3D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WXNoVURRQUFBSjh5bkFOdw&url=/1/gr%3furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEMb5Mj0hQ0eGJ3psA1LWpaY&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 31

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fib.adnxs.com%2Fpxj%3Faction%3Dsetuid(%27__EFGSURFER__.__EFGCK__%27)%26bidder%3D51%26seg%3D2634060der%3D51%26seg%3D2634060 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WXNoVURRQUFBSjh5bkFOdw&url=/1/gr%3furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D2634060der%253D51%2526seg%253D2634060 HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D2634060der%253D51%2526seg%253D2634060&google_gid=CAESEMb5Mj0hQ0eGJ3psA1LWpaY&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 32

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fexpires%3D30%26nid%3D2181%26put%3D__EFGSURFER__.__EFGCK__%26v%3D11782 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WXNoVURRQUFBSjh5bkFOdw&url=/1/gr%3furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2526v%253D11782 HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2526v%253D11782&google_gid=CAESEMb5Mj0hQ0eGJ3psA1LWpaY&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 33

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%3D%26piggybackCookie%3D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WXNoVURRQUFBSjh5bkFOdw&url=/1/gr%3furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggybackCookie%253D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggybackCookie%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEMb5Mj0hQ0eGJ3psA1LWpaY&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 34

https://pixel.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=bL2wAW-741x37OIPOLr-CW62tQB3v-BdPLcOE48Y

Request Chain 35

https://c.bing.com/c.gif?uid=89087189296448334713960808692166604905&Red3=MSAdobe_pd&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=1498AB7B7FAD65E30269BAA07E076406

Request Chain 36

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D71%26external_user_id%3D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WXNoVURRQUFBSjh5bkFOdw&url=/1/gr%3furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__ HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEMb5Mj0hQ0eGJ3psA1LWpaY&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 37

https://a.tribalfusion.com/i.match?p=b13&u=89087189296448334713960808692166604905&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$ HTTP 302
https://s.tribalfusion.com/z/i.match?p=b13&u=89087189296448334713960808692166604905&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$ HTTP 302
https://dpm.demdex.net/ibs:dpid=22054

Request Chain 39

https://ml314.com/utsync.ashx?eid=50112&et=0&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D22052%26dpuuid%3D[PersonID] HTTP 302
https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3628476817667522585

Request Chain 40

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=89087189296448334713960808692166604905&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-AzOuw35E2pGOB_1eDtNZHLDNvuV5onP.PCQ-~A

Request Chain 41

https://fei.pro-market.net/engine?site=141472;size=1x1;mimetype=img;du=67;csync=89087189296448334713960808692166604905 HTTP 302
https://dpm.demdex.net/ibs:dpid=575&dpuuid=7880764155688797428

Request Chain 42

https://px.owneriq.net/eucm/p/adpq?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D53196%26dpuuid%3D(OIQ_UUID) HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdpm.demdex.net%2fibs%3adpid%3d53196%26dpuuid%3dQ7105822871480726692&uid=Q7105822871480726692&ref=%2Feucm%2Fp%2Fadpq HTTP 302
https://dpm.demdex.net/ibs:dpid=53196&dpuuid=Q7105822871480726692

Request Chain 43

https://exchange.adstanding.com/partners/aam/sync.php HTTP 302
https://dpm.demdex.net/ibs:dpid=59982&dpuuid=

Request Chain 44

https://cm.everesttech.net/cm/yh HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=YshUDQAAAJ8ynANw&sigv=1&esig=1~88128b3a989ff84ab2ece9e3f3d7a012214850d8

Request Chain 45

https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433 HTTP 302
https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433&dcc=t HTTP 302
https://dpm.demdex.net/ibs:dpid=139200&dpuuid=mN2KoCGmTzi-Ur_SYN84zQ&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=89087189296448334713960808692166604905

47 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

https://click.member-services.ca/?qs=7983da438a25766856492b7ceaa4233404ed147313626d7937c93e8497455491493f3c2f41105eb151bf77e4c3ada552f3494313735913a2
https://myinsurance.td.com/
https://myinsurance.td.com/waw/ins/pol/
https://myinsurance.td.com/waw/ins/pol/view/portfolio/summary
https://myinsurance.td.com/waw/ins/pol/login
https://myinsurance.td.com/waw/ins/pol/application/login

4 KB
5 KB

6425ms
6424ms

Document
text/html

152.199.0.240
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://myinsurance.td.com/waw/ins/pol/application/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.0.240 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (nya/79CD) /

Resource Hash

5740482fb1002483170f23f02bd97f54cc68b7dd027df404598be4fa8b33d721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache
content-language: en-
content-type: text/html; charset=UTF-8
date: Fri, 08 Jul 2022 15:58:03 GMT
etag: "1654059325:dtagent102052012181015037Onn"
expires: Fri, 08 Jul 2022 15:58:03 GMT
last-modified: Wed, 01 Jun 2022 04:55:24 GMT
referrer-policy: same-origin
server: ECD (nya/79CD)
server-timing: dtRpid;desc="396217463" ,edge;dur=6407
strict-transport-security: max-age=31536000 ; includeSubDomains
traceability-id: 5d40e7d3-af29-4069-b4a0-7272caca5a8d
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-csrf-header: X-CSRF-TOKEN
x-csrf-param: _csrf
x-csrf-token: dd9514d8-f19a-41fb-b75c-20d8de201708
x-frame-options: SAMEORIGIN
x-oneagent-js-injection: true
x-tdec-version: 8.0
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-cache
content-language: en-
content-length: 0
date: Fri, 08 Jul 2022 15:57:56 GMT
expires: Fri, 08 Jul 2022 15:57:57 GMT
location: https://myinsurance.td.com/waw/ins/pol/application/login
pragma: no-cache
referrer-policy: same-origin
server: ECD (nya/1C5A)
server-timing: dtRpid;desc="1225977955" ,edge;dur=5351
strict-transport-security: max-age=31536000 ; includeSubDomains
traceability-id: 80e4118d-49e6-412c-a6b2-555f76220d3c
x-content-type-options: nosniff
x-csrf-header: X-CSRF-TOKEN
x-csrf-param: _csrf
x-csrf-token: dd9514d8-f19a-41fb-b75c-20d8de201708
x-frame-options: SAMEORIGIN
x-oneagent-js-injection: true
x-tdec-version: 8.0
x-xss-protection: 1; mode=block

GET
H2 200 ruxitagentjs_ICA2Vfgjqru_10205201218101503.js Show response
myinsurance.td.com/waw/ins/pol/ 193 KB
75 KB 20ms
18ms Script
text/javascript 152.199.0.240
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://myinsurance.td.com/waw/ins/pol/ruxitagentjs_ICA2Vfgjqru_10205201218101503.js
Requested by: Host: myinsurance.td.com
URL: https://myinsurance.td.com/waw/ins/pol/application/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.0.240 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECD (nya/1C17) /
Resource Hash: 65001ac9461491d663d0e782e90ddba4a664071d9c1f1bd72a2b15d10818dcce

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://myinsurance.td.com/waw/ins/pol/application/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 15:58:04 GMT
content-encoding: gzip
last-modified: Wed, 03 Mar 2010 07:01:40 GMT
server: ECD (nya/1C17)
age: 313
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-tdec-version: 8.0
accept-ranges: bytes
content-length: 76233
x-vdms-version: 7.8
expires: Fri, 08 Jul 2022 15:58:03 GMT

GET
H2 200 launch-002840c58e1c.min.js Show response
assets.adobedtm.com/178dbd5c3653/bed0bf145e08/ 240 KB
76 KB 100ms
19ms Script
application/x-javascript 2600:1400:d:586::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/178dbd5c3653/bed0bf145e08/launch-002840c58e1c.min.js
Requested by: Host: myinsurance.td.com
URL: https://myinsurance.td.com/waw/ins/pol/application/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d:586::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 5ab0dbc9dff50c238aad9740ccfa32ff4948a7843d102bd14fd497c03eff0283

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 15:58:04 GMT
content-encoding: gzip
last-modified: Thu, 10 Mar 2022 16:36:37 GMT
server: AkamaiNetStorage
etag: "36092d5584c32d7a14f7cefd733cf9fd:1646930197.573791"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 77583
expires: Fri, 08 Jul 2022 16:58:04 GMT

GET
H2 200 styles.79489eed4512c4862fb3.css
myinsurance.td.com/waw/ins/pol/application/ 493 KB
56 KB 56ms
54ms Stylesheet
text/css 152.199.0.240
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://myinsurance.td.com/waw/ins/pol/application/styles.79489eed4512c4862fb3.css

Requested by

Host: myinsurance.td.com
URL: https://myinsurance.td.com/waw/ins/pol/application/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.0.240 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (nya/1C39) /

Resource Hash

e96e5de427644bd443c7bcb22798cdafa99f48f26dd3274f31ef1335e6bb1948

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://myinsurance.td.com/waw/ins/pol/application/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-csrf-param: _csrf
date: Fri, 08 Jul 2022 15:58:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-csrf-token: ca605ac8-b589-49b1-92e9-1d10ba53082d
traceability-id: af3b7225-8235-4459-836b-a05c598d9a24
age: 27
x-cache: HIT
x-oneagent-js-injection: true
x-tdec-version: 8.0
strict-transport-security: max-age=31536000 ; includeSubDomains
content-length: 57459
x-xss-protection: 1; mode=block
x-csrf-header: X-CSRF-TOKEN
referrer-policy: same-origin
last-modified: Fri, 17 Jun 2022 04:22:43 GMT
server: ECD (nya/1C39)
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=31556926
accept-ranges: bytes
expires: Fri, 08 Jul 2022 15:58:03 GMT

GET
H2 200 runtime-es2015.bc3629769898bdce6cc6.js Show response
myinsurance.td.com/waw/ins/pol/application/ 4 KB
2 KB 38ms
36ms Script
text/javascript 152.199.0.240
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://myinsurance.td.com/waw/ins/pol/application/runtime-es2015.bc3629769898bdce6cc6.js

Requested by

Host: myinsurance.td.com
URL: https://myinsurance.td.com/waw/ins/pol/application/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.0.240 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (nya/79BE) /

Resource Hash

ffa43d042a100593f7d0a8703d71b0425122cb51707391226d3a4b7aad60d452

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://myinsurance.td.com/waw/ins/pol/application/login
Origin: https://myinsurance.td.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-csrf-param: _csrf
date: Fri, 08 Jul 2022 15:58:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-csrf-token: e863de61-a164-4601-9dc0-32b41fc11c24
traceability-id: 04698dd4-f15f-4351-bc08-4ef96a7f8b61
age: 97
x-cache: HIT
x-oneagent-js-injection: true
x-tdec-version: 8.0
strict-transport-security: max-age=31536000 ; includeSubDomains
content-length: 1875
x-xss-protection: 1; mode=block
x-csrf-header: X-CSRF-TOKEN
referrer-policy: same-origin
last-modified: Fri, 17 Jun 2022 04:47:04 GMT
server: ECD (nya/79BE)
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=31556926
accept-ranges: bytes
expires: Fri, 08 Jul 2022 15:58:03 GMT

GET
H2 200 polyfills-es2015.2e3dbe77e45df7855dc6.js Show response
myinsurance.td.com/waw/ins/pol/application/ 36 KB
12 KB 38ms
37ms Script
text/javascript 152.199.0.240
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://myinsurance.td.com/waw/ins/pol/application/polyfills-es2015.2e3dbe77e45df7855dc6.js

Requested by

Host: myinsurance.td.com
URL: https://myinsurance.td.com/waw/ins/pol/application/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.0.240 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (nya/79BE) /

Resource Hash

284fa9a6361af6ebf86d85d65f97a470d2c43c2f010262049b65c30e55dc020e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://myinsurance.td.com/waw/ins/pol/application/login
Origin: https://myinsurance.td.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-csrf-param: _csrf
date: Fri, 08 Jul 2022 15:58:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-csrf-token: e863de61-a164-4601-9dc0-32b41fc11c24
traceability-id: f602b5da-707c-49c5-a88a-452a9c9b5bf8
age: 97
x-cache: HIT
x-oneagent-js-injection: true
x-tdec-version: 8.0
strict-transport-security: max-age=31536000 ; includeSubDomains
content-length: 12411
x-xss-protection: 1; mode=block
x-csrf-header: X-CSRF-TOKEN
referrer-policy: same-origin
last-modified: Fri, 17 Jun 2022 04:53:08 GMT
server: ECD (nya/79BE)
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=31556926
accept-ranges: bytes
expires: Fri, 08 Jul 2022 15:58:03 GMT

GET
H2 200 scripts.96da94fb0895a9451d2a.js Show response
myinsurance.td.com/waw/ins/pol/application/ 5 KB
3 KB 22ms
20ms Script
text/javascript 152.199.0.240
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://myinsurance.td.com/waw/ins/pol/application/scripts.96da94fb0895a9451d2a.js

Requested by

Host: myinsurance.td.com
URL: https://myinsurance.td.com/waw/ins/pol/application/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.0.240 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (nya/79E9) /

Resource Hash

33406181cd2bc62744275a16f815b034849508cf8627195bdf1994015e9812b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://myinsurance.td.com/waw/ins/pol/application/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-csrf-param: _csrf
date: Fri, 08 Jul 2022 15:58:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-csrf-token: e863de61-a164-4601-9dc0-32b41fc11c24
traceability-id: 740f64d9-3188-4eae-9bd2-d8ac8f914caf
age: 97
x-cache: HIT
x-oneagent-js-injection: true
x-tdec-version: 8.0
strict-transport-security: max-age=31536000 ; includeSubDomains
content-length: 2269
x-xss-protection: 1; mode=block
x-csrf-header: X-CSRF-TOKEN
referrer-policy: same-origin
last-modified: Fri, 17 Jun 2022 04:36:41 GMT
server: ECD (nya/79E9)
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=31556926
accept-ranges: bytes
expires: Fri, 08 Jul 2022 15:58:03 GMT

GET
H2 200 vendor-es2015.c4022a07fc43e7bc0352.js Show response
myinsurance.td.com/waw/ins/pol/application/ 1002 KB
264 KB 38ms
37ms Script
text/javascript 152.199.0.240
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://myinsurance.td.com/waw/ins/pol/application/vendor-es2015.c4022a07fc43e7bc0352.js

Requested by

Host: myinsurance.td.com
URL: https://myinsurance.td.com/waw/ins/pol/application/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.0.240 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (nya/78BA) /

Resource Hash

59a52868413a438a308c789de626d110647181d3fcfa79d6ba79c82c35b737a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://myinsurance.td.com/waw/ins/pol/application/login
Origin: https://myinsurance.td.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-csrf-param: _csrf
date: Fri, 08 Jul 2022 15:58:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-csrf-token: dc34a60f-a493-4f2e-81ab-c147d22143f2
traceability-id: ec30e23c-fb03-479e-9ff5-92ad63ea6968
age: 62
x-cache: HIT
x-oneagent-js-injection: true
x-tdec-version: 8.0
strict-transport-security: max-age=31536000 ; includeSubDomains
content-length: 269726
x-xss-protection: 1; mode=block
x-csrf-header: X-CSRF-TOKEN
referrer-policy: same-origin
last-modified: Wed, 01 Jun 2022 06:00:53 GMT
server: ECD (nya/78BA)
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=31556926
accept-ranges: bytes
expires: Fri, 08 Jul 2022 15:58:03 GMT

GET
H2 200 main-es2015.63b5d7fae9a69733c680.js Show response
myinsurance.td.com/waw/ins/pol/application/ 201 KB
39 KB 55ms
54ms Script
text/javascript 152.199.0.240
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://myinsurance.td.com/waw/ins/pol/application/main-es2015.63b5d7fae9a69733c680.js

Requested by

Host: myinsurance.td.com
URL: https://myinsurance.td.com/waw/ins/pol/application/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.0.240 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (nya/78BB) /

Resource Hash

99e3abc25ea1eedfea9662dfd0c367de2c6a61e664ddcbddb11e11f5e79ec747

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://myinsurance.td.com/waw/ins/pol/application/login
Origin: https://myinsurance.td.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-csrf-param: _csrf
date: Fri, 08 Jul 2022 15:58:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-csrf-token: e863de61-a164-4601-9dc0-32b41fc11c24
traceability-id: 5b553516-962e-482d-8539-bed23d789b07
age: 97
x-cache: HIT
x-oneagent-js-injection: true
x-tdec-version: 8.0
strict-transport-security: max-age=31536000 ; includeSubDomains
content-length: 39577
x-xss-protection: 1; mode=block
x-csrf-header: X-CSRF-TOKEN
referrer-policy: same-origin
last-modified: Wed, 01 Jun 2022 05:34:36 GMT
server: ECD (nya/78BB)
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=31556926
accept-ranges: bytes
expires: Fri, 08 Jul 2022 15:58:03 GMT

GET
H2 200 weblysleekuisl-webfont.66604a205b26ae0393b2.woff2
myinsurance.td.com/waw/ins/pol/application/ 21 KB
21 KB 19ms
18ms Font
application/font-woff2 152.199.0.240
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://myinsurance.td.com/waw/ins/pol/application/weblysleekuisl-webfont.66604a205b26ae0393b2.woff2

Requested by

Host: myinsurance.td.com
URL: https://myinsurance.td.com/waw/ins/pol/application/styles.79489eed4512c4862fb3.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.0.240 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (nya/79E8) /

Resource Hash

8adf7be5e4b8e09896eb13e9eaa409a3bcf7d35a096c858127816cd520d8b13f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://myinsurance.td.com/waw/ins/pol/application/styles.79489eed4512c4862fb3.css
Origin: https://myinsurance.td.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-csrf-param: _csrf
date: Fri, 08 Jul 2022 15:58:04 GMT
x-content-type-options: nosniff
x-csrf-token: cd568c88-a5f1-449e-a512-bc00ef8596e0
traceability-id: 6b3a02ff-2ed5-4b82-809a-ba9333d704ba
age: 76
x-cache: HIT
x-oneagent-js-injection: true
x-tdec-version: 8.0
strict-transport-security: max-age=31536000 ; includeSubDomains
content-length: 21472
x-xss-protection: 1; mode=block
x-csrf-header: X-CSRF-TOKEN
referrer-policy: same-origin
last-modified: Fri, 17 Jun 2022 04:53:08 GMT
server: ECD (nya/79E8)
etag: "1655441589:dtagent102052012181015037Onn"
x-frame-options: SAMEORIGIN
content-type: application/font-woff2
cache-control: max-age=31556926
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Jul 2022 15:58:03 GMT

GET
H2 200 loginInformation
myinsurance.td.com/waw/ins/pol/auth/ 1 KB
1 KB 322ms
322ms XHR
application/json 152.199.0.240
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://myinsurance.td.com/waw/ins/pol/auth/loginInformation

Requested by

Host: myinsurance.td.com
URL: https://myinsurance.td.com/waw/ins/pol/application/polyfills-es2015.2e3dbe77e45df7855dc6.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.0.240 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (nya/79C3) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://myinsurance.td.com/waw/ins/pol/application/login
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
x-dtpc: 24$95884523_882h2vSSEHVJMUPMFSBJPVVHRHPRDFASCKPACT-0

Response headers

x-csrf-param: _csrf
date: Fri, 08 Jul 2022 15:58:04 GMT
x-content-type-options: nosniff
x-csrf-token: dd9514d8-f19a-41fb-b75c-20d8de201708
traceability-id: 12c579b8-7e8d-4e90-b804-2fc901d295f7
x-oneagent-js-injection: true
x-tdec-version: 8.0
server-timing: dtRpid;desc="906164962" ,edge;dur=305
x-xss-protection: 1; mode=block
x-csrf-header: X-CSRF-TOKEN
pragma: no-cache
referrer-policy: same-origin
server: ECD (nya/79C3)
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000 ; includeSubDomains
content-type: application/json; charset=UTF-8
cache-control: no-cache
expires: Fri, 08 Jul 2022 15:58:04 GMT

GET
H2 200 progress.gif
myinsurance.td.com/waw/ins/pol/application/assets/images/ 244 KB
244 KB 18ms
18ms Image
image/gif 152.199.0.240
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://myinsurance.td.com/waw/ins/pol/application/assets/images/progress.gif

Requested by

Host: myinsurance.td.com
URL: https://myinsurance.td.com/waw/ins/pol/application/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.0.240 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (nya/79C8) /

Resource Hash

3b33dbbef875ebc92a62f032a8b8f21344a8b17cf32869cebdd4826b6add1d28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://myinsurance.td.com/waw/ins/pol/application/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-csrf-param: _csrf
date: Fri, 08 Jul 2022 15:58:04 GMT
x-content-type-options: nosniff
x-csrf-token: a710d4f5-fc10-4115-a4b5-0846927cb193
traceability-id: 7f30decf-48a7-44c1-a239-efd77f2e4fcf
age: 48
x-cache: HIT
x-oneagent-js-injection: true
x-tdec-version: 8.0
strict-transport-security: max-age=31536000 ; includeSubDomains
content-length: 249451
x-xss-protection: 1; mode=block
x-csrf-header: X-CSRF-TOKEN
referrer-policy: same-origin
last-modified: Fri, 17 Jun 2022 04:31:28 GMT
server: ECD (nya/79C8)
x-frame-options: SAMEORIGIN
content-type: image/gif; charset=UTF-8
cache-control: max-age=31556926
accept-ranges: bytes
expires: Fri, 08 Jul 2022 15:58:03 GMT

GET
H/1.1 200
OK id
dpm.demdex.net/ 5 KB
2 KB 330ms
90ms XHR
application/json 35.155.39.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=A783776A5245B1E50A490D44%40AdobeOrg&d_nsid=0&ts=1657295884740

Requested by

Host: myinsurance.td.com
URL: https://myinsurance.td.com/waw/ins/pol/application/polyfills-es2015.2e3dbe77e45df7855dc6.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.155.39.212 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-155-39-212.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-usw2-1-v033-02e3b1d44.edge-usw2.demdex.com 13 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: 4+DS1A6sSvU=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://myinsurance.td.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1555
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 33 KB
12 KB 20ms
19ms Script
application/x-javascript 2600:1400:d:586::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/178dbd5c3653/bed0bf145e08/launch-002840c58e1c.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d:586::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 15:58:04 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:52 GMT
server: AkamaiNetStorage
etag: "f259ee6445c19c2ce3c64a1b117a4f35:1597270192.577101"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12184
expires: Fri, 08 Jul 2022 16:58:04 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 3 KB
2 KB 21ms
21ms Script
application/x-javascript 2600:1400:d:586::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/178dbd5c3653/bed0bf145e08/launch-002840c58e1c.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d:586::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 15:58:04 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:52 GMT
server: AkamaiNetStorage
etag: "5dedcda2c8a6c3a51fd419d306427010:1597270192.857753"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1594
expires: Fri, 08 Jul 2022 16:58:04 GMT

GET
H2 200 AppMeasurement_Module_AudienceManagement.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 25 KB
9 KB 21ms
21ms Script
application/x-javascript 2600:1400:d:586::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_AudienceManagement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/178dbd5c3653/bed0bf145e08/launch-002840c58e1c.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d:586::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: e5f0058d3d737d25b691728bce12a7d0b77183781c936ca8152e28cacf9e6e3f

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 15:58:04 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:53 GMT
server: AkamaiNetStorage
etag: "c8afb92bc0d997ba5b673367e69b9ff1:1597270193.156081"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 8762
expires: Fri, 08 Jul 2022 16:58:04 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 102 KB
40 KB 94ms
48ms Script
application/javascript 2607:f8b0:4006:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6974241

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/178dbd5c3653/bed0bf145e08/launch-002840c58e1c.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ea86dceaa5da23f816ed10467d9a0082af71c2f47b5b788ef32375723392a63f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 15:58:04 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40034
x-xss-protection: 0
last-modified: Fri, 08 Jul 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 08 Jul 2022 15:58:04 GMT

POST
H2 200 rb_cf7d3730-9eed-4047-88c3-d0cd1e0cd529
myinsurance.td.com/waw/ins/pol/ 111 B
237 B 240ms
237ms Ping
text/plain 152.199.0.240
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://myinsurance.td.com/waw/ins/pol/rb_cf7d3730-9eed-4047-88c3-d0cd1e0cd529?type=js&session=24%244AE9E34D0E49B50C31D80D0DE9D321AE%7C9c254c041e249a45%7C1&svrid=24&flavor=post&visitID=SSEHVJMUPMFSBJPVVHRHPRDFASCKPACT-0&modifiedSince=1654009501764&referer=https%3A%2F%2Fmyinsurance.td.com%2Fwaw%2Fins%2Fpol%2Fapplication%2Flogin&app=9c254c041e249a45&crc=2243680778&end=1
Requested by: Host: myinsurance.td.com
URL: https://myinsurance.td.com/waw/ins/pol/ruxitagentjs_ICA2Vfgjqru_10205201218101503.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.0.240 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECD (nya/78BB) /
Resource Hash

Request headers

Referer: https://myinsurance.td.com/waw/ins/pol/application/login
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 08 Jul 2022 15:58:05 GMT
cache-control: no-cache
expires: Fri, 08 Jul 2022 15:58:04 GMT
x-tdec-version: 8.0
server: ECD (nya/78BB)
content-length: 111
content-type: text/plain;charset=utf-8

GET
H2

200

Primary Request authorization.oauth2
authorization.td.com/as/
Redirect Chain

https://authentication.td.com/uap-ui/login-bootstrap?lang=en_CA&tsnConsumerAppId=urn:appid:WIP&consumer=dipse&client_id=ac1d3321-7783-4140-9382-687a2cd6a3b7&pfidpadapterid=uapdapter&scope=sapm.tdia...
https://authorization.td.com/as/authorization.oauth2?response_type=code&client_id=ac1d3321-7783-4140-9382-687a2cd6a3b7&pfidpadapterid=uapdapter&scope=sapm.tdia.sapi.r%20gps.ap.acc.r%20gps.ap.pol.r%...

980 B
0

369ms
355ms

Document
text/html

152.199.0.64

General

Check archive.org

Show headers Download Go to

Full URL

https://authorization.td.com/as/authorization.oauth2?response_type=code&client_id=ac1d3321-7783-4140-9382-687a2cd6a3b7&pfidpadapterid=uapdapter&scope=sapm.tdia.sapi.r%20gps.ap.acc.r%20gps.ap.pol.r%20gps.cif.prts.r%20gps.ra.affgrps.r%20docm.cmod.fldr.r%20docm.tdidocs.repo.r%20edge.pc.account.r%20edge.pc.account.w%20edge.pc.account.a%20edge.pc.policy.r%20edge.pc.policy.w%20edge.pc.policy.a%20edge.pc.quote.r%20edge.pc.quote.w%20edge.pc.quote.a%20edge.pc.claim.r%20edge.pc.claim.w%20edge.pc.claim.a%20edge.pc.none.r%20edge.pc.none.w%20edge.pc.none.a%20edge.bc.account.r%20edge.bc.account.w%20edge.bc.account.a%20edge.bc.policy.r%20edge.bc.policy.w%20edge.bc.policy.a%20edge.cc.policy.r%20edge.cc.policy.w%20edge.cc.policy.a%20edge.cc.claim.r%20edge.cc.claim.w%20edge.cc.claim.a%20gps.ap.mtv.r%20gps.ap.licv.r%20prts.cm.prtsgps.r%20astp.altr.asnp.r%20astp.altr.asnp.w%20vlet.dcc.vlet.w%20enr.tdw.prdc.r%20enr.tdw.prdc.w%20enr.dipor.enr.r&nonce=69b8583a-1378-4421-a83f-263b751e15a4&redirect_uri=https://myinsurance.td.com/waw/ins/pol/application/login&state=action:default;cxid:c7d49e50-1009-49bd-83a5-9cc210b07447

Requested by

Host: myinsurance.td.com
URL: https://myinsurance.td.com/waw/ins/pol/application/main-es2015.63b5d7fae9a69733c680.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.0.64 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://myinsurance.td.com/waw/ins/pol/application/login
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-cache, no-store
content-length: 980
content-type: text/html;charset=utf-8
date: Fri, 08 Jul 2022 15:58:09 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
server: Apache
x-frame-options: SAMEORIGIN
x-tdec-version: 6.6

Redirect headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-language: en-CA
content-length: 0
date: Fri, 08 Jul 2022 15:58:09 GMT
expires: 0
location: https://authorization.td.com/as/authorization.oauth2?response_type=code&client_id=ac1d3321-7783-4140-9382-687a2cd6a3b7&pfidpadapterid=uapdapter&scope=sapm.tdia.sapi.r gps.ap.acc.r gps.ap.pol.r gps.cif.prts.r gps.ra.affgrps.r docm.cmod.fldr.r docm.tdidocs.repo.r edge.pc.account.r edge.pc.account.w edge.pc.account.a edge.pc.policy.r edge.pc.policy.w edge.pc.policy.a edge.pc.quote.r edge.pc.quote.w edge.pc.quote.a edge.pc.claim.r edge.pc.claim.w edge.pc.claim.a edge.pc.none.r edge.pc.none.w edge.pc.none.a edge.bc.account.r edge.bc.account.w edge.bc.account.a edge.bc.policy.r edge.bc.policy.w edge.bc.policy.a edge.cc.policy.r edge.cc.policy.w edge.cc.policy.a edge.cc.claim.r edge.cc.claim.w edge.cc.claim.a gps.ap.mtv.r gps.ap.licv.r prts.cm.prtsgps.r astp.altr.asnp.r astp.altr.asnp.w vlet.dcc.vlet.w enr.tdw.prdc.r enr.tdw.prdc.w enr.dipor.enr.r&nonce=69b8583a-1378-4421-a83f-263b751e15a4&redirect_uri=https://myinsurance.td.com/waw/ins/pol/application/login&state=action:default;cxid:c7d49e50-1009-49bd-83a5-9cc210b07447
pragma: no-cache
server: Apache
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
x-tdec-version: 6.6
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK dest5.html
td.demdex.net/ Frame A310 7 KB
3 KB 314ms
76ms Document
text/html 54.148.151.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://td.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/178dbd5c3653/bed0bf145e08/launch-002840c58e1c.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.148.151.110 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-148-151-110.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-usw2-1-v033-036542175.edge-usw2.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: wso9ybj9Ri0=
content-encoding: gzip
date: Fri, 8 Jul 2022 15:58:05 GMT
last-modified: Thu, 30 Jun 2022 15:21:00 GMT
vary: accept-encoding

POST
H2 200 delivery
tdbankfinancialgroup.tt.omtrdc.net/rest/v1/ 363 B
724 B 185ms
126ms XHR
application/json 34.203.48.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tdbankfinancialgroup.tt.omtrdc.net/rest/v1/delivery?client=tdbankfinancialgroup&sessionId=c5663b0d6f124d59b75eb9d2cc0de3c8&version=2.5.0
Requested by: Host: myinsurance.td.com
URL: https://myinsurance.td.com/waw/ins/pol/application/polyfills-es2015.2e3dbe77e45df7855dc6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.203.48.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-203-48-147.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 08 Jul 2022 15:58:05 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://myinsurance.td.com
access-control-allow-credentials: true
timing-allow-origin: *
x-request-id: 34d963102ce5cea0f0dae640250e7595

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YshUDQAAAJ8ynANw
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=89087189296448334713960808692166604905
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YshUDQAAAJ8ynANw

42 B
942 B

80ms
80ms

Image
image/gif

35.155.39.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YshUDQAAAJ8ynANw

Protocol

HTTP/1.1

Server

35.155.39.212 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-155-39-212.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

DCS: dcs-prod-usw2-2-v033-01afcf049.edge-usw2.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: Km3fRxSrQl0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YshUDQAAAJ8ynANw
Date: Fri, 08 Jul 2022 15:58:05 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

ibs:dpid=21&dpuuid=213130604206311554708
dpm.demdex.net/ Frame A310
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9211132908&aam=89087189296448334713960808692166604905
https://dpm.demdex.net/ibs:dpid=21&dpuuid=213130604206311554708

42 B
942 B

80ms
80ms

Image
image/gif

35.155.39.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=21&dpuuid=213130604206311554708

Protocol

HTTP/1.1

Server

35.155.39.212 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-155-39-212.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v033-0e210207f.edge-usw2.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: J264sDdkQo0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Fri, 08 Jul 2022 15:58:05 GMT
via: 1.1 d873eb6ebbb9da58c373c3c3b1843e76.cloudfront.net (CloudFront)
server: AAWebServer
x-amz-cf-pop: EWR52-C2
location: https://dpm.demdex.net/ibs:dpid=21&dpuuid=213130604206311554708
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
x-amz-cf-id: cBlR5_Q_qyLBL4b35x9XkcXTrqd75M2DyMN3XLHRre5Xeo_BeR6Ykw==
expires: 0

GET
H/1.1

200
OK

ibs:dpid=269&dpuuid=aefc62c8-540d-4700-9a87-326127f3d2cf&ddsuuid=89087189296448334713960808692166604905
dpm.demdex.net/ Frame A310
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=10004&mt_exuid=89087189296448334713960808692166604905&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D269%26dpuuid%3D[MM_UUID]%26ddsuuid%3d89087189296448...
https://dpm.demdex.net/ibs:dpid=269&dpuuid=aefc62c8-540d-4700-9a87-326127f3d2cf&ddsuuid=89087189296448334713960808692166604905

42 B
943 B

95ms
94ms

Image
image/gif

35.155.39.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=269&dpuuid=aefc62c8-540d-4700-9a87-326127f3d2cf&ddsuuid=89087189296448334713960808692166604905

Protocol

HTTP/1.1

Server

35.155.39.212 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-155-39-212.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v033-050ea9eec.edge-usw2.demdex.com 18 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: HfO8UzLYQdw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date: Fri, 08 Jul 2022 15:58:05 GMT
Server: MT3 4475 c1dc35a master ord-pixel-x20 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dpm.demdex.net/ibs:dpid=269&dpuuid=aefc62c8-540d-4700-9a87-326127f3d2cf&ddsuuid=89087189296448334713960808692166604905
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 08 Jul 2022 15:58:04 GMT

GET
H/1.1

200
OK

ibs:dpid=358&dpuuid=6236205030853610296
dpm.demdex.net/ Frame A310
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID
https://dpm.demdex.net/ibs:dpid=358&dpuuid=6236205030853610296

42 B
943 B

87ms
86ms

Image
image/gif

35.155.39.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=358&dpuuid=6236205030853610296

Protocol

HTTP/1.1

Server

35.155.39.212 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-155-39-212.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

DCS: dcs-prod-usw2-2-v033-05da06a09.edge-usw2.demdex.com 10 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: MNrw9othQKA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma: no-cache
Date: Fri, 08 Jul 2022 15:58:05 GMT
X-Proxy-Origin: 149.56.153.181; 149.56.153.181; 555.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: 0bb0853b-08a7-46ef-8d82-76dcba7e1e61
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dpm.demdex.net/ibs:dpid=358&dpuuid=6236205030853610296
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame A310 0
718 B 108ms
25ms Image
text/plain 69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=6404&puid=89087189296448334713960808692166604905&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: d3682eda7e5cb79782b1d5475f50e8fc
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ibs:dpid=540&dpuuid=d0e37977-98a0-4345-8796-0be2b7901eae
dpm.demdex.net/ Frame A310
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D540%26dpuuid%3D%24%7BTA_DEVICE_ID%7D&partner_device_id=89087189296448334713960808692...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=ADB&partner_url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D540%26dpuuid%3D%24%7BTA_DEVICE_ID%7D&partner_device_id=89087189296448334713960...
https://dpm.demdex.net/ibs:dpid=540&dpuuid=d0e37977-98a0-4345-8796-0be2b7901eae

42 B
942 B

80ms
80ms

Image
image/gif

35.155.39.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=540&dpuuid=d0e37977-98a0-4345-8796-0be2b7901eae

Protocol

HTTP/1.1

Server

35.155.39.212 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-155-39-212.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

DCS: dcs-prod-usw2-2-v033-0c205a9ae.edge-usw2.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: JZ4GJiJ3Rus=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=540&dpuuid=d0e37977-98a0-4345-8796-0be2b7901eae
date: Fri, 08 Jul 2022 15:58:05 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H/1.1

200
OK

ibs:dpid=601&dpuuid=211854788138471&random=1657295886
dpm.demdex.net/ Frame A310
Redirect Chain

https://dp2.33across.com/ps/?pid=897&random=857285357
https://dpm.demdex.net/ibs:dpid=601&dpuuid=211854788138471&random=1657295886

42 B
942 B

80ms
80ms

Image
image/gif

35.155.39.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=601&dpuuid=211854788138471&random=1657295886

Protocol

HTTP/1.1

Server

35.155.39.212 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-155-39-212.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v033-03bb7164b.edge-usw2.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: tRG1L4cjSug=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Fri, 08 Jul 2022 15:58:05 GMT
referrer-policy: unsafe-url
server: 33XP001
x-33x-status: 200004000C
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://dpm.demdex.net/ibs:dpid=601&dpuuid=211854788138471&random=1657295886
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEIzhLA23tpk8ZeQUNLp0LXs&google_cver=1
dpm.demdex.net/ Frame A310
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=ODkwODcxODkyOTY0NDgzMzQ3MTM5NjA4MDg2OTIxNjY2MDQ5MDU=
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=ODkwODcxODkyOTY0NDgzMzQ3MTM5NjA4MDg2OTIxNjY2MDQ5MDU=&google_tc=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEIzhLA23tpk8ZeQUNLp0LXs&google_cver=1?gdpr=0&gdpr_consent=

42 B
942 B

79ms
79ms

Image
image/gif

35.155.39.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEIzhLA23tpk8ZeQUNLp0LXs&google_cver=1?gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

35.155.39.212 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-155-39-212.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v033-050ea9eec.edge-usw2.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 13AjwkoCTAU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Fri, 08 Jul 2022 15:58:06 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEIzhLA23tpk8ZeQUNLp0LXs&google_cver=1?gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
analytics.twitter.com/i/ Frame A310 43 B
354 B 127ms
43ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?p_user_id=89087189296448334713960808692166604905&p_id=38594

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-response-time: 7
date: Fri, 08 Jul 2022 15:58:05 GMT
server: tsa_b
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: e77087019bdd4450bfd6e57c581c48fcdd8dea2ea5fdd4c182126972d612d0d3
content-length: 43

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame A310
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.everesttech.net%2F1x1%3F
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WXNoVURRQUFBSjh5bkFOdw&url=/1/gr%3furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F&google_gid=CAESEMb5Mj0hQ0eGJ3psA1LWpaY&google_cver=1
https://pixel.everesttech.net/1x1

128 B
796 B

24ms
24ms

Image
image/png

54.236.94.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 54.236.94.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-236-94-205.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 08 Jul 2022 15:58:06 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b51c-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Fri, 08 Jul 2022 15:58:06 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame A310
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072980%26val%3D__EFGSURFER__.__EFGCK__
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WXNoVURRQUFBSjh5bkFOdw&url=/1/gr%3furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEM...
https://pixel.everesttech.net/1x1

128 B
691 B

23ms
23ms

Image
image/png

54.236.94.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 54.236.94.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-236-94-205.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 08 Jul 2022 15:58:06 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b51c-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Fri, 08 Jul 2022 15:58:06 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame A310
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fib.adnxs.com%2Fpxj%3Faction%3Dsetuid(%27__EFGSURFER__.__EFGCK__%27)%26bidder%3D51%26seg%3D2634060der%3D51%26seg%3D2634060
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WXNoVURRQUFBSjh5bkFOdw&url=/1/gr%3furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%25...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D26...
https://pixel.everesttech.net/1x1

128 B
691 B

23ms
23ms

Image
image/png

54.236.94.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 54.236.94.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-236-94-205.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 08 Jul 2022 15:58:06 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b51c-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Fri, 08 Jul 2022 15:58:06 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame A310
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fexpires%3D30%26nid%3D2181%26put%3D__EFGSURFER__.__EFGCK__%26v%3D11782
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WXNoVURRQUFBSjh5bkFOdw&url=/1/gr%3furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpir...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2...
https://pixel.everesttech.net/1x1

128 B
691 B

23ms
23ms

Image
image/png

54.236.94.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 54.236.94.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-236-94-205.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 08 Jul 2022 15:58:06 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b51c-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Fri, 08 Jul 2022 15:58:06 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame A310
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%3D%26piggybackCookie%3D__EFGSURFER__.__EFGCK__
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WXNoVURRQUFBSjh5bkFOdw&url=/1/gr%3furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fv...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggyb...
https://pixel.everesttech.net/1x1

128 B
691 B

23ms
23ms

Image
image/png

54.236.94.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 54.236.94.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-236-94-205.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 08 Jul 2022 15:58:06 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b51c-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Fri, 08 Jul 2022 15:58:06 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

ibs:dpid=1175&gdpr=0&dpuuid=bL2wAW-741x37OIPOLr-CW62tQB3v-BdPLcOE48Y
dpm.demdex.net/ Frame A310
Redirect Chain

https://pixel.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=bL2wAW-741x37OIPOLr-CW62tQB3v-BdPLcOE48Y

42 B
942 B

79ms
79ms

Image
image/gif

35.155.39.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=bL2wAW-741x37OIPOLr-CW62tQB3v-BdPLcOE48Y

Protocol

HTTP/1.1

Server

35.155.39.212 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-155-39-212.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v033-050ea9eec.edge-usw2.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: EpRi09fIQh0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Fri, 08 Jul 2022 15:58:06 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=bL2wAW-741x37OIPOLr-CW62tQB3v-BdPLcOE48Y
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=1957&dpuuid=1498AB7B7FAD65E30269BAA07E076406
dpm.demdex.net/ Frame A310
Redirect Chain

https://c.bing.com/c.gif?uid=89087189296448334713960808692166604905&Red3=MSAdobe_pd&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=1498AB7B7FAD65E30269BAA07E076406

42 B
942 B

83ms
82ms

Image
image/gif

35.155.39.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=1957&dpuuid=1498AB7B7FAD65E30269BAA07E076406

Protocol

HTTP/1.1

Server

35.155.39.212 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-155-39-212.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v033-04756ef44.edge-usw2.demdex.com 6 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: FIVLX8OxRjw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Fri, 08 Jul 2022 15:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 68C1ACDD594B4CA1A0B397818FD10C74 Ref B: YTO01EDGE0708 Ref C: 2022-07-08T15:58:06Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://dpm.demdex.net/ibs:dpid=1957&dpuuid=1498AB7B7FAD65E30269BAA07E076406
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/ Frame A310
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D71%26external_user_id%3D__EFGSURFER__.__EFGCK__
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WXNoVURRQUFBSjh5bkFOdw&url=/1/gr%3furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__&google_...
https://pixel.everesttech.net/1x1

128 B
691 B

23ms
23ms

Image
image/png

54.236.94.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Protocol: HTTP/1.1
Server: 54.236.94.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-236-94-205.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 08 Jul 2022 15:58:07 GMT
Last-Modified: Mon, 19 Jul 2021 07:56:25 GMT
Server: Apache
ETag: "b3b51c-80-5c775461d9c40"
P3P: CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 128

Redirect headers

Location: https://pixel.everesttech.net/1x1
Date: Fri, 08 Jul 2022 15:58:07 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

ibs:dpid=22054
dpm.demdex.net/ Frame A310
Redirect Chain

https://a.tribalfusion.com/i.match?p=b13&u=89087189296448334713960808692166604905&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$
https://s.tribalfusion.com/z/i.match?p=b13&u=89087189296448334713960808692166604905&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$
https://dpm.demdex.net/ibs:dpid=22054

42 B
956 B

132ms
77ms

Image
image/gif

35.155.39.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=22054

Protocol

HTTP/1.1

Server

35.155.39.212 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-155-39-212.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v033-01e6a5702.edge-usw2.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-Error: 300
X-TID: RiDUUVyJQPk=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Fri, 08 Jul 2022 15:58:07 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 256
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 727a04febbc54bd7-YUL
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://dpm.demdex.net/ibs:dpid=22054
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST rb_cf7d3730-9eed-4047-88c3-d0cd1e0cd529
myinsurance.td.com/waw/ins/pol/ 0
0

GET
H/1.1

200
OK

ibs:dpid=22052&dpuuid=3628476817667522585
dpm.demdex.net/ Frame A310
Redirect Chain

https://ml314.com/utsync.ashx?eid=50112&et=0&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D22052%26dpuuid%3D[PersonID]
https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3628476817667522585

42 B
942 B

79ms
79ms

Image
image/gif

35.155.39.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3628476817667522585

Protocol

HTTP/1.1

Server

35.155.39.212 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-155-39-212.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

DCS: dcs-prod-usw2-2-v033-057cdce54.edge-usw2.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: z2Hm2F7iQHg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Fri, 08 Jul 2022 15:58:06 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
location: https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3628476817667522585
cache-control: private
content-type: text/html; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 185
expires: 0,Sat, 09 Jul 2022 11:58:07 GMT

GET
H/1.1

200
OK

ibs:dpid=30646
dpm.demdex.net/ Frame A310
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=89087189296448334713960808692166604905&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-AzOuw35E2pGOB_1eDtNZHLDNvuV5onP.PCQ-~A

42 B
942 B

147ms
78ms

Image
image/gif

35.155.39.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-AzOuw35E2pGOB_1eDtNZHLDNvuV5onP.PCQ-~A

Protocol

HTTP/1.1

Server

35.155.39.212 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-155-39-212.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v033-08ce28113.edge-usw2.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: GTTSv743TD0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Fri, 08 Jul 2022 15:58:07 GMT
via: http/1.1 spdc0104.pbp.bf1.yahoo.com (ApacheTrafficServer)
server: ATS
age: 0
strict-transport-security: max-age=31536000
content-type: text/html;charset=utf-8
location: https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-AzOuw35E2pGOB_1eDtNZHLDNvuV5onP.PCQ-~A
content-length: 0

GET
H/1.1

200
OK

ibs:dpid=575&dpuuid=7880764155688797428
dpm.demdex.net/ Frame A310
Redirect Chain

https://fei.pro-market.net/engine?site=141472;size=1x1;mimetype=img;du=67;csync=89087189296448334713960808692166604905
https://dpm.demdex.net/ibs:dpid=575&dpuuid=7880764155688797428

42 B
942 B

88ms
86ms

Image
image/gif

35.155.39.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=575&dpuuid=7880764155688797428

Protocol

HTTP/1.1

Server

35.155.39.212 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-155-39-212.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

DCS: dcs-prod-usw2-2-v033-0ba5120b0.edge-usw2.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 9zEPtLF9SL8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Fri, 08 Jul 2022 15:58:06 GMT
via: 1.1 google
server: Apache-Coyote/1.1
access-control-allow-origin: *
anserver: gapp6.us1
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location: https://dpm.demdex.net/ibs:dpid=575&dpuuid=7880764155688797428
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: clear
content-length: 0
expires: Mon, 1 Jan 1990 0:0:0 GMT

GET
H/1.1

200
OK

ibs:dpid=53196&dpuuid=Q7105822871480726692
dpm.demdex.net/ Frame A310
Redirect Chain

https://px.owneriq.net/eucm/p/adpq?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D53196%26dpuuid%3D(OIQ_UUID)
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdpm.demdex.net%2fibs%3adpid%3d53196%26dpuuid%3dQ7105822871480726692&uid=Q7105822871480726692&ref=%2Feucm%2Fp%2Fadpq
https://dpm.demdex.net/ibs:dpid=53196&dpuuid=Q7105822871480726692

42 B
942 B

86ms
86ms

Image
image/gif

35.155.39.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=53196&dpuuid=Q7105822871480726692

Protocol

HTTP/1.1

Server

35.155.39.212 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-155-39-212.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v033-0f2ba4a69.edge-usw2.demdex.com 4 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 0I0SzlpeTuI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date: Fri, 08 Jul 2022 15:58:07 GMT
Server: Apache/2.4.6 (CentOS)
X-Powered-By: PHP/7.3.33
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://dpm.demdex.net/ibs:dpid=53196&dpuuid=Q7105822871480726692
Cache-Control: max-age=31089
Connection: keep-alive
Content-Type: text/html
Content-Length: 154

GET
H/1.1

200
OK

ibs:dpid=59982&dpuuid=
dpm.demdex.net/ Frame A310
Redirect Chain

https://exchange.adstanding.com/partners/aam/sync.php
https://dpm.demdex.net/ibs:dpid=59982&dpuuid=

42 B
960 B

78ms
77ms

Image
image/gif

35.155.39.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=59982&dpuuid=

Protocol

HTTP/1.1

Server

35.155.39.212 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-155-39-212.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v033-0797fbb5a.edge-usw2.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-Error: 104,300
X-TID: 7hm2o9b5T00=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Fri, 08 Jul 2022 15:58:07 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
location: https://dpm.demdex.net/ibs:dpid=59982&dpuuid=
cache-control: no-store
expires: 0

GET
H2

204

v1
ads.yahoo.com/cms/ Frame A310
Redirect Chain

https://cm.everesttech.net/cm/yh
https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=YshUDQAAAJ8ynANw&sigv=1&esig=1~88128b3a989ff84ab2ece9e3f3d7a012214850d8

0
194 B

99ms
30ms

Image
text/plain

2001:4998:14:800::1001
YAHOO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=YshUDQAAAJ8ynANw&sigv=1&esig=1~88128b3a989ff84ab2ece9e3f3d7a012214850d8

Protocol

Server

2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 15:58:07 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=YshUDQAAAJ8ynANw&sigv=1&esig=1~88128b3a989ff84ab2ece9e3f3d7a012214850d8
Date: Fri, 08 Jul 2022 15:58:07 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame A310
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433
https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433&dcc=t
https://dpm.demdex.net/ibs:dpid=139200&dpuuid=mN2KoCGmTzi-Ur_SYN84zQ&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=89087189296448334713960808692166604905

43 B
556 B

31ms
30ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=89087189296448334713960808692166604905

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://td.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Jul 2022 15:58:07 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: N9VFYQ2D9VDETQV5Z0NE
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS: dcs-prod-usw2-1-v033-01133246a.edge-usw2.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: Og4xb6SsTgc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=89087189296448334713960808692166604905
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: myinsurance.td.com
URL: https://myinsurance.td.com/waw/ins/pol/rb_cf7d3730-9eed-4047-88c3-d0cd1e0cd529?type=js&session=24%244AE9E34D0E49B50C31D80D0DE9D321AE%7C9c254c041e249a45%7C1&svrid=24&flavor=post&visitID=SSEHVJMUPMFSBJPVVHRHPRDFASCKPACT-0&modifiedSince=1654009501764&referer=https%3A%2F%2Fmyinsurance.td.com%2Fwaw%2Fins%2Fpol%2Fapplication%2Flogin&app=9c254c041e249a45&crc=1726971543&end=1

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

45 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
myinsurance.td.com/waw/ins/pol	1969-12-31 23:59:59	Name: JSESSIONID Value: JFzfnEJqP7OGDc7Ae4kNVDbUDDz8KQBMsLMiwYUy.dipse-bsoc1-qo09bg_0000
myinsurance.td.com/waw/ins	1970-01-20 04:21:39	Name: TD-persist Value: SOCA
.td.com/	1969-12-31 23:59:59	Name: dtCookie Value: 24$4AE9E34D0E49B50C31D80D0DE9D321AE\|9c254c041e249a45\|1
myinsurance.td.com/	1969-12-31 23:59:59	Name: BIGipServerSOCA-DIPSE-myinsurance.td.com-ins-App-https_pool Value: 2933554698.64288.0000
myinsurance.td.com/	1969-12-31 23:59:59	Name: BIGipServerSOCA-DIPSE-myinsurance.td.com-ins-https_pool Value: 3759635978.47873.0000
.td.com/	1969-12-31 23:59:59	Name: rxVisitor Value: 165729588452552OBEJ1PB9NA3TEKSOJNNBPQ6KFV1GC6
.td.com/	1969-12-31 23:59:59	Name: dtLatC Value: 4312
.td.com/	1969-12-31 23:59:59	Name: at_check Value: true
.td.com/	1969-12-31 23:59:59	Name: rxvt Value: 1657297684881\|1657295884527
.td.com/	1970-01-20 06:31:11	Name: _gcl_au Value: 1.1.1036656929.1657295885
.td.com/	1969-12-31 23:59:59	Name: dtPC Value: 24$95884523_882h2vSSEHVJMUPMFSBJPVVHRHPRDFASCKPACT-0
.td.com/	1969-12-31 23:59:59	Name: dtSa Value: false%7Cxhr%7C2%7Cg12.1.5%7Cg12.1.5%7C1657295884720%7C95884523_882%7Chttps%3A%2F%2Fmyinsurance.td.com%2Fwaw%2Fins%2Fpol%2Fapplication%2Flogin%7CMy%20Insurance%20%2F%20Mon%20Assurance%7C1657295884523%7C%7C
.demdex.net/	1970-01-20 08:40:47	Name: demdex Value: 89087189296448334713960808692166604905
.td.com/	1969-12-31 23:59:59	Name: AMCVS_A783776A5245B1E50A490D44%40AdobeOrg Value: 1
.everesttech.net/	1970-01-20 13:07:11	Name: everest_g_v2 Value: g_surferid~YshUDQAAAJ8ynANw
.dpm.demdex.net/	1970-01-20 08:40:47	Name: dpm Value: 89087189296448334713960808692166604905
.td.com/	1970-01-20 21:54:14	Name: AMCV_A783776A5245B1E50A490D44%40AdobeOrg Value: -1124106680%7CMCIDTS%7C19182%7CMCMID%7C89174228205352295813932965052485676635%7CMCAAMLH-1657900685%7C9%7CMCAAMB-1657900685%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1657303085s%7CNONE%7CMCSYNCSOP%7C411-19189%7CvVersion%7C5.2.0
.td.com/	1970-01-20 21:55:40	Name: mbox Value: session#c5663b0d6f124d59b75eb9d2cc0de3c8#1657297745\|PC#c5663b0d6f124d59b75eb9d2cc0de3c8.34_0#1720540686
.td.com/	1970-01-20 05:04:47	Name: s_nr30 Value: 1657295885280-New
.agkn.com/	1970-01-20 13:07:11	Name: ab Value: 0001%3AIX4RCGoL8dSKtTkgLkjcXS1jt3jVItBn
.mathtag.com/	1970-01-20 13:47:31	Name: uuid Value: aefc62c8-540d-4700-9a87-326127f3d2cf
.adnxs.com/	1970-01-20 06:31:11	Name: uuid2 Value: 6236205030853610296
.rubiconproject.com/	1970-01-20 13:07:11	Name: khaos Value: L5CN6HO7-1V-9MY2
.rubiconproject.com/	1970-01-20 13:07:11	Name: audit Value: 1\|D0qY7nnPyMTKbVPEkdJmNyVMGSrLaN1ZNCht7XZzL1geECEUBMheipRxWkssHytv24T1Zb9xqxZBK03vAHceEOzJ7rckCi5uiPZZGmc3lbvrR46zSXTJw3X9LX2B+aibuZ8pG6N1OLFNbdFedpkmv7lPjJ0g5v0D5cmAxi7+9V1o8946LEpae9kIb4G5wtpyAWUOhSrDlPzc6UO785F0Pw==
.tapad.com/	1970-01-20 05:47:59	Name: TapAd_TS Value: 1657295885864
.tapad.com/	1970-01-20 05:47:59	Name: TapAd_DID Value: d0e37977-98a0-4345-8796-0be2b7901eae
.tapad.com/	1970-01-20 05:47:59	Name: TapAd_3WAY_SYNCS Value:
.33across.com/	1970-01-20 13:07:11	Name: 33x_ps Value: u%3D211854788138471%3As1%3D1657295886007%3Ats%3D1657295886007
.doubleclick.net/	1970-01-20 21:52:47	Name: IDE Value: AHWqTUn8tYru4SsxNYM-MeXEj5wONCsbqzRi5Wdc0_rwWBlDDw8jNyYkE-juaQohE0Y
.twitter.com/	1970-01-20 21:52:47	Name: personalization_id Value: "v1_/nKX5LqYjoD+iSWqp5JHoQ=="
.everesttech.net/	1970-01-20 05:06:14	Name: ev_sync_ax Value: 20220708
.everesttech.net/	1969-12-31 23:59:59	Name: everest_session_v2 Value: YshUDgAAAabV@hNW
.quantserve.com/	1970-01-20 06:31:11	Name: d Value: EIQBDAHIJrmvYA
.quantserve.com/	1970-01-20 13:51:50	Name: mc Value: 62c8540e-c16b5-049f9-03df8
.bing.com/	1970-01-20 13:43:11	Name: MUID Value: 1498AB7B7FAD65E30269BAA07E076406
.c.bing.com/	1970-01-20 04:31:40	Name: MR Value: 0
.ml314.com/	1970-01-20 13:07:11	Name: pi Value: 3628476817667522585
.tribalfusion.com/	1970-01-20 06:31:11	Name: ANON_ID Value: apnr6iRkP6j6eCno77TiZd0vBfZb2NsLgRGYMTHfDo9r1OGeSUF2Idh1RnQEMlyiSZbMdQHtIQ3
.yahoo.com/	1970-01-20 13:07:33	Name: A3 Value: d=AQABBA9UyGICEPTNKFOtG6Uhi3UIAN0GwioFEgEBAQGlyWLSYgAAAAAA_eMAAA&S=AQAAApn9L9UH_rfEPNgR-CSsI9Q
.owneriq.net/	1970-01-20 21:52:47	Name: si Value: Q7105822871480726692
.owneriq.net/	1970-01-20 04:35:59	Name: p2 Value: adpq
.everesttech.net/	1970-01-20 05:06:14	Name: ev_sync_yh Value: 20220708
.demdex.net/	1970-01-20 08:40:47	Name: dextp Value: 21-1-1657295885414\|269-1-1657295885515\|358-1-1657295885616\|481-1-1657295885717\|540-1-1657295885819\|601-1-1657295885920\|771-1-1657295886021\|1123-1-1657295886122\|1083-1-1657295886223\|1085-1-1657295886324\|1086-1-1657295886425\|1087-1-1657295886526\|1088-1-1657295886627\|1175-1-1657295886728\|1957-1-1657295886828\|19913-1-1657295886929\|22054-1-1657295887030\|22052-1-1657295887131\|30646-1-1657295887232\|575-1-1657295887333\|53196-1-1657295887434\|59982-1-1657295887535\|83349-1-1657295887636\|139200-1-1657295887737
.amazon-adsystem.com/	1970-01-20 10:46:04	Name: ad-id Value: A-khq4N6p0XLgf42B6eNhXo
.amazon-adsystem.com/	1970-01-22 02:13:26	Name: ad-privacy Value: 0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
aa.agkn.com
ads.yahoo.com
analytics.twitter.com
assets.adobedtm.com
authentication.td.com
authorization.td.com
c.bing.com
click.member-services.ca
cm.everesttech.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
dp2.33across.com
dpm.demdex.net
exchange.adstanding.com
fei.pro-market.net
ib.adnxs.com
ml314.com
myinsurance.td.com
pixel.everesttech.net
pixel.quantserve.com
pixel.tapad.com
px.owneriq.net
s.amazon-adsystem.com
s.tribalfusion.com
sync.mathtag.com
td.demdex.net
tdbankfinancialgroup.tt.omtrdc.net
token.rubiconproject.com
www.googletagmanager.com
myinsurance.td.com
104.244.42.67
107.178.246.49
13.111.216.93
142.250.80.34
143.204.146.35
152.199.0.240
152.199.0.64
2001:4998:14:800::1001
216.200.232.249
23.3.125.39
2600:1400:d:586::1e80
2600:1901:0:8eee::
2606:4700:4400::ac40:98f5
2607:f8b0:4006:80b::2008
2620:116:800b:21:a021:b886:81cc:55cf
2620:1ec:c11::200
34.111.234.236
34.203.48.147
34.238.212.152
35.155.39.212
44.205.34.96
52.46.151.131
54.148.151.110
54.236.94.205
67.202.105.24
68.67.181.202
69.173.151.100
76.13.32.147
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2
284fa9a6361af6ebf86d85d65f97a470d2c43c2f010262049b65c30e55dc020e
33406181cd2bc62744275a16f815b034849508cf8627195bdf1994015e9812b6
3b33dbbef875ebc92a62f032a8b8f21344a8b17cf32869cebdd4826b6add1d28
5740482fb1002483170f23f02bd97f54cc68b7dd027df404598be4fa8b33d721
59a52868413a438a308c789de626d110647181d3fcfa79d6ba79c82c35b737a8
5ab0dbc9dff50c238aad9740ccfa32ff4948a7843d102bd14fd497c03eff0283
65001ac9461491d663d0e782e90ddba4a664071d9c1f1bd72a2b15d10818dcce
8adf7be5e4b8e09896eb13e9eaa409a3bcf7d35a096c858127816cd520d8b13f
99e3abc25ea1eedfea9662dfd0c367de2c6a61e664ddcbddb11e11f5e79ec747
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32
e5f0058d3d737d25b691728bce12a7d0b77183781c936ca8152e28cacf9e6e3f
e96e5de427644bd443c7bcb22798cdafa99f48f26dd3274f31ef1335e6bb1948
ea86dceaa5da23f816ed10467d9a0082af71c2f47b5b788ef32375723392a63f
ffa43d042a100593f7d0a8703d71b0425122cb51707391226d3a4b7aad60d452

authorization.td.com Open in urlscan Pro 152.199.0.64 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

47 Requests

49 %HTTPS

25 %IPv6

24 Domains

30 Subdomains

13 IPs

1 Countries

886 kBTransfer

2622 kBSize

45 Cookies

0 Outgoing links

Page URL History

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

authorization.td.com Open in urlscan Pro
152.199.0.64 Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

49 %
HTTPS

25 %
IPv6

24
Domains

30
Subdomains

13
IPs

1
Countries

886 kB
Transfer

2622 kB
Size

45
Cookies

47 HTTP transactions
0 data transactions