card-selector.td.com Open in urlscan Pro
152.199.16.226  Public Scan

9 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

• https://cm.everesttech.net/cm/dd?d_uuid=70278067664376496140301619823413399953 HTTP 302
• https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y5mJ2AAAAFAnCQNn

Request Chain 31

• https://aa.agkn.com/adscores/g.pixel?sid=9211132908&aam=70278067664376496140301619823413399953 HTTP 302
• https://dpm.demdex.net/ibs:dpid=21&dpuuid=216593104365000838527

Request Chain 36

• https://sync.mathtag.com/sync/img?mt_exid=10004&mt_exuid=70278067664376496140301619823413399953&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D269%26dpuuid%3D[MM_UUID]%26ddsuuid%3d70278067664376496140301619823413399953 HTTP 302
• https://dpm.demdex.net/ibs:dpid=269&dpuuid=78b26399-89d8-4e00-a479-139bdaad0741&ddsuuid=70278067664376496140301619823413399953

Request Chain 37

• https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
• https://dpm.demdex.net/ibs:dpid=358&dpuuid=1091843182379819389

Request Chain 39

• https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D540%26dpuuid%3D%24%7BTA_DEVICE_ID%7D&partner_device_id=70278067664376496140301619823413399953 HTTP 302
• https://pixel.tapad.com/idsync/ex/receive/check?partner_id=ADB&partner_url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D540%26dpuuid%3D%24%7BTA_DEVICE_ID%7D&partner_device_id=70278067664376496140301619823413399953 HTTP 302
• https://dpm.demdex.net/ibs:dpid=540&dpuuid=1dbdce38-b1aa-43b6-ae40-e070294427d5

Request Chain 41

• https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NzAyNzgwNjc2NjQzNzY0OTYxNDAzMDE2MTk4MjM0MTMzOTk5NTM= HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NzAyNzgwNjc2NjQzNzY0OTYxNDAzMDE2MTk4MjM0MTMzOTk5NTM=&google_tc= HTTP 302
• https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEAdI6ZEF1lABiYEolc3C_YA&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 44

• https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.everesttech.net%2F1x1%3F HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WTVtSjJBQUFBRkFuQ1FObg&url=/1/gr%3furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F HTTP 302
• https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F&google_gid=CAESEHbvouMnTcrmJNlp2Awu7gU&google_cver=1 HTTP 302
• https://pixel.everesttech.net/1x1

Request Chain 45

• https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072980%26val%3D__EFGSURFER__.__EFGCK__ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WTVtSjJBQUFBRkFuQ1FObg&url=/1/gr%3furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__ HTTP 302
• https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEHbvouMnTcrmJNlp2Awu7gU&google_cver=1 HTTP 302
• https://pixel.everesttech.net/1x1

Request Chain 49

• https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fib.adnxs.com%2Fpxj%3Faction%3Dsetuid(%27__EFGSURFER__.__EFGCK__%27)%26bidder%3D51%26seg%3D2634060der%3D51%26seg%3D2634060 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WTVtSjJBQUFBRkFuQ1FObg&url=/1/gr%3furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D2634060der%253D51%2526seg%253D2634060 HTTP 302
• https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D2634060der%253D51%2526seg%253D2634060&google_gid=CAESEHbvouMnTcrmJNlp2Awu7gU&google_cver=1 HTTP 302
• https://pixel.everesttech.net/1x1

Request Chain 53

• https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fexpires%3D30%26nid%3D2181%26put%3D__EFGSURFER__.__EFGCK__%26v%3D11782 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WTVtSjJBQUFBRkFuQ1FObg&url=/1/gr%3furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2526v%253D11782 HTTP 302
• https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2526v%253D11782&google_gid=CAESEHbvouMnTcrmJNlp2Awu7gU&google_cver=1 HTTP 302
• https://pixel.everesttech.net/1x1

Request Chain 55

• https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%3D%26piggybackCookie%3D__EFGSURFER__.__EFGCK__ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WTVtSjJBQUFBRkFuQ1FObg&url=/1/gr%3furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggybackCookie%253D__EFGSURFER__.__EFGCK__ HTTP 302
• https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggybackCookie%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEHbvouMnTcrmJNlp2Awu7gU&google_cver=1 HTTP 302
• https://pixel.everesttech.net/1x1

Request Chain 60

• https://5322602.fls.doubleclick.net/activityi;src=5322602;type=publi0;cat=tdctpub;ord=1;num=1767301165933;gtm=2odbu0;auiddc=343410983.1671006681;u1=70540151229416639960309831124219332515;u7=;~oref=https%3A%2F%2Fcard-selector.td.com%2Fen%2Frestofcanada HTTP 302
• https://5322602.fls.doubleclick.net/activityi;dc_pre=COHtr_3Y-PsCFQfPGQodJSQBXQ;src=5322602;type=publi0;cat=tdctpub;ord=1;num=1767301165933;gtm=2odbu0;auiddc=343410983.1671006681;u1=70540151229416639960309831124219332515;u7=;~oref=https%3A%2F%2Fcard-selector.td.com%2Fen%2Frestofcanada

Request Chain 61

• https://cms.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
• https://dpm.demdex.net/ibs:dpid=1175&&dpuuid=HB-5txIV5LcHFLe3ExituhMVsrsHGOHtTE8qZlhl

Request Chain 62

• https://c.bing.com/c.gif?uid=70278067664376496140301619823413399953&Red3=MSAdobe_pd&gdpr=0&gdpr_consent= HTTP 302
• https://dpm.demdex.net/ibs:dpid=1957&dpuuid=3E47917D3A0B6E1D25E883073BA76F7A

Request Chain 64

• https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D71%26external_user_id%3D__EFGSURFER__.__EFGCK__ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WTVtSjJBQUFBRkFuQ1FObg&url=/1/gr%3furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__ HTTP 302
• https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEHbvouMnTcrmJNlp2Awu7gU&google_cver=1 HTTP 302
• https://pixel.everesttech.net/1x1

Request Chain 72

• https://a.tribalfusion.com/i.match?p=b13&u=70278067664376496140301619823413399953&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$ HTTP 302
• https://s.tribalfusion.com/z/i.match?p=b13&u=70278067664376496140301619823413399953&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$ HTTP 302
• https://dpm.demdex.net/ibs:dpid=22054

Request Chain 76

• https://ml314.com/utsync.ashx?eid=50112&et=0&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D22052%26dpuuid%3D[PersonID] HTTP 302
• https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3632157280899170464

Request Chain 79

• https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=70278067664376496140301619823413399953&gdpr=0&gdpr_consent= HTTP 302
• https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-TWbp8CNE2pGsdHIzpqNfxbXsQOsRz9mpHOk-~A

Request Chain 81

• https://fei.pro-market.net/engine?site=141472;size=1x1;mimetype=img;du=67;csync=70278067664376496140301619823413399953 HTTP 302
• https://dpm.demdex.net/ibs:dpid=575&dpuuid=8258321633469287016

Request Chain 86

• https://px.owneriq.net/eucm/p/adpq?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D53196%26dpuuid%3D(OIQ_UUID) HTTP 302
• https://px.owneriq.net/ecc?redir=https%3a%2f%2fdpm.demdex.net%2fibs%3adpid%3d53196%26dpuuid%3dQ7242930821723160165&uid=Q7242930821723160165&ref=%2Feucm%2Fp%2Fadpq HTTP 302
• https://px.owneriq.net/noop?ct=image%2Fgif

Request Chain 87

• https://exchange.adstanding.com/partners/aam/sync.php HTTP 302
• https://dpm.demdex.net/ibs:dpid=59982&dpuuid=

Request Chain 88

• https://cm.everesttech.net/cm/yh HTTP 302
• https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=Y5mJ2AAAAFAnCQNn&sigv=1&esig=1~7654e8733e140865985efcc49a9b1da67636dc5f

Request Chain 89

• https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433 HTTP 302
• https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433&dcc=t HTTP 302
• https://dpm.demdex.net/ibs:dpid=139200&dpuuid=i2FbYOX0QT-5oxmGHY8g8A&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
• https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=70278067664376496140301619823413399953

89 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request restofcanada Show response card-selector.td.com/en/	5 KB 5 KB	677ms 202ms	Document text/html	152.199.16.226 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://card-selector.td.com/en/restofcanada Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.16.226 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software Apache / Resource Hash b0e57bc66389475d6dc5aa46ad7a832b599444c0667099d9480f07afbd76b067 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; max-age=63072000; includeSubdomains; X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control public, max-age=0 content-length 4830 content-type text/html;charset=UTF-8 date Wed, 14 Dec 2022 08:31:18 GMT last-modified Wed, 14 Dec 2022 08:31:18 GMT server Apache strict-transport-security max-age=63072000; includeSubdomains; max-age=63072000; includeSubdomains; x-frame-options SAMEORIGIN
GET H2	200	Bootstrap.js Show response nexus.ensighten.com/tdb/global-privacy-prod/	306 KB 66 KB	152ms 48ms	Script application/javascript	18.66.2.46 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://nexus.ensighten.com/tdb/global-privacy-prod/Bootstrap.js Requested by Host: card-selector.td.com URL: https://card-selector.td.com/en/restofcanada Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.2.46 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-2-46.txl50.r.cloudfront.net Software AmazonS3 / Resource Hash c66288ed81cac4fa656bdc0f0fa997ab9a19d901660d293b10de4afe98dbcf1e Request headers accept-language de-DE,de;q=0.9 Referer https://card-selector.td.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers date Wed, 30 Nov 2022 09:22:28 GMT x-amz-version-id BTmuahraBiBXbd6HK6Fmcn0uuNwmcnbI content-encoding br via 1.1 eeeb5087a36839b2299b9c53f96feb8e.cloudfront.net (CloudFront) x-amz-cf-pop TXL50-P1 age 1206532 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Fri, 28 Oct 2022 16:43:04 GMT server AmazonS3 etag W/"1372613bffcc1a5d8ba808910efb4ade" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=300 x-amz-cf-id o_CeMqzozBSdZ3DR4s-Z_uGphy4Hks1SeUM61rnDG8cH3lBnfBKScQ==
GET H2	200	launch-ef6ca0bda610.min.js Show response assets.adobedtm.com/178dbd5c3653/d12ba3746548/	374 KB 115 KB	178ms 39ms	Script application/x-javascript	2a02:26f0:3500:587::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/178dbd5c3653/d12ba3746548/launch-ef6ca0bda610.min.js Requested by Host: card-selector.td.com URL: https://card-selector.td.com/en/restofcanada Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash b21416a1ce2d30bf447e8ab814f360b64b354cacd48bb272a74b6377a35feade Request headers accept-language de-DE,de;q=0.9 Referer https://card-selector.td.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers date Wed, 14 Dec 2022 08:31:19 GMT content-encoding gzip last-modified Mon, 30 May 2022 13:11:40 GMT server AkamaiNetStorage etag "89b0a27e6f7c67d05b157c009cd5f077:1653916300.57867" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://card-selector.td.com cache-control max-age=3600 accept-ranges bytes timing-allow-origin * content-length 117644 expires Wed, 14 Dec 2022 09:31:19 GMT
GET H2	200	html5shim.js Show response card-selector.td.com/assets/js/	1 KB 1 KB	266ms 264ms	Script application/javascript	152.199.16.226 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://card-selector.td.com/assets/js/html5shim.js?42 Requested by Host: card-selector.td.com URL: https://card-selector.td.com/en/restofcanada Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.16.226 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software Apache / Resource Hash 88cb366a2406b95b51ad287670cbe4fbdc9839d32297b93a696c288544474f4a Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://card-selector.td.com/en/restofcanada User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers date Wed, 14 Dec 2022 08:31:18 GMT strict-transport-security max-age=63072000; includeSubdomains; last-modified Wed, 28 Sep 2022 20:40:06 GMT server Apache x-frame-options SAMEORIGIN content-type application/javascript;charset=UTF-8 cache-control max-age=86400, private, must-revalidate, proxy-revalidate, max-age=86400 content-length 1131 expires Thu, 15 Dec 2022 08:31:18 GMT
GET H2	200	ccs.css card-selector.td.com/assets/css/	328 KB 48 KB	230ms 229ms	Stylesheet text/css	152.199.16.226 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://card-selector.td.com/assets/css/ccs.css?v1104 Requested by Host: card-selector.td.com URL: https://card-selector.td.com/en/restofcanada Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.16.226 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software Apache / Resource Hash d8055c37be51433aef5a81980a27bed232decc69cda900bd096d7cf294878d7c Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://card-selector.td.com/en/restofcanada User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers date Wed, 14 Dec 2022 08:31:18 GMT content-encoding gzip strict-transport-security max-age=63072000; includeSubdomains; last-modified Fri, 28 Oct 2022 17:51:36 GMT server Apache vary Accept-Encoding x-frame-options SAMEORIGIN content-type text/css;charset=UTF-8 cache-control max-age=86400, private, must-revalidate, proxy-revalidate accept-ranges bytes content-length 49156 expires Fri, 09 Dec 2022 05:38:02 GMT
GET H2	200	emerald10.css card-selector.td.com/assets/css/	254 KB 32 KB	192ms 191ms	Stylesheet text/css	152.199.16.226 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://card-selector.td.com/assets/css/emerald10.css?v1104 Requested by Host: card-selector.td.com URL: https://card-selector.td.com/en/restofcanada Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.16.226 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software Apache / Resource Hash 6bfeb9f09e25e1202f4b4bfa058fbf5f70717c5e2f537f9d592d70459ab8ca26 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://card-selector.td.com/en/restofcanada User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers date Wed, 14 Dec 2022 08:31:18 GMT content-encoding gzip strict-transport-security max-age=63072000; includeSubdomains; last-modified Mon, 19 Oct 2020 20:01:35 GMT server Apache vary Accept-Encoding x-frame-options SAMEORIGIN content-type text/css;charset=UTF-8 cache-control max-age=86400, private, must-revalidate, proxy-revalidate accept-ranges bytes content-length 32591 expires Mon, 04 Jul 2022 16:46:45 GMT
GET H2	200	locator.css card-selector.td.com/assets/css/	13 KB 2 KB	229ms 228ms	Stylesheet text/css	152.199.16.226 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://card-selector.td.com/assets/css/locator.css?v1104 Requested by Host: card-selector.td.com URL: https://card-selector.td.com/en/restofcanada Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.16.226 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software Apache / Resource Hash 6990f908449d0a967c698f00d9817451dfb0052cb01f39856359d822cc66e6e9 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://card-selector.td.com/en/restofcanada User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers date Wed, 14 Dec 2022 08:31:18 GMT content-encoding gzip strict-transport-security max-age=63072000; includeSubdomains; last-modified Tue, 05 May 2020 12:08:18 GMT server Apache vary Accept-Encoding x-frame-options SAMEORIGIN content-type text/css;charset=UTF-8 cache-control max-age=86400, private, must-revalidate, proxy-revalidate accept-ranges bytes content-length 2234 expires Thu, 07 Jul 2022 01:47:43 GMT
GET H2	200	emerald.js Show response card-selector.td.com/assets/js/	416 KB 416 KB	228ms 228ms	Script application/javascript	152.199.16.226 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://card-selector.td.com/assets/js/emerald.js?v1104 Requested by Host: card-selector.td.com URL: https://card-selector.td.com/en/restofcanada Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.16.226 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software Apache / Resource Hash 9fa4809011b07fccccfa96f6b8ca906e57355a85d186104606ef1d8eaa996cae Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://card-selector.td.com/en/restofcanada User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers date Wed, 14 Dec 2022 08:31:18 GMT strict-transport-security max-age=63072000; includeSubdomains; last-modified Wed, 28 Sep 2022 20:40:17 GMT server Apache x-frame-options SAMEORIGIN content-type application/javascript;charset=UTF-8 cache-control max-age=86400, private, must-revalidate, proxy-revalidate, max-age=86400 content-length 425640 expires Thu, 15 Dec 2022 08:31:18 GMT
GET H2	200	ccs.js Show response card-selector.td.com/assets/js/	74 KB 74 KB	198ms 198ms	Script application/javascript	152.199.16.226 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://card-selector.td.com/assets/js/ccs.js?v1104 Requested by Host: card-selector.td.com URL: https://card-selector.td.com/en/restofcanada Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.16.226 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software Apache / Resource Hash eb4cb542f3fb2a7ae78d3b022213e928c73e6fa586754042d3bc3d11ddc68f2f Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains;, max-age=63072000; includeSubdomains; X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://card-selector.td.com/en/restofcanada User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers date Wed, 14 Dec 2022 08:31:18 GMT strict-transport-security max-age=63072000; includeSubdomains;, max-age=63072000; includeSubdomains; last-modified Wed, 14 Dec 2022 08:31:18 GMT server Apache x-frame-options SAMEORIGIN content-type application/javascript;charset=UTF-8 cache-control max-age=86400, private, must-revalidate, proxy-revalidate, public, max-age=0 content-length 75712
GET H2	200	locator.js Show response card-selector.td.com/assets/js/	15 KB 15 KB	266ms 266ms	Script application/javascript	152.199.16.226 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://card-selector.td.com/assets/js/locator.js?v1104 Requested by Host: card-selector.td.com URL: https://card-selector.td.com/en/restofcanada Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.16.226 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software Apache / Resource Hash 4ca177b789543e3a63008e1918e1455c2966c93835cce587f496ad13829edefa Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains;, max-age=63072000; includeSubdomains; X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://card-selector.td.com/en/restofcanada User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers date Wed, 14 Dec 2022 08:31:18 GMT strict-transport-security max-age=63072000; includeSubdomains;, max-age=63072000; includeSubdomains; last-modified Wed, 14 Dec 2022 08:31:18 GMT server Apache x-frame-options SAMEORIGIN content-type application/javascript;charset=UTF-8 cache-control max-age=86400, private, must-revalidate, proxy-revalidate, public, max-age=0 content-length 15662
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.3.1/	85 KB 86 KB	139ms 37ms	Script text/javascript	2a00:1450:4001:812::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js Requested by Host: nexus.ensighten.com URL: https://nexus.ensighten.com/tdb/global-privacy-prod/Bootstrap.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://card-selector.td.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers date Tue, 13 Dec 2022 16:18:20 GMT x-content-type-options nosniff age 58379 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 86927 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Wed, 13 Dec 2023 16:18:20 GMT
GET H2	200	serverComponent.php Show response nexus.ensighten.com/tdb/global-privacy-prod/	290 B 594 B	53ms 53ms	Script text/javascript	18.66.2.46 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://nexus.ensighten.com/tdb/global-privacy-prod/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/tdb/global-privacy-prod/code/&publishedOn=Fri%20Oct%2028%2016:42:58%20GMT%202022&ClientID=822&PageID=https%3A%2F%2Fcard-selector.td.com%2Fen%2Frestofcanada Requested by Host: nexus.ensighten.com URL: https://nexus.ensighten.com/tdb/global-privacy-prod/Bootstrap.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.2.46 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-2-46.txl50.r.cloudfront.net Software nginx / Resource Hash 0c23a26b9c61ab58d283cc9df3c9291ae37a233f2164a0d0f7e2ae7720fcb3c9 Request headers accept-language de-DE,de;q=0.9 Referer https://card-selector.td.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers date Wed, 14 Dec 2022 08:31:19 GMT via 1.1 eeeb5087a36839b2299b9c53f96feb8e.cloudfront.net (CloudFront) server nginx x-amz-cf-pop TXL50-P1 x-cache Miss from cloudfront content-type text/javascript cache-control no-cache, no-store content-length 290 x-amz-cf-id sjWGIeE7gWGpm3q4vTbD_NM1nyS8_t6r3h7OCxEg3WcQsJlHGuLa4g== expires Wed, 14 Dec 2022 08:31:18 GMT
GET H2	200	css fonts.googleapis.com/	1 KB 898 B	136ms 46ms	Stylesheet text/css	2a00:1450:4001:831::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Lato:400,700 Requested by Host: card-selector.td.com URL: https://card-selector.td.com/assets/css/ccs.css?v1104 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash b4820095dbb33dffee5026491f08575d5adcb7e3cab956061f0cffb5052d78c6 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://card-selector.td.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 14 Dec 2022 08:31:19 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Wed, 14 Dec 2022 07:16:11 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 14 Dec 2022 08:31:19 GMT
GET H/1.1	200 OK	id Show response dpm.demdex.net/	5 KB 2 KB	260ms 58ms	XHR application/json	52.209.194.100 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=A783776A5245B1E50A490D44%40AdobeOrg&d_nsid=0&ts=1671006679597 Requested by Host: nexus.ensighten.com URL: https://nexus.ensighten.com/tdb/global-privacy-prod/Bootstrap.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.209.194.100 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-209-194-100.eu-west-1.compute.amazonaws.com Software / Resource Hash 301555f90ad543bdebeb501f724288b4bb77d7980722a0011f15f4440fa732c0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://card-selector.td.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers DCS dcs-prod-irl1-1-v045-078a58cff.edge-irl1.demdex.com 3 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-TID GXMx83KWTj8= Vary Origin P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Access-Control-Allow-Origin https://card-selector.td.com Content-Type application/json;charset=utf-8 Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Access-Control-Allow-Credentials true Connection keep-alive Content-Length 1558 Expires Thu, 01 Jan 1970 00:00:00 UTC
GET H2	200	AppMeasurement.min.js Show response assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/	33 KB 12 KB	39ms 39ms	Script application/x-javascript	2a02:26f0:3500:587::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js Requested by Host: nexus.ensighten.com URL: https://nexus.ensighten.com/tdb/global-privacy-prod/Bootstrap.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c Request headers accept-language de-DE,de;q=0.9 Referer https://card-selector.td.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers unused62 8096267 date Wed, 14 Dec 2022 08:31:19 GMT content-encoding gzip last-modified Mon, 14 Feb 2022 16:35:31 GMT server AkamaiNetStorage etag "d860c16ac938f7d839f0ec158d02d0f0:1644856531.418573" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://card-selector.td.com cache-control no-cache accept-ranges bytes timing-allow-origin * content-length 12163 expires Wed, 14 Dec 2022 09:31:19 GMT
GET H2	200	AppMeasurement_Module_ActivityMap.min.js Show response assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/	3 KB 2 KB	41ms 40ms	Script application/x-javascript	2a02:26f0:3500:587::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_ActivityMap.min.js Requested by Host: nexus.ensighten.com URL: https://nexus.ensighten.com/tdb/global-privacy-prod/Bootstrap.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 462a66acbf50e933685e7587e9f1441df8225b2bb4d6b7bc5e757eccf4ff6575 Request headers accept-language de-DE,de;q=0.9 Referer https://card-selector.td.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers unused62 8096267 date Wed, 14 Dec 2022 08:31:19 GMT content-encoding gzip last-modified Mon, 14 Feb 2022 16:35:31 GMT server AkamaiNetStorage etag "2d1382c349d480b6b41574ac0c1af066:1644856531.739514" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://card-selector.td.com cache-control no-cache accept-ranges bytes timing-allow-origin * content-length 1597 expires Wed, 14 Dec 2022 09:31:19 GMT
GET H2	200	AppMeasurement_Module_AudienceManagement.min.js Show response assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/	25 KB 9 KB	41ms 41ms	Script application/x-javascript	2a02:26f0:3500:587::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_AudienceManagement.min.js Requested by Host: nexus.ensighten.com URL: https://nexus.ensighten.com/tdb/global-privacy-prod/Bootstrap.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 4858af0bdd1175d3f6c795eb053e7cae348ecb67f0633020d7d925c7672de871 Request headers accept-language de-DE,de;q=0.9 Referer https://card-selector.td.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers unused62 8096267 date Wed, 14 Dec 2022 08:31:19 GMT content-encoding gzip last-modified Mon, 14 Feb 2022 16:35:31 GMT server AkamaiNetStorage etag "26a8cd142b539700557eb4710c3d56bd:1644856531.982003" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://card-selector.td.com cache-control no-cache accept-ranges bytes timing-allow-origin * content-length 8753 expires Wed, 14 Dec 2022 09:31:19 GMT
GET H2	200	9435ec3a22107a5de386c34a4a3c0390.js Show response nexus.ensighten.com/tdb/global-privacy-prod/code/	23 KB 5 KB	44ms 44ms	Script application/javascript	18.66.2.46 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://nexus.ensighten.com/tdb/global-privacy-prod/code/9435ec3a22107a5de386c34a4a3c0390.js?conditionId0=4835611 Requested by Host: nexus.ensighten.com URL: https://nexus.ensighten.com/tdb/global-privacy-prod/Bootstrap.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.2.46 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-2-46.txl50.r.cloudfront.net Software AmazonS3 / Resource Hash 75edbd13b37df3afb2a16d2ff785ffc101f903f74ee703f2484ab0cddf8a2194 Request headers accept-language de-DE,de;q=0.9 Referer https://card-selector.td.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers date Thu, 01 Dec 2022 15:12:51 GMT x-amz-version-id K_c1ONUns.WCierldHmlIpn453h_K0XN content-encoding br via 1.1 eeeb5087a36839b2299b9c53f96feb8e.cloudfront.net (CloudFront) x-amz-cf-pop TXL50-P1 age 1099109 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Fri, 28 Oct 2022 16:43:04 GMT server AmazonS3 etag W/"bd04365228e182f659c7704fcb71a998" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=315360000 x-amz-cf-id fMYpwsntRJl69q0Z-MPz8LGiXGLcfQ5kLgvRVrct-USmf0TnGkPQyg==
GET H2	200	weblysleekuisl-webfont.woff2 card-selector.td.com/assets/fonts/	21 KB 21 KB	37ms 37ms	Font application/font-woff2	152.199.16.226 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://card-selector.td.com/assets/fonts/weblysleekuisl-webfont.woff2 Requested by Host: card-selector.td.com URL: https://card-selector.td.com/assets/css/ccs.css?v1104 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.16.226 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECD (frb/675F) / Resource Hash 8adf7be5e4b8e09896eb13e9eaa409a3bcf7d35a096c858127816cd520d8b13f Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; X-Frame-Options SAMEORIGIN Request headers Referer https://card-selector.td.com/assets/css/ccs.css?v1104 Origin https://card-selector.td.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers date Wed, 14 Dec 2022 08:31:19 GMT strict-transport-security max-age=63072000; includeSubdomains; last-modified Tue, 31 Mar 2020 04:13:25 GMT server ECD (frb/675F) age 309 x-frame-options SAMEORIGIN x-cache HIT content-type application/font-woff2 cache-control max-age=86400, private, must-revalidate, proxy-revalidate accept-ranges bytes content-length 21472 expires Sat, 20 Feb 2021 03:03:30 GMT
GET H2	204	1.gif nexus.ensighten.com/privacy/v1/c/	0 268 B	46ms 45ms	Image text/plain	18.66.2.46 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://nexus.ensighten.com/privacy/v1/c/1.gif?n=3&c=822&i=8qhcun&p=global-privacy-prod&d=N4IgbgpgTgzglgewHYgFwgIwDoAMuQA0IA5gIYAuEA7qQJ5ogBMWAzKyzoSAMYA2cEJOQCSAEzQAORoyJ8BQgHKkAthAblRAIy4AHAK6b+MABYAFCsYbFeCTaV4BaHVDhhS3Wk6gJxRZT7V0KmM4SiNyLm4EBABrARg0UAAVABEAIQB9AFEFAGVhAHEACSScjNMAJWEANQBBAGEATXLoGGR7OAAvCkQUdE4iVMyc-OLShXKquqaMpJCoUXMocnp+kABfIlEI1AwANgB2DBwcPcOATgPpIhgIcnI4JGIE1FB-UXsGQUooZzhbriCMBwbxIVRCBimAz8bgAAnqpCQpA+XFEEAAZqQ9LxyC9QKZWu1+N0Hsg0BhBvNFqRlqsMOtNiAIJAhC8ANqgZnfBhRWICerGRHECC+EDbcmHY6nC5XGQgOYg6m0hicdYAXXWQA Requested by Host: card-selector.td.com URL: https://card-selector.td.com/en/restofcanada Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.2.46 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-2-46.txl50.r.cloudfront.net Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://card-selector.td.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers date Wed, 14 Dec 2022 08:31:19 GMT via 1.1 eeeb5087a36839b2299b9c53f96feb8e.cloudfront.net (CloudFront) server nginx x-amz-cf-pop TXL50-P1 x-cache Miss from cloudfront cache-control no-cache, no-store x-amz-cf-id ksTHGO6fehFlKJJOEJ1zatgSqxMiylm_iGv8hsekNLLxFOEdUA66aQ== expires Wed, 14 Dec 2022 08:31:18 GMT
GET H2	204	e.gif nexus.ensighten.com/error/	0 249 B	29ms 29ms	Image text/plain	18.66.2.46 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://nexus.ensighten.com/error/e.gif?msg=Cannot%20read%20properties%20of%20undefined%20(reading%20%27replace%27)&lnn=-1&fn=&cid=822&client=tdb&publishPath=global-privacy-prod&rid=3741954&did=513941&errorName=TypeError Requested by Host: card-selector.td.com URL: https://card-selector.td.com/en/restofcanada Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.2.46 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-2-46.txl50.r.cloudfront.net Software CloudFront / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://card-selector.td.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers date Wed, 14 Dec 2022 00:24:41 GMT via 1.1 eeeb5087a36839b2299b9c53f96feb8e.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop TXL50-P1 age 29198 x-cache Hit from cloudfront cache-control no-cache, no-store x-amz-cf-id sFDglnxucT1ocRkzOV7pMNrr6mbCV_-1OV9WLfAnzzHyOejiN0ey0A==
GET H2	200	app.component.html Show response card-selector.td.com/app/	413 B 493 B	193ms 192ms	XHR text/html	152.199.16.226 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://card-selector.td.com/app/app.component.html Requested by Host: nexus.ensighten.com URL: https://nexus.ensighten.com/tdb/global-privacy-prod/Bootstrap.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.16.226 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software Apache / Resource Hash 1a283c2cd45d8b65dced167c6faaa52126498048c03b28f84f3f0f3e36c6f6c9 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; X-Frame-Options SAMEORIGIN Request headers Accept application/json, text/plain, */* Referer https://card-selector.td.com/en/restofcanada accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers date Wed, 14 Dec 2022 08:31:19 GMT strict-transport-security max-age=63072000; includeSubdomains; last-modified Wed, 21 Jul 2021 14:01:55 GMT server Apache x-frame-options SAMEORIGIN content-type text/html;charset=UTF-8 cache-control max-age=86400, private, must-revalidate, proxy-revalidate, max-age=86400 content-length 413 expires Thu, 15 Dec 2022 08:31:19 GMT
GET H/1.1	200 OK	dest5.html Show response td.demdex.net/ Frame 3968	7 KB 3 KB	245ms 56ms	Document text/html	34.247.60.250 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://td.demdex.net/dest5.html?d_nsid=0 Requested by Host: nexus.ensighten.com URL: https://nexus.ensighten.com/tdb/global-privacy-prod/Bootstrap.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.247.60.250 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-247-60-250.eu-west-1.compute.amazonaws.com Software / Resource Hash 7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://card-selector.td.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 2791 Content-Type text/html;charset=UTF-8 DCS dcs-prod-irl1-1-v045-02fbabcd7.edge-irl1.demdex.com 0 ms Expires Thu, 01 Jan 1970 00:00:00 UTC P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains X-TID 30Si2zV5TRI= content-encoding gzip date Wed, 14 Dec 2022 08:31:20 GMT last-modified Fri, 28 Oct 2022 11:02:57 GMT vary accept-encoding
GET H/1.1	200 OK	ibs:dpid=411&dpuuid=Y5mJ2AAAAFAnCQNn dpm.demdex.net/ Redirect Chain https://cm.everesttech.net/cm/dd?d_uuid=70278067664376496140301619823413399953 https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y5mJ2AAAAFAnCQNn	42 B 942 B	57ms 57ms	Image image/gif	52.209.194.100 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y5mJ2AAAAFAnCQNn Protocol HTTP/1.1 Server 52.209.194.100 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-209-194-100.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://card-selector.td.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers DCS dcs-prod-irl1-2-v045-017f03edc.edge-irl1.demdex.com 2 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID MeEf+rFSSss= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Content-Type image/gif Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers Location https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y5mJ2AAAAFAnCQNn Date Wed, 14 Dec 2022 08:31:20 GMT Cache-Control no-cache Server AMO-cookiemap/1.1 Connection keep-alive Content-Length 0 P3P CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
POST H2	200	delivery Show response tdbankfinancialgroup.tt.omtrdc.net/rest/v1/	363 B 727 B	206ms 67ms	XHR application/json	3.248.149.196 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tdbankfinancialgroup.tt.omtrdc.net/rest/v1/delivery?client=tdbankfinancialgroup&sessionId=10a54c498f7743bdb7d4fc07b336b426&version=2.8.2 Requested by Host: nexus.ensighten.com URL: https://nexus.ensighten.com/tdb/global-privacy-prod/Bootstrap.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.248.149.196 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-248-149-196.eu-west-1.compute.amazonaws.com Software / Resource Hash 9343a239b0ecb1f0569c07511413ed1e923c4abd1a3707ac62f36c4a3ee066d5 Request headers Referer https://card-selector.td.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Content-Type text/plain Response headers date Wed, 14 Dec 2022 08:31:20 GMT content-encoding gzip accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List vary origin,access-control-request-method,access-control-request-headers,accept-encoding content-type application/json;charset=UTF-8 access-control-allow-origin https://card-selector.td.com access-control-allow-credentials true timing-allow-origin * x-request-id 052fee90fd688db2f829f559dbf3b290
GET H2	200	header.html Show response card-selector.td.com/app/wrapper/	2 KB 2 KB	202ms 201ms	XHR text/html	152.199.16.226 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://card-selector.td.com/app/wrapper/header.html Requested by Host: nexus.ensighten.com URL: https://nexus.ensighten.com/tdb/global-privacy-prod/Bootstrap.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.16.226 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software Apache / Resource Hash 3e6cfb95861a26e37d301cd1128db9e920e9ecf9fbb7ebebac6e97a3e766718b Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; X-Frame-Options SAMEORIGIN Request headers Accept application/json, text/plain, */* Referer https://card-selector.td.com/en/restofcanada accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers date Wed, 14 Dec 2022 08:31:19 GMT strict-transport-security max-age=63072000; includeSubdomains; last-modified Mon, 01 Mar 2021 21:02:39 GMT server Apache x-frame-options SAMEORIGIN content-type text/html;charset=UTF-8 cache-control max-age=86400, private, must-revalidate, proxy-revalidate, max-age=86400 content-length 2259 expires Thu, 15 Dec 2022 08:31:19 GMT
GET H2	200	message.component.html Show response card-selector.td.com/app/locator/	1 KB 1 KB	214ms 214ms	XHR text/html	152.199.16.226 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://card-selector.td.com/app/locator/message.component.html Requested by Host: nexus.ensighten.com URL: https://nexus.ensighten.com/tdb/global-privacy-prod/Bootstrap.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.16.226 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software Apache / Resource Hash 6477b128958de776a5d2fd6580cdffe6d5de57b12b9d4dd781d3395caa2c8ad3 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; X-Frame-Options SAMEORIGIN Request headers Accept application/json, text/plain, */* Referer https://card-selector.td.com/en/restofcanada accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers date Wed, 14 Dec 2022 08:31:19 GMT strict-transport-security max-age=63072000; includeSubdomains; last-modified Wed, 09 Dec 2020 21:24:21 GMT server Apache x-frame-options SAMEORIGIN content-type text/html;charset=UTF-8 cache-control max-age=86400, private, must-revalidate, proxy-revalidate, max-age=86400 content-length 1078 expires Thu, 15 Dec 2022 08:31:19 GMT
GET H2	200	footer.html Show response card-selector.td.com/app/wrapper/	2 KB 2 KB	195ms 195ms	XHR text/html	152.199.16.226 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://card-selector.td.com/app/wrapper/footer.html Requested by Host: nexus.ensighten.com URL: https://nexus.ensighten.com/tdb/global-privacy-prod/Bootstrap.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.16.226 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software Apache / Resource Hash 16a5b1dcdc5afcced143cb32293d915a26696f2b9f1f8a28647853f2cc36eef4 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; X-Frame-Options SAMEORIGIN Request headers Accept application/json, text/plain, */* Referer https://card-selector.td.com/en/restofcanada accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers date Wed, 14 Dec 2022 08:31:19 GMT strict-transport-security max-age=63072000; includeSubdomains; last-modified Thu, 26 Nov 2020 16:04:02 GMT server Apache x-frame-options SAMEORIGIN content-type text/html;charset=UTF-8 cache-control max-age=86400, private, must-revalidate, proxy-revalidate, max-age=86400 content-length 2179 expires Thu, 15 Dec 2022 08:31:19 GMT
GET H2	200	selector.component.html Show response card-selector.td.com/app/locator/	6 KB 6 KB	194ms 194ms	XHR text/html	152.199.16.226 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://card-selector.td.com/app/locator/selector.component.html Requested by Host: nexus.ensighten.com URL: https://nexus.ensighten.com/tdb/global-privacy-prod/Bootstrap.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.16.226 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software Apache / Resource Hash ccc498c280d6ad51fa09f69474bb4707268aa7baf4b1d998970fc0bd714923cf Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; X-Frame-Options SAMEORIGIN Request headers Accept application/json, text/plain, */* Referer https://card-selector.td.com/en/restofcanada accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers date Wed, 14 Dec 2022 08:31:19 GMT strict-transport-security max-age=63072000; includeSubdomains; last-modified Tue, 05 May 2020 12:09:04 GMT server Apache x-frame-options SAMEORIGIN content-type text/html;charset=UTF-8 cache-control max-age=86400, private, must-revalidate, proxy-revalidate, max-age=86400 content-length 6592 expires Thu, 15 Dec 2022 08:31:19 GMT
GET H2	200	overlay.component.html Show response card-selector.td.com/app/overlay/	522 B 578 B	195ms 195ms	XHR text/html	152.199.16.226 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://card-selector.td.com/app/overlay/overlay.component.html Requested by Host: nexus.ensighten.com URL: https://nexus.ensighten.com/tdb/global-privacy-prod/Bootstrap.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.16.226 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software Apache / Resource Hash 598953b410ad70bc46db2669cfbe452f0989f007dfd53ac8f1b92efb5e16ce5f Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; X-Frame-Options SAMEORIGIN Request headers Accept application/json, text/plain, */* Referer https://card-selector.td.com/en/restofcanada accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers date Wed, 14 Dec 2022 08:31:19 GMT strict-transport-security max-age=63072000; includeSubdomains; last-modified Tue, 29 Jun 2021 03:13:18 GMT server Apache x-frame-options SAMEORIGIN content-type text/html;charset=UTF-8 cache-control max-age=86400, private, must-revalidate, proxy-revalidate, max-age=86400 content-length 522 expires Thu, 15 Dec 2022 08:31:19 GMT
GET H2	200	data.json Show response card-selector.td.com/rest/	387 KB 387 KB	849ms 849ms	XHR application/json	152.199.16.226 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://card-selector.td.com/rest/data.json?14&lang=en_ON Requested by Host: nexus.ensighten.com URL: https://nexus.ensighten.com/tdb/global-privacy-prod/Bootstrap.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.16.226 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software Apache / Resource Hash 765bf074d6cda026ecfe9d2fa8e0cd76fab8d0875e991640df6af6edd33da81b Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains;, max-age=63072000; includeSubdomains; X-Frame-Options SAMEORIGIN Request headers Accept application/json, text/plain, */* Referer https://card-selector.td.com/en/restofcanada accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers date Wed, 14 Dec 2022 08:31:19 GMT strict-transport-security max-age=63072000; includeSubdomains;, max-age=63072000; includeSubdomains; last-modified Wed, 14 Dec 2022 08:31:20 GMT server Apache x-frame-options SAMEORIGIN content-type application/json cache-control max-age=86400, private, must-revalidate, proxy-revalidate, public, max-age=0 content-length 396303
GET H2	200	questions.component.html Show response card-selector.td.com/app/questions/	1 KB 1 KB	211ms 211ms	XHR text/html	152.199.16.226 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://card-selector.td.com/app/questions/questions.component.html Requested by Host: nexus.ensighten.com URL: https://nexus.ensighten.com/tdb/global-privacy-prod/Bootstrap.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.16.226 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software Apache / Resource Hash a19b5e7cae9a2d402ea5844a361180a4cbbfa0b47287f227433287ce74b21072 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; X-Frame-Options SAMEORIGIN Request headers Accept application/json, text/plain, */* Referer https://card-selector.td.com/en/restofcanada accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers date Wed, 14 Dec 2022 08:31:19 GMT strict-transport-security max-age=63072000; includeSubdomains; last-modified Thu, 06 Oct 2022 01:30:44 GMT server Apache x-frame-options SAMEORIGIN content-type text/html;charset=UTF-8 cache-control max-age=86400, private, must-revalidate, proxy-revalidate, max-age=86400 content-length 1341 expires Thu, 15 Dec 2022 08:31:19 GMT
GET H/1.1	200 OK	ibs:dpid=21&dpuuid=216593104365000838527 dpm.demdex.net/ Frame 3968 Redirect Chain https://aa.agkn.com/adscores/g.pixel?sid=9211132908&aam=70278067664376496140301619823413399953 https://dpm.demdex.net/ibs:dpid=21&dpuuid=216593104365000838527	42 B 942 B	57ms 57ms	Image image/gif	52.209.194.100 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=21&dpuuid=216593104365000838527 Protocol HTTP/1.1 Server 52.209.194.100 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-209-194-100.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://td.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers DCS dcs-prod-irl1-1-v045-0333db6ef.edge-irl1.demdex.com 2 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID 5OTesBw/R54= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Content-Type image/gif Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers pragma no-cache date Wed, 14 Dec 2022 08:31:20 GMT server AAWebServer access-control-allow-methods GET, POST, OPTIONS p3p policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID" location https://dpm.demdex.net/ibs:dpid=21&dpuuid=216593104365000838527 access-control-allow-origin * cache-control no-cache, no-store, must-revalidate access-control-allow-headers accept, cache-control, origin, x-requested-with, x-file-name, content-type expires 0
GET H2	200	icons.woff2 card-selector.td.com/assets/fonts/icons/	38 KB 39 KB	37ms 37ms	Font application/font-woff2	152.199.16.226 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://card-selector.td.com/assets/fonts/icons/icons.woff2?e8rhlo Requested by Host: card-selector.td.com URL: https://card-selector.td.com/assets/css/emerald10.css?v1104 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.16.226 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECD (frb/67BF) / Resource Hash 5c698114dcd26f010894bfab45722caf3906992a4d8cfdf400b0147b40ee9457 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; X-Frame-Options SAMEORIGIN Request headers Referer https://card-selector.td.com/assets/css/emerald10.css?v1104 Origin https://card-selector.td.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers date Wed, 14 Dec 2022 08:31:20 GMT strict-transport-security max-age=63072000; includeSubdomains; last-modified Tue, 31 Mar 2020 04:13:25 GMT server ECD (frb/67BF) age 310 x-frame-options SAMEORIGIN x-cache HIT content-type application/font-woff2 cache-control max-age=86400, private, must-revalidate, proxy-revalidate accept-ranges bytes content-length 39308 expires Tue, 07 Apr 2020 16:03:02 GMT
GET H2	200	td-logo.png card-selector.td.com/assets/img/layout/	3 KB 3 KB	190ms 190ms	Image image/png	152.199.16.226 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://card-selector.td.com/assets/img/layout/td-logo.png Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.16.226 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software Apache / Resource Hash e9682e19c129f7675bf49c78b22a6fb88b0d7fe6442cb6f3e2b555b5e94bb3ca Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://card-selector.td.com/en/restofcanada User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers date Wed, 14 Dec 2022 08:31:19 GMT strict-transport-security max-age=63072000; includeSubdomains; last-modified Tue, 31 Mar 2020 04:13:25 GMT server Apache x-frame-options SAMEORIGIN content-type image/png cache-control max-age=86400, private, must-revalidate, proxy-revalidate accept-ranges bytes content-length 3175 expires Sat, 20 Feb 2021 03:03:36 GMT
GET DATA	200 OK	truncated /	516 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a8730872af93beb4403f33759a469019a84efaa5c45422ee94f322a1c67d3f8b Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	392 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7fe8a155aecd2dd9eeca361c641907fe62e77f2a9622aedbcaa08783269b1e45 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers Content-Type image/svg+xml
GET H/1.1	200 OK	ibs:dpid=269&dpuuid=78b26399-89d8-4e00-a479-139bdaad0741&ddsuuid=70278067664376496140301619823413399953 dpm.demdex.net/ Frame 3968 Redirect Chain https://sync.mathtag.com/sync/img?mt_exid=10004&mt_exuid=70278067664376496140301619823413399953&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D269%26dpuuid%3D[MM_UUID]%26ddsuuid%3d70278067664376... https://dpm.demdex.net/ibs:dpid=269&dpuuid=78b26399-89d8-4e00-a479-139bdaad0741&ddsuuid=70278067664376496140301619823413399953	42 B 942 B	59ms 59ms	Image image/gif	52.209.194.100 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=269&dpuuid=78b26399-89d8-4e00-a479-139bdaad0741&ddsuuid=70278067664376496140301619823413399953 Protocol HTTP/1.1 Server 52.209.194.100 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-209-194-100.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://td.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers DCS dcs-prod-irl1-2-v045-0f2a7c28b.edge-irl1.demdex.com 3 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID HUb5t1/tTRg= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Content-Type image/gif Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers Date Wed, 14 Dec 2022 08:31:20 GMT Server MT3 180 1fd3e2d master zrh-pixel-x31 config:1.0.0 Content-Type image/gif Access-Control-Allow-Origin * location https://dpm.demdex.net/ibs:dpid=269&dpuuid=78b26399-89d8-4e00-a479-139bdaad0741&ddsuuid=70278067664376496140301619823413399953 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache Connection keep-alive Keep-Alive timeout=360 Content-Length 0 Expires Wed, 14 Dec 2022 08:31:19 GMT
GET H/1.1	200 OK	ibs:dpid=358&dpuuid=1091843182379819389 dpm.demdex.net/ Frame 3968 Redirect Chain https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID https://dpm.demdex.net/ibs:dpid=358&dpuuid=1091843182379819389	42 B 942 B	58ms 58ms	Image image/gif	52.209.194.100 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=358&dpuuid=1091843182379819389 Protocol HTTP/1.1 Server 52.209.194.100 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-209-194-100.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://td.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers DCS dcs-prod-irl1-2-v045-034f2d6c4.edge-irl1.demdex.com 2 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID BnX+EimxQZY= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Content-Type image/gif Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers Pragma no-cache Date Wed, 14 Dec 2022 08:31:20 GMT AN-X-Request-Uuid c7fe7061-c21a-458e-be6a-74fe0cec53df Server nginx/1.21.3 Content-Type text/html; charset=utf-8 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Location https://dpm.demdex.net/ibs:dpid=358&dpuuid=1091843182379819389 Connection keep-alive X-Proxy-Origin 80.255.7.104; 80.255.7.104; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	204 No Content	token token.rubiconproject.com/ Frame 3968	0 214 B	186ms 39ms	Image text/plain	69.173.144.165 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://token.rubiconproject.com/token?pid=6404&puid=70278067664376496140301619823413399953&gdpr=0&gdpr_consent= Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://td.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers Expires 0 Pragma no-cache Cache-Control no-cache,no-store,must-revalidate X-RPHost 4cdacfaa68e4ab216fffbcc107c5b898 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H/1.1	200 OK	ibs:dpid=540&dpuuid=1dbdce38-b1aa-43b6-ae40-e070294427d5 dpm.demdex.net/ Frame 3968 Redirect Chain https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D540%26dpuuid%3D%24%7BTA_DEVICE_ID%7D&partner_device_id=70278067664376496140301619823... https://pixel.tapad.com/idsync/ex/receive/check?partner_id=ADB&partner_url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D540%26dpuuid%3D%24%7BTA_DEVICE_ID%7D&partner_device_id=70278067664376496140301... https://dpm.demdex.net/ibs:dpid=540&dpuuid=1dbdce38-b1aa-43b6-ae40-e070294427d5	42 B 942 B	57ms 56ms	Image image/gif	52.209.194.100 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=540&dpuuid=1dbdce38-b1aa-43b6-ae40-e070294427d5 Protocol HTTP/1.1 Server 52.209.194.100 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-209-194-100.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://td.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers DCS dcs-prod-irl1-1-v045-0ed41892e.edge-irl1.demdex.com 2 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID SqV7BLwGQek= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Content-Type image/gif Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers date Wed, 14 Dec 2022 08:31:20 GMT strict-transport-security max-age=31536000 via 1.1 google accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 p3p policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" location https://dpm.demdex.net/ibs:dpid=540&dpuuid=1dbdce38-b1aa-43b6-ae40-e070294427d5 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	204	/ dp2.33across.com/ps/ Frame 3968	0 68 B	500ms 127ms	Image text/plain	67.202.105.22 STEADFAST
General Check archive.org Show headers Download Go to Show image Full URL https://dp2.33across.com/ps/?pid=897&random=1781299871 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.202.105.22 Palos Park, United States, ASN32748 (STEADFAST, US), Reverse DNS ip22.67-202-105.static.steadfastdns.net Software 33XP003 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://td.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers x-33x-status 208 date Wed, 14 Dec 2022 08:31:20 GMT server 33XP003
GET H/1.1	200 OK	ibs:dpid=771&dpuuid=CAESEAdI6ZEF1lABiYEolc3C_YA&google_cver=1 dpm.demdex.net/ Frame 3968 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NzAyNzgwNjc2NjQzNzY0OTYxNDAzMDE2MTk4MjM0MTMzOTk5NTM= https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NzAyNzgwNjc2NjQzNzY0OTYxNDAzMDE2MTk4MjM0MTMzOTk5NTM=&google_tc= https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEAdI6ZEF1lABiYEolc3C_YA&google_cver=1?gdpr=0&gdpr_consent=	42 B 942 B	57ms 56ms	Image image/gif	52.209.194.100 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEAdI6ZEF1lABiYEolc3C_YA&google_cver=1?gdpr=0&gdpr_consent= Protocol HTTP/1.1 Server 52.209.194.100 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-209-194-100.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://td.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers DCS dcs-prod-irl1-1-v045-0a888e68a.edge-irl1.demdex.com 2 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID UCggoiQPQxQ= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Content-Type image/gif Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers pragma no-cache date Wed, 14 Dec 2022 08:31:20 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEAdI6ZEF1lABiYEolc3C_YA&google_cver=1?gdpr=0&gdpr_consent= p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 314 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	adsct analytics.twitter.com/i/ Frame 3968	43 B 394 B	255ms 145ms	Image image/gif	104.244.42.67 TWITTER
General Check archive.org Show headers Download Go to Show image Full URL https://analytics.twitter.com/i/adsct?p_user_id=70278067664376496140301619823413399953&p_id=38594 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.244.42.67 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_o / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=631138519 Request headers accept-language de-DE,de;q=0.9 Referer https://td.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers x-response-time 108 date Wed, 14 Dec 2022 08:31:20 GMT strict-transport-security max-age=631138519 server tsa_o content-type image/gif;charset=utf-8 x-transaction-id 8c1edba228216e3a cache-control no-cache, no-store, max-age=0 perf 7626143928 x-connection-hash 8d9328469c18aabc665c5f2aeb7b2017f3156618312dc7850417c357aeb39cfa content-length 43
GET H2	200	types.component.html Show response card-selector.td.com/app/questions/types/	1 KB 1 KB	195ms 194ms	XHR text/html	152.199.16.226 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://card-selector.td.com/app/questions/types/types.component.html Requested by Host: nexus.ensighten.com URL: https://nexus.ensighten.com/tdb/global-privacy-prod/Bootstrap.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.16.226 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software Apache / Resource Hash 976c2e8357bb46d196306588245402f206e1f0bd98bfca42975f2e6f989c125e Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; X-Frame-Options SAMEORIGIN Request headers Accept application/json, text/plain, */* Referer https://card-selector.td.com/en/restofcanada accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers date Wed, 14 Dec 2022 08:31:20 GMT strict-transport-security max-age=63072000; includeSubdomains; last-modified Thu, 09 Sep 2021 15:07:05 GMT server Apache x-frame-options SAMEORIGIN content-type text/html;charset=UTF-8 cache-control max-age=86400, private, must-revalidate, proxy-revalidate, max-age=86400 content-length 1112 expires Thu, 15 Dec 2022 08:31:20 GMT
GET H/1.1	200 OK	1x1 pixel.everesttech.net/ Frame 3968 Redirect Chain https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.everesttech.net%2F1x1%3F https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WTVtSjJBQUFBRkFuQ1FObg&url=/1/gr%3furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F&google_gid=CAESEHbvouMnTcrmJNlp2Awu7gU&google_cver=1 https://pixel.everesttech.net/1x1	128 B 796 B	54ms 54ms	Image image/png	52.30.137.13 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.everesttech.net/1x1 Protocol HTTP/1.1 Server 52.30.137.13 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-30-137-13.eu-west-1.compute.amazonaws.com Software Apache / Resource Hash bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f Request headers accept-language de-DE,de;q=0.9 Referer https://td.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers Date Wed, 14 Dec 2022 08:31:21 GMT Last-Modified Mon, 19 Jul 2021 07:56:25 GMT Server Apache ETag "b3b521-80-5c775461d9c40" P3P CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM" Content-Type image/png Cache-Control no-cache, no-cache Connection keep-alive Accept-Ranges bytes Content-Length 128 Redirect headers Location https://pixel.everesttech.net/1x1 Date Wed, 14 Dec 2022 08:31:21 GMT Cache-Control no-cache Server AMO-cookiemap/1.1 Connection keep-alive Content-Length 0 P3P CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
GET H/1.1	200 OK	1x1 pixel.everesttech.net/ Frame 3968 Redirect Chain https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072980%26val%3D__EFGSURFER__.__EFGCK__ https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WTVtSjJBQUFBRkFuQ1FObg&url=/1/gr%3furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253... https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEH... https://pixel.everesttech.net/1x1	128 B 691 B	54ms 54ms	Image image/png	52.30.137.13 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.everesttech.net/1x1 Protocol HTTP/1.1 Server 52.30.137.13 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-30-137-13.eu-west-1.compute.amazonaws.com Software Apache / Resource Hash bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f Request headers accept-language de-DE,de;q=0.9 Referer https://td.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers Date Wed, 14 Dec 2022 08:31:21 GMT Last-Modified Mon, 19 Jul 2021 07:56:25 GMT Server Apache ETag "b3b521-80-5c775461d9c40" P3P CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM" Content-Type image/png Cache-Control no-cache, no-cache Connection keep-alive Accept-Ranges bytes Content-Length 128 Redirect headers Location https://pixel.everesttech.net/1x1 Date Wed, 14 Dec 2022 08:31:21 GMT Cache-Control no-cache Server AMO-cookiemap/1.1 Connection keep-alive Content-Length 0 P3P CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
GET H2	200	business-icon.svg card-selector.td.com/assets/img/	389 B 378 B	192ms 192ms	Image image/svg+xml	152.199.16.226 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://card-selector.td.com/assets/img/business-icon.svg Requested by Host: card-selector.td.com URL: https://card-selector.td.com/assets/css/ccs.css?v1104 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.16.226 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software Apache / Resource Hash 4e1c4c07b6198e42f4a8aa1c412ac639cfc42b15cbb24f850f023ec1201b906c Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://card-selector.td.com/assets/css/ccs.css?v1104 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers date Wed, 14 Dec 2022 08:31:20 GMT content-encoding gzip strict-transport-security max-age=63072000; includeSubdomains; last-modified Wed, 18 Nov 2020 15:58:46 GMT server Apache vary Accept-Encoding x-frame-options SAMEORIGIN content-type image/svg+xml cache-control max-age=86400, private, must-revalidate, proxy-revalidate accept-ranges bytes content-length 284 expires Tue, 08 Dec 2020 14:30:20 GMT
GET H2	200	RCf92bac58ff57411c9adb5d7ab4e922d9-source.min.js Show response assets.adobedtm.com/178dbd5c3653/d12ba3746548/827559ed7424/	390 B 525 B	42ms 42ms	Script application/x-javascript	2a02:26f0:3500:587::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/178dbd5c3653/d12ba3746548/827559ed7424/RCf92bac58ff57411c9adb5d7ab4e922d9-source.min.js Requested by Host: nexus.ensighten.com URL: https://nexus.ensighten.com/tdb/global-privacy-prod/Bootstrap.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 81838dfed76fc31c887f0f975da35f16f29902f397c48573e1c6f1a7866aed5c Request headers accept-language de-DE,de;q=0.9 Referer https://card-selector.td.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers date Wed, 14 Dec 2022 08:31:21 GMT content-encoding gzip last-modified Mon, 30 May 2022 13:11:41 GMT server AkamaiNetStorage etag "3dbfcff9e62e481f8859934a14ef4b34:1653916301.635948" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://card-selector.td.com cache-control max-age=3600 accept-ranges bytes timing-allow-origin * content-length 256 expires Wed, 14 Dec 2022 09:31:21 GMT
GET H2	200	icons.woff2 card-selector.td.com/assets/fonts/icons/	38 KB 38 KB	37ms 37ms	Font application/font-woff2	152.199.16.226 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://card-selector.td.com/assets/fonts/icons/icons.woff2?wonkvg Requested by Host: card-selector.td.com URL: https://card-selector.td.com/assets/css/ccs.css?v1104 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.16.226 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECD (frb/67BF) / Resource Hash 5c698114dcd26f010894bfab45722caf3906992a4d8cfdf400b0147b40ee9457 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; X-Frame-Options SAMEORIGIN Request headers Referer https://card-selector.td.com/assets/css/ccs.css?v1104 Origin https://card-selector.td.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers date Wed, 14 Dec 2022 08:31:21 GMT strict-transport-security max-age=63072000; includeSubdomains; last-modified Tue, 31 Mar 2020 04:13:25 GMT server ECD (frb/67BF) age 311 x-frame-options SAMEORIGIN x-cache HIT content-type application/font-woff2 cache-control max-age=86400, private, must-revalidate, proxy-revalidate accept-ranges bytes content-length 39308 expires Tue, 07 Apr 2020 16:03:02 GMT
GET H/1.1	200 OK	1x1 pixel.everesttech.net/ Frame 3968 Redirect Chain https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fib.adnxs.com%2Fpxj%3Faction%3Dsetuid(%27__EFGSURFER__.__EFGCK__%27)%26bidder%3D51%26seg%3D2634060der%3D51%26seg%3D2634060 https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WTVtSjJBQUFBRkFuQ1FObg&url=/1/gr%3furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%25... https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D26... https://pixel.everesttech.net/1x1	128 B 691 B	54ms 54ms	Image image/png	52.30.137.13 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.everesttech.net/1x1 Protocol HTTP/1.1 Server 52.30.137.13 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-30-137-13.eu-west-1.compute.amazonaws.com Software Apache / Resource Hash bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f Request headers accept-language de-DE,de;q=0.9 Referer https://td.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers Date Wed, 14 Dec 2022 08:31:21 GMT Last-Modified Mon, 19 Jul 2021 07:56:25 GMT Server Apache ETag "b3b521-80-5c775461d9c40" P3P CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM" Content-Type image/png Cache-Control no-cache, no-cache Connection keep-alive Accept-Ranges bytes Content-Length 128 Redirect headers Location https://pixel.everesttech.net/1x1 Date Wed, 14 Dec 2022 08:31:21 GMT Cache-Control no-cache Server AMO-cookiemap/1.1 Connection keep-alive Content-Length 0 P3P CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
POST H2	204	delivery tdbankfinancialgroup.tt.omtrdc.net/rest/v1/	0 207 B	62ms 61ms	Ping text/plain	3.248.149.196 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tdbankfinancialgroup.tt.omtrdc.net/rest/v1/delivery?client=tdbankfinancialgroup&sessionId=10a54c498f7743bdb7d4fc07b336b426&version=2.8.2 Requested by Host: nexus.ensighten.com URL: https://nexus.ensighten.com/tdb/global-privacy-prod/Bootstrap.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.248.149.196 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-248-149-196.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://card-selector.td.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://card-selector.td.com date Wed, 14 Dec 2022 08:31:21 GMT access-control-allow-credentials true vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers x-request-id 90b05b41b3b89e086c71b2105294d841
GET H2	200	RC72e977dcc40a4d93a3b170d265030176-source.min.js Show response assets.adobedtm.com/178dbd5c3653/d12ba3746548/827559ed7424/	322 B 472 B	39ms 39ms	Script application/x-javascript	2a02:26f0:3500:587::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/178dbd5c3653/d12ba3746548/827559ed7424/RC72e977dcc40a4d93a3b170d265030176-source.min.js Requested by Host: nexus.ensighten.com URL: https://nexus.ensighten.com/tdb/global-privacy-prod/Bootstrap.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 407ce5974ccd64d9b4b932c5eeb2856c6123ebf10b1eaaf63cecd4158b12a198 Request headers accept-language de-DE,de;q=0.9 Referer https://card-selector.td.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers date Wed, 14 Dec 2022 08:31:21 GMT content-encoding gzip last-modified Mon, 30 May 2022 13:11:41 GMT server AkamaiNetStorage etag "3dbfcff9e62e481f8859934a14ef4b34:1653916301.635948" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://card-selector.td.com cache-control max-age=3600 accept-ranges bytes timing-allow-origin * content-length 204 expires Wed, 14 Dec 2022 09:31:21 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	110 KB 44 KB	135ms 52ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=DC-5322602&l=dataLayer Requested by Host: nexus.ensighten.com URL: https://nexus.ensighten.com/tdb/global-privacy-prod/Bootstrap.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 1e29044515ca05667b5195ee886c1e47be0464f539c558c826db9c88319c95a2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://card-selector.td.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers date Wed, 14 Dec 2022 08:31:21 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 44134 x-xss-protection 0 last-modified Wed, 14 Dec 2022 06:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 14 Dec 2022 08:31:21 GMT
GET H/1.1	200 OK	1x1 pixel.everesttech.net/ Frame 3968 Redirect Chain https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fexpires%3D30%26nid%3D2181%26put%3D__EFGSURFER__.__EFGCK__%26v%3D11782 https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WTVtSjJBQUFBRkFuQ1FObg&url=/1/gr%3furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpir... https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2... https://pixel.everesttech.net/1x1	128 B 691 B	54ms 54ms	Image image/png	52.30.137.13 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.everesttech.net/1x1 Protocol HTTP/1.1 Server 52.30.137.13 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-30-137-13.eu-west-1.compute.amazonaws.com Software Apache / Resource Hash bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f Request headers accept-language de-DE,de;q=0.9 Referer https://td.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers Date Wed, 14 Dec 2022 08:31:21 GMT Last-Modified Mon, 19 Jul 2021 07:56:25 GMT Server Apache ETag "b3b521-80-5c775461d9c40" P3P CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM" Content-Type image/png Cache-Control no-cache, no-cache Connection keep-alive Accept-Ranges bytes Content-Length 128 Redirect headers Location https://pixel.everesttech.net/1x1 Date Wed, 14 Dec 2022 08:31:21 GMT Cache-Control no-cache Server AMO-cookiemap/1.1 Connection keep-alive Content-Length 0 P3P CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
GET H2	200	s25202857949546 Show response smetrics.td.com/b/ss/tdtdct,tdglobal/10/JS-2.22.4-LCS4/	5 KB 2 KB	445ms 297ms	Script application/x-javascript	2.19.195.227 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://smetrics.td.com/b/ss/tdtdct,tdglobal/10/JS-2.22.4-LCS4/s25202857949546?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=14%2F11%2F2022%208%3A31%3A21%203%200&d.&nsid=0&jsonv=1&.d&sdid=2611D32C4B29C44A-48C760BAC01C2F5B&mid=70540151229416639960309831124219332515&aamlh=6&ce=UTF-8&pageName=%2Fcard-selector.td.com%2Fen%2Frestofcanada&g=https%3A%2F%2Fcard-selector.td.com%2Fen%2Frestofcanada&cc=USD&ch=ca-en&server=card-selector.td.com&events=event1&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&v1=D%3DpageName&v2=D%3Dc1&c4=3%3A30AM&v4=1&c5=Wednesday&v5=1&c6=Weekday&c7=tdct-credit-card-selector&c8=non-retail&c12=not-authenticated&c13=New&v16=D%3Dc2&v17=D%3Dc2&v18=D%3Dc4&v19=D%3Dc5&c20=D%3Ds_vi&v20=D%3Dc6&v24=D%3Dc7&v25=D%3Dc8&v26=D%3Dc9&v27=D%3Dc10&v29=Ontario&c31=non-retail&v32=D%3Dc12&v33=New&v38=D%3Dc14&v39=D%3Ds_vi&v40=D%3Dc15&v61=D%3Dc61&v62=D%3Dc62&v68=D%3Dc21&c70=tdtdct%2Ctdglobal&v71=A1%20%7C%20B0%20%7C%20C0&c74=https%3A%2F%2Fcard-selector.td.com%2Fen%2Frestofcanada&c75=AppMeasurement%20-%202.22.4&v140=tdct%3Atdct-credit-card-selector%3Anon-retail&v144=tdct%3Acredit%3Acard%3Aselector%3Aprod%3A20220513&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=A783776A5245B1E50A490D44%40AdobeOrg&AQE=1 Requested by Host: nexus.ensighten.com URL: https://nexus.ensighten.com/tdb/global-privacy-prod/Bootstrap.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.19.195.227 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-19-195-227.deploy.static.akamaitechnologies.com Software jag / Resource Hash 4cdd801481bd8e024ee344a84d5be4800ea96597f5cc0736f01755cf8e638c95 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://card-selector.td.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers x-aam-tid q9Z5aypSTFk= date Wed, 14 Dec 2022 08:31:21 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=86400 p3p CP="This is not a P3P policy" content-length 1680 x-xss-protection 1; mode=block dcs dcs-prod-irl1-1-v045-02fbabcd7.edge-irl1.demdex.com 9 ms pragma no-cache last-modified Thu, 15 Dec 2022 08:31:21 GMT server jag etag 3588459524004347904-4619622415386418737 vary Accept-Encoding content-type application/x-javascript;charset=utf-8 access-control-allow-origin * cache-control max-age=0, no-cache, no-store expires Wed, 14 Dec 2022 08:31:21 GMT
GET H/1.1	200 OK	1x1 pixel.everesttech.net/ Frame 3968 Redirect Chain https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%3D%26piggybackCookie%3D__EFGSURFER__.__EFGCK__ https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WTVtSjJBQUFBRkFuQ1FObg&url=/1/gr%3furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fv... https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggyb... https://pixel.everesttech.net/1x1	128 B 691 B	54ms 54ms	Image image/png	52.30.137.13 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.everesttech.net/1x1 Protocol HTTP/1.1 Server 52.30.137.13 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-30-137-13.eu-west-1.compute.amazonaws.com Software Apache / Resource Hash bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f Request headers accept-language de-DE,de;q=0.9 Referer https://td.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers Date Wed, 14 Dec 2022 08:31:21 GMT Last-Modified Mon, 19 Jul 2021 07:56:25 GMT Server Apache ETag "b3b521-80-5c775461d9c40" P3P CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM" Content-Type image/png Cache-Control no-cache, no-cache Connection keep-alive Accept-Ranges bytes Content-Length 128 Redirect headers Location https://pixel.everesttech.net/1x1 Date Wed, 14 Dec 2022 08:31:21 GMT Cache-Control no-cache Server AMO-cookiemap/1.1 Connection keep-alive Content-Length 0 P3P CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
GET H3	200	js Show response www.googletagmanager.com/gtag/	109 KB 43 KB	158ms 79ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-196335417-1&l=dataLayer&cx=c Requested by Host: nexus.ensighten.com URL: https://nexus.ensighten.com/tdb/global-privacy-prod/Bootstrap.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 9a2e4ec1eb56c4b9d5cab3e9fd99a468501e7e4fe1ae58b0a83df2b5fe993998 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://card-selector.td.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers date Wed, 14 Dec 2022 08:31:21 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 43621 x-xss-protection 0 last-modified Wed, 14 Dec 2022 06:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 14 Dec 2022 08:31:21 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	109 KB 43 KB	139ms 61ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-196335417-7&l=dataLayer&cx=c Requested by Host: nexus.ensighten.com URL: https://nexus.ensighten.com/tdb/global-privacy-prod/Bootstrap.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash f0370a1ca11276154f8b963ee40751acbe1ce0560610deea68b8eeb73b67c36e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://card-selector.td.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers date Wed, 14 Dec 2022 08:31:21 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 43588 x-xss-protection 0 last-modified Wed, 14 Dec 2022 06:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 14 Dec 2022 08:31:21 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	221 KB 76 KB	185ms 107ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-31RJ2TXDZY&l=dataLayer&cx=c Requested by Host: nexus.ensighten.com URL: https://nexus.ensighten.com/tdb/global-privacy-prod/Bootstrap.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash a4368f31c669ec839134f9403c5921e3fb091b40741d46ef46a581e826ad7248 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://card-selector.td.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers date Wed, 14 Dec 2022 08:31:21 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 78300 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Wed, 14 Dec 2022 08:31:21 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	213 KB 75 KB	171ms 94ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-899CC1L385&l=dataLayer&cx=c Requested by Host: nexus.ensighten.com URL: https://nexus.ensighten.com/tdb/global-privacy-prod/Bootstrap.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash e7e6e79c2d01d871e522ff6c5ce8e64599cdf16d15872d74c9ebab0b6aa8000e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://card-selector.td.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers date Wed, 14 Dec 2022 08:31:21 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 76328 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Wed, 14 Dec 2022 08:31:21 GMT
GET H3	200	activityi;dc_pre=COHtr_3Y-PsCFQfPGQodJSQBXQ;src=5322602;type=publi0;cat=tdctpub;ord=1;num=1767301165933;gtm=2odbu0;auiddc=343410983.1671006681;u1=70540151229416639960309831124219332515;u7=;~oref=ht... Show response 5322602.fls.doubleclick.net/ Frame 0943 Redirect Chain https://5322602.fls.doubleclick.net/activityi;src=5322602;type=publi0;cat=tdctpub;ord=1;num=1767301165933;gtm=2odbu0;auiddc=343410983.1671006681;u1=70540151229416639960309831124219332515;u7=;~oref=... https://5322602.fls.doubleclick.net/activityi;dc_pre=COHtr_3Y-PsCFQfPGQodJSQBXQ;src=5322602;type=publi0;cat=tdctpub;ord=1;num=1767301165933;gtm=2odbu0;auiddc=343410983.1671006681;u1=705401512294166...	466 B 307 B	153ms 77ms	Document text/html	142.250.185.102 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://5322602.fls.doubleclick.net/activityi;dc_pre=COHtr_3Y-PsCFQfPGQodJSQBXQ;src=5322602;type=publi0;cat=tdctpub;ord=1;num=1767301165933;gtm=2odbu0;auiddc=343410983.1671006681;u1=70540151229416639960309831124219332515;u7=;~oref=https%3A%2F%2Fcard-selector.td.com%2Fen%2Frestofcanada? Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=DC-5322602&l=dataLayer Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.102 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f6.1e100.net Software cafe / Resource Hash c8f05b1bc269b78961a9af1222be82a1a759e02016a23889a410632866568899 Security Headers Name Value Strict-Transport-Security max-age=21600 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://card-selector.td.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private, max-age=0 content-encoding br content-length 284 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Wed, 14 Dec 2022 08:31:21 GMT expires Wed, 14 Dec 2022 08:31:21 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control no-cache, must-revalidate content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Wed, 14 Dec 2022 08:31:21 GMT expires Fri, 01 Jan 1990 00:00:00 GMT follow-only-when-prerender-shown 1 location https://5322602.fls.doubleclick.net/activityi;dc_pre=COHtr_3Y-PsCFQfPGQodJSQBXQ;src=5322602;type=publi0;cat=tdctpub;ord=1;num=1767301165933;gtm=2odbu0;auiddc=343410983.1671006681;u1=70540151229416639960309831124219332515;u7=;~oref=https%3A%2F%2Fcard-selector.td.com%2Fen%2Frestofcanada? p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H/1.1	200 OK	ibs:dpid=1175&&dpuuid=HB-5txIV5LcHFLe3ExituhMVsrsHGOHtTE8qZlhl dpm.demdex.net/ Frame 3968 Redirect Chain https://cms.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent= https://dpm.demdex.net/ibs:dpid=1175&&dpuuid=HB-5txIV5LcHFLe3ExituhMVsrsHGOHtTE8qZlhl	42 B 942 B	57ms 57ms	Image image/gif	52.209.194.100 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=1175&&dpuuid=HB-5txIV5LcHFLe3ExituhMVsrsHGOHtTE8qZlhl Protocol HTTP/1.1 Server 52.209.194.100 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-209-194-100.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://td.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers DCS dcs-prod-irl1-1-v045-02fbabcd7.edge-irl1.demdex.com 2 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID nCNHn/vKRx8= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Content-Type image/gif Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers pragma no-cache date Wed, 14 Dec 2022 08:31:21 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" location https://dpm.demdex.net/ibs:dpid=1175&&dpuuid=HB-5txIV5LcHFLe3ExituhMVsrsHGOHtTE8qZlhl cache-control private, no-cache, no-store, proxy-revalidate content-length 0 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H/1.1	200 OK	ibs:dpid=1957&dpuuid=3E47917D3A0B6E1D25E883073BA76F7A dpm.demdex.net/ Frame 3968 Redirect Chain https://c.bing.com/c.gif?uid=70278067664376496140301619823413399953&Red3=MSAdobe_pd&gdpr=0&gdpr_consent= https://dpm.demdex.net/ibs:dpid=1957&dpuuid=3E47917D3A0B6E1D25E883073BA76F7A	42 B 942 B	57ms 57ms	Image image/gif	52.209.194.100 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=1957&dpuuid=3E47917D3A0B6E1D25E883073BA76F7A Protocol HTTP/1.1 Server 52.209.194.100 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-209-194-100.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://td.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers DCS dcs-prod-irl1-2-v045-0dc3ea27c.edge-irl1.demdex.com 2 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID t63tLvXuTC8= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Content-Type image/gif Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers pragma no-cache date Wed, 14 Dec 2022 08:31:21 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 7513773BBF2E458E8B67FA8CAE0C8B9B Ref B: FRA31EDGE0812 Ref C: 2022-12-14T08:31:21Z x-powered-by ASP.NET x-cache CONFIG_NOCACHE p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" location https://dpm.demdex.net/ibs:dpid=1957&dpuuid=3E47917D3A0B6E1D25E883073BA76F7A cache-control private, no-cache, proxy-revalidate, no-store content-length 0
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	120ms 37ms	Script text/javascript	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: nexus.ensighten.com URL: https://nexus.ensighten.com/tdb/global-privacy-prod/Bootstrap.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://card-selector.td.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Wed, 14 Dec 2022 07:15:46 GMT last-modified Tue, 27 Sep 2022 22:01:05 GMT server Golfe2 age 4535 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20039 expires Wed, 14 Dec 2022 09:15:46 GMT
GET H/1.1	200 OK	1x1 pixel.everesttech.net/ Frame 3968 Redirect Chain https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D71%26external_user_id%3D__EFGSURFER__.__EFGCK__ https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WTVtSjJBQUFBRkFuQ1FObg&url=/1/gr%3furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id... https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__&google_... https://pixel.everesttech.net/1x1	128 B 691 B	55ms 54ms	Image image/png	52.30.137.13 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.everesttech.net/1x1 Protocol HTTP/1.1 Server 52.30.137.13 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-30-137-13.eu-west-1.compute.amazonaws.com Software Apache / Resource Hash bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f Request headers accept-language de-DE,de;q=0.9 Referer https://td.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers Date Wed, 14 Dec 2022 08:31:21 GMT Last-Modified Mon, 19 Jul 2021 07:56:25 GMT Server Apache ETag "b3b521-80-5c775461d9c40" P3P CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM" Content-Type image/png Cache-Control no-cache, no-cache Connection keep-alive Accept-Ranges bytes Content-Length 128 Redirect headers Location https://pixel.everesttech.net/1x1 Date Wed, 14 Dec 2022 08:31:21 GMT Cache-Control no-cache Server AMO-cookiemap/1.1 Connection keep-alive Content-Length 0 P3P CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
POST H2	204	collect region1.analytics.google.com/g/	0 350 B	165ms 44ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-899CC1L385&gtm=2oebu0&_p=701937081&_gaz=1&cid=96211973.1671006682&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&uid=&dl=%2Fcard-selector.td.com%2Fen%2Frestofcanada&dt=hoj%3Anull%3A%3Aen%3Arestofcanada&sid=1671006681&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 Requested by Host: nexus.ensighten.com URL: https://nexus.ensighten.com/tdb/global-privacy-prod/Bootstrap.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://card-selector.td.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers pragma no-cache date Wed, 14 Dec 2022 08:31:21 GMT server Golfe2 content-type text/plain access-control-allow-origin https://card-selector.td.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 350 B	155ms 47ms	Ping text/plain	2a00:1450:400c:c08::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-899CC1L385&cid=96211973.1671006682&gtm=2oebu0&aip=1 Requested by Host: nexus.ensighten.com URL: https://nexus.ensighten.com/tdb/global-privacy-prod/Bootstrap.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://card-selector.td.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers pragma no-cache date Wed, 14 Dec 2022 08:31:21 GMT server Golfe2 content-type text/plain access-control-allow-origin https://card-selector.td.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 501 B	137ms 48ms	Image image/gif	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-899CC1L385&cid=96211973.1671006682&gtm=2oebu0&aip=1&z=1069371943 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://card-selector.td.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers pragma no-cache date Wed, 14 Dec 2022 08:31:21 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect region1.analytics.google.com/g/	0 54 B	141ms 48ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-31RJ2TXDZY&gtm=2oebu0&_p=701937081&_gaz=1&cid=96211973.1671006682&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&uid=&dl=%2Fcard-selector.td.com%2Fen%2Frestofcanada&dt=hoj%3Anull%3A%3Aen%3Arestofcanada&sid=1671006681&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1 Requested by Host: nexus.ensighten.com URL: https://nexus.ensighten.com/tdb/global-privacy-prod/Bootstrap.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://card-selector.td.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers pragma no-cache date Wed, 14 Dec 2022 08:31:21 GMT server Golfe2 content-type text/plain access-control-allow-origin https://card-selector.td.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 54 B	127ms 48ms	Ping text/plain	2a00:1450:400c:c08::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-31RJ2TXDZY&cid=96211973.1671006682&gtm=2oebu0&aip=1 Requested by Host: nexus.ensighten.com URL: https://nexus.ensighten.com/tdb/global-privacy-prod/Bootstrap.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://card-selector.td.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers pragma no-cache date Wed, 14 Dec 2022 08:31:21 GMT server Golfe2 content-type text/plain access-control-allow-origin https://card-selector.td.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 107 B	109ms 49ms	Image image/gif	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-31RJ2TXDZY&cid=96211973.1671006682&gtm=2oebu0&aip=1&z=1813766138 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://card-selector.td.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers pragma no-cache date Wed, 14 Dec 2022 08:31:21 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/ Frame 3968	0 185 B	126ms 41ms	Image text/plain	2a03:2880:f12d:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=753587888034357&ev=Adobe-Audience-Manager-Segment&cd[segID]=1830319&noscript=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://td.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Wed, 14 Dec 2022 08:31:21 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H/1.1	200 OK	ibs:dpid=22054 dpm.demdex.net/ Frame 3968 Redirect Chain https://a.tribalfusion.com/i.match?p=b13&u=70278067664376496140301619823413399953&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$ https://s.tribalfusion.com/z/i.match?p=b13&u=70278067664376496140301619823413399953&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$ https://dpm.demdex.net/ibs:dpid=22054	42 B 956 B	56ms 56ms	Image image/gif	52.209.194.100 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=22054 Protocol HTTP/1.1 Server 52.209.194.100 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-209-194-100.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://td.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers DCS dcs-prod-irl1-1-v045-078a58cff.edge-irl1.demdex.com 1 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID HffpL98WQO8= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Content-Type image/gif Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private X-Error 300 Connection keep-alive Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers pragma no-cache date Wed, 14 Dec 2022 08:31:22 GMT cf-cache-status DYNAMIC x-function 209 server cloudflare x-reuse-index 261 content-type text/html location https://dpm.demdex.net/ibs:dpid=22054 p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private cf-ray 779595335b5a9a23-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	dc_pre=COHtr_3Y-PsCFQfPGQodJSQBXQ;src=5322602;type=publi0;cat=tdctpub;ord=1;num=1767301165933;gtm=2odbu0;auiddc=*;u1=70540151229416639960309831124219332515;u7=;~oref=https%3A%2F%2Fcard-selector.td.... adservice.google.com/ddm/fls/z/ Frame 0943	42 B 494 B	171ms 74ms	Image image/gif	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://adservice.google.com/ddm/fls/z/dc_pre=COHtr_3Y-PsCFQfPGQodJSQBXQ;src=5322602;type=publi0;cat=tdctpub;ord=1;num=1767301165933;gtm=2odbu0;auiddc=*;u1=70540151229416639960309831124219332515;u7=;~oref=https%3A%2F%2Fcard-selector.td.com%2Fen%2Frestofcanada Requested by Host: 5322602.fls.doubleclick.net URL: https://5322602.fls.doubleclick.net/activityi;dc_pre=COHtr_3Y-PsCFQfPGQodJSQBXQ;src=5322602;type=publi0;cat=tdctpub;ord=1;num=1767301165933;gtm=2odbu0;auiddc=343410983.1671006681;u1=70540151229416639960309831124219332515;u7=;~oref=https%3A%2F%2Fcard-selector.td.com%2Fen%2Frestofcanada? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://5322602.fls.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers pragma no-cache date Wed, 14 Dec 2022 08:31:21 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	2 B 22 B	121ms 45ms	XHR text/plain	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j98&a=701937081&t=pageview&_s=1&dl=%2Fcard-selector.td.com%2Fen%2Frestofcanada&ul=en-us&de=UTF-8&dt=hoj%3Anull%3A%3Aen%3Arestofcanada&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAACgCI~&jid=484032440&gjid=1321682173&cid=96211973.1671006682&uid=&tid=UA-196335417-7&_gid=783525276.1671006682&_r=1&gtm=2oubu0&z=547086201 Requested by Host: nexus.ensighten.com URL: https://nexus.ensighten.com/tdb/global-privacy-prod/Bootstrap.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://card-selector.td.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 14 Dec 2022 08:31:21 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://card-selector.td.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	2 B 22 B	114ms 45ms	XHR text/plain	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j98&a=701937081&t=pageview&_s=1&dl=%2Fcard-selector.td.com%2Fen%2Frestofcanada&ul=en-us&de=UTF-8&dt=hoj%3Anull%3A%3Aen%3Arestofcanada&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAACgCI~&jid=1852661399&gjid=1417243302&cid=96211973.1671006682&uid=&tid=UA-196335417-1&_gid=783525276.1671006682&_r=1&gtm=2oubu0&z=593517905 Requested by Host: nexus.ensighten.com URL: https://nexus.ensighten.com/tdb/global-privacy-prod/Bootstrap.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://card-selector.td.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 14 Dec 2022 08:31:21 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://card-selector.td.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	ibs:dpid=22052&dpuuid=3632157280899170464 dpm.demdex.net/ Frame 3968 Redirect Chain https://ml314.com/utsync.ashx?eid=50112&et=0&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D22052%26dpuuid%3D[PersonID] https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3632157280899170464	42 B 942 B	58ms 57ms	Image image/gif	52.209.194.100 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3632157280899170464 Protocol HTTP/1.1 Server 52.209.194.100 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-209-194-100.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://td.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers DCS dcs-prod-irl1-2-v045-0f3ed56cf.edge-irl1.demdex.com 2 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID N7HmVnuuQA0= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Content-Type image/gif Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers pragma no-cache date Wed, 14 Dec 2022 08:31:21 GMT via 1.1 google server Microsoft-IIS/10.0 x-aspnet-version 4.0.30319 x-powered-by ASP.NET content-type text/html; charset=utf-8 location https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3632157280899170464 p3p CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA" cache-control no-cache, no-store, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 185 expires 0,Thu, 15 Dec 2022 03:31:21 GMT
POST H3	200	collect Show response stats.g.doubleclick.net/j/	4 B 25 B	142ms 48ms	XHR text/plain	2a00:1450:400c:c08::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-196335417-1&cid=96211973.1671006682&jid=1852661399&gjid=1417243302&_gid=783525276.1671006682&_u=YCDACUABBAAAACgCI~&z=544864309 Requested by Host: nexus.ensighten.com URL: https://nexus.ensighten.com/tdb/global-privacy-prod/Bootstrap.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://card-selector.td.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Wed, 14 Dec 2022 08:31:22 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://card-selector.td.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	200	collect Show response stats.g.doubleclick.net/j/	4 B 25 B	140ms 47ms	XHR text/plain	2a00:1450:400c:c08::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-196335417-7&cid=96211973.1671006682&jid=484032440&gjid=1321682173&_gid=783525276.1671006682&_u=YCDACUAABAAAACgCI~&z=678916085 Requested by Host: nexus.ensighten.com URL: https://nexus.ensighten.com/tdb/global-privacy-prod/Bootstrap.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://card-selector.td.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Wed, 14 Dec 2022 08:31:22 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://card-selector.td.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	ibs:dpid=30646 dpm.demdex.net/ Frame 3968 Redirect Chain https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=70278067664376496140301619823413399953&gdpr=0&gdpr_consent= https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-TWbp8CNE2pGsdHIzpqNfxbXsQOsRz9mpHOk-~A	42 B 942 B	71ms 57ms	Image image/gif	52.209.194.100 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-TWbp8CNE2pGsdHIzpqNfxbXsQOsRz9mpHOk-~A Protocol HTTP/1.1 Server 52.209.194.100 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-209-194-100.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://td.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers DCS dcs-prod-irl1-1-v045-073c16f88.edge-irl1.demdex.com 2 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID tDEezoJMT2g= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Content-Type image/gif Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers date Wed, 14 Dec 2022 08:31:22 GMT strict-transport-security max-age=31536000 via http/1.1 spdc0103.pbp.ir2.yahoo.com (ApacheTrafficServer) server ATS age 0 content-type text/html;charset=utf-8 location https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-TWbp8CNE2pGsdHIzpqNfxbXsQOsRz9mpHOk-~A content-length 0
GET H2	204	1.gif nexus.ensighten.com/privacy/v1/b/	0 268 B	52ms 51ms	Image text/plain	18.66.2.46 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://nexus.ensighten.com/privacy/v1/b/1.gif?n=0&c=822&i=4q4fk7&p=global-privacy-prod&d=N4IgbgpgTgzglgewHYgFwgIwDoAMuQA0IA5gIYAuEA7qQJ5ogBMWAzKyzoSAMYA2cEJOQCSAEzQAORoyIAHAK4AjfjAAWABQqqGxXgkWleAWllQ4YUt1omoCcUThIY5Ukm4QxDACwBHLwDMAawB2LllLQIhyNBwiAFs7CAZBfwQody5uBARAgRg0YABfIkEwOFskOMFo9HUlfm4AAgBhV1JRUi4oCB95CGd81ABtUFF+8kcKRBR0VXJyWRhUAHpl7lIoUSMYCF4IbnI0rHJRLCy45dIYHfIYZYArO7m43gBWNTg4rEeAfi9GLjkWiyJLoGDcMyyaJEZwbGoYABswQwOBwCKRAE4vBjYiBBOJUIjkaj0cEMa8WBiYQh5OlQSA4vIXBNkAB5RQ7KCQKDNAAyXFh5HkgxAenaXQgV2QgyGAF0iB0XJp5tAnGg5UQVDUNSA4ASmDhpEYMIxjV4ACo4CSoFgYQkYrDYnAALRAxVG40mLJmIDmCyWq1Esi+YziYwAHlgkFFlnqfqIAPpleCJ7kAXlejtwADJE-4BLxRMRbPJZGmALLNXMJqDkRSiNOPZDV9OMatpYh6tMAQWCEhYwWCCO7r0YXleACEMABRV44btOgAiXi8AFIvPPRPoIKyoMRq04uzhs7c00SUWjMa8MaEiECQQxw6ooAKXLW0OeSVebyUkATP5eZLXsE1K0hk6AABoABIAEoJuW3YAHLdgA4tOMGvhQwoMIYehUBA9ggN0UpqsM8ogIqpDKpQUCkTqWrquReoMIwhqmiaZqWtatr2lgwGuu6FGekgUzIAwfqLCslzXFEMBYO026iOQXznMsEDhpQh7Sss07qBgyIQMEtrcBiBgsAEGAmXO3AsAioiMAiEAsBA-iiAiGDLN2siyOWkowLSEBVEI8F2PIewJt28iiAIbgQOWbTEIF1RYHEjjfPkd7AvS4KQtCICwu+hJIhepIYgiOBUnif4fsVX5ku5IH5TSdIMIyzLTOynLcnymFCiKYqEcRMDSoxCoUFRFA0XR5EMWRDj6qxRocRgFpWjadoYA65UYgJBAes4XrTOJ8ySas0bhsKWCCPAxBzIIZwIBcJyKMsuj6IYNjmJY1imHYayJMsWIsK8+wsKQ0gosEpCvGMLASAiNleKQSMsNwOCUngvxZH+cDemIOBpl4-avO5GCAllDA5XAUKYYVAGlQiY6-v+tWAWVTNNWB9JtaJSCddA3X8jCzLYegA0SiRMrkZR1GqlLmpwM4o26gtbHGuxq3cRtW1jrt+0TCJ3rHf6UnrJs2y7PshxQMcpyqVcNx3I8azcHJvxgBgKJeOTD5ghC1N5QV8Ks6VwQc-iNXEmzYdeKBLXoDz3r81y0A9cLWH9Qg4pEENI1zRR42y7R8uior2pMarS0a1x628THetCQdhtHbMJ0BmsGxbDsewHEcJwPRcDuyQ8dx6Os1vpT8Htez72X+zT6d0yHmIx8zkclSvjCvHH4EMkyvPJ4LvWi6KWeDX5ec6jLk1y8rs06sx6CLex1drTxm1YPXbp7Y3Bu88bp0O7m27lbPudtHqXG8pA2QA9ZDIGSs8Xgs9HzPlpsHKOodXgYDXkVDBK8sE73pNBOCCFkJoQwunPqOFeB4QIhLYa00xpKhvsXO+ZdlaPwNFXTib9tafywQ3MYTd-6txNqsZ6rhAj5hEm4OAhhiw0hgfMLAj1yCbG4FGGM3RnDLA9ssMY-BuS0B+HwGK5A0wSKQFIyYsj5EllkNmHY1xphiDPDgaGXhuDYgkP4QcXgWD1kUMEUQAQ0bBEUCwWyih-gImzNyeAyA0zMAkFgAEmVfYgCfC+Re6CN5kgkGHHB9NMQFJkJzeOIBiHwSQqhdCx8RS4QQPhc+ktlbXxVKw-O98K4sTVstTWtcP6lMEcJERvo26m07hbHuE9+72ygVQKApBvLQGWKoSUYwbaIOQegLJaD151QxOSFgRTl5kmOYQhgVTSG1IoflEWDSaFNLoTnC+jCC7MI6e87p81encJWjXd+DpjkjOEUbURgCzZd0tr3G2cyIHLNkMsMeFA0jLCqNcUgiVYHwKEFgbZ6T6R7JyQctmFyqoszwec14sdym72uTU8h9TqG0JaQwku7Spolx+SrP5L8eFa14iC7++tDpiQhe3KF0zQFwvAYPBZSyVlQGWKkBANF8XKSQYSlB2T7lwlJaVcktKI64LyUcmllzIKwWqWQuplCT6NOafQy+0tC4sO+ew-OnDn7qwFYM4FNLQV-3BeMsRQDoUzLAQPaByKEDjzRSA2FOLox4oJSAe8RLUEktNYc8k28KUGsxHmy1lTrU3KZfax5rLnXvM5bfLpnqH6V35QC3hQrXivCDWKn0ElJVTMTbMuVMaEDcl4HQZYI7oBjtoMmhBmqdmZKzXqpeVLzX5pNcU6l+bhpcyuWWxldq9VUPQI6l5RE3kcrdV87ljaelPz6a-QVH881dubuK0NkL+0wsHdG7R5B9HjXSsgH4K1sxjqQMQNMggEyskQgu4ly7cm5pJqc1d5IEQloZbau5goHVPKda81p+c62dPore3597-kDKBVgdDr6xm9smcA79Ub5lIt6J6bSHGDrSlnam+d2rdlLqDoW6ljUN1nPNY1HdFSsO3OZSe-DZ7c61qvVythSsvXNt9a2p9Abgj0ZDYx1YUqB2sYRTJW4sY4jEGRXQGk-6ThGD0MQBAWBZAQYXZ8Yg+yc2XgkDgTa67qp+fRAFoLJbHDRigFBc05YhZHrw9Wwj7K2lqfrWRzTTa+U6eo3aViWAguGZbh+vtzHI2yujUPKz3m7O0Ac8sJzLm3MeZ84J3UNnfPFPC0c1DG8AuUmwXS7m+8k4cgFqnBLuHM7Z3PURq+6XSMzXI7yyjLa8uoAK5tHaIrf7doAWViNMrbZVagdx70dwM2XaynJc4cCU3kA1S8eDwm3xIf8xVQLfWvwBZxENmT9L93YYUyAU9bKXVMImtejT5cKNcPW4C-LeA-vFffcZxrogDBWOka4bgcjeAKNLMcR7qj1GaP-X+3RHkDHmGgMY0x1QLGY8kTj2xBP7GOP6AkpAriUQeK8RiHxfiAmY+CaEnA4TIkImiQ5OJ0BudJKwCktJ6aKZgnxBOSU2MuvLwkJ7BEwXKX9f19u5qu8ADK05EKLgnNObszRYM2vk5Wllzzweqc+ephtWW73w9y4jzb2BESdt20I4NJX0fVbkgpRQBFlLRv0hITHohXg2QNywfRJozLBC8AbomywpDBA7RiAiOexzLBgs0MOEAbzBO4F49xXhRAYjBgE-SOB7IG-RoFoc2wzcQBSmlR4C6qYL0Q4WvXiJKoSbwZPhElUAcjfamycbKceRTYeQwcWKWIcfKh17zLsPVt+-6QHxgQf5+o57RM1YVA79YFcwgXQUQsVxAStAaNxAXC2d+F2RczQjAKRpByo2xeA0xKJeQ6BoAR955A43sJ8TR9Jvt-MTRWIS1E4OpV8j4XcxYz4a1L1PcMtlsfc4cfVT821z9Ul9Ir8DspIYAqg1E4BXYTtVIXprgMcTgDgCATg3oDBeBlgURlgAApc3IwZgaQR0IwXkZoc3LwZYGALeRaCQV4MkbEGlBEH4bsAARQnDPGzD-FUD0NkH8D0PWBoQMG4ECDTBgATG4ATDgF4CGAwFlCwC3HUAQGcAsMCBgGzCiD0PMRWlXEYAADFPYgjgjn4girRVwWBuxbQYjuxz8oiWAojjxTh9CUw0xjwmwkAwA9DXDHFooGwHJPZFwWBGBmgvAJxGAMRKivBuwjAiYq9yoJx7dAtmgQjJxsxUoGxggcAaVAssFpAsREQERKQypu9BdbQTR-hNpIkt4MBXhsxSBSAXhDDYl3A0wABVc0YIowCQbMcIRKRCVYiANMcI0zFjSrc4cIwQcIv9BAfwdYESDobMSDXtBI8Ii4r9CrFgx6W4pAe48YR4549oUgbMevbY83RcCEww9YIwQQTnNfNMS434+FOIXwyAIQGAKDLE8gDAZY1YxQNMBEFCDAWgJAAATW4F5DqDgC0PDEpOdFgAAC8ExZBAgfB-BeQUIMRaBywIIJxZBFBGAWSIIYYwAhDRBKStChCWT1AIJhAwx7gcBaA4kMA0xFwYjFwjiIATiqg4lGBNTtTuACSvE0wUjYiOBuxyw4kvBTDXg0wAB1AiaMGADoNUsAR0s0hEZ0iACAQID0iE4IJnA4IwCEAiXGcMn4mVCEiQNMJAZAIwboFwBwiEk0BMtVIwUgJkdZIQJgigAidMlgNMRCagdU30rUlgRcbgNsD2EMqsmsusjAeMxsrxdUjEY06s7gJY2sgmRsmwsoQ0-sk02JMAMcLsms4IQ0x0tsg48cysk0jEQ0hsk0lEQ0zs1kIQDYRACE20TMpAZMl-NMsAcoyc00usyJUs8s081stcrwOJSkScwcuAO0kc7sxYuJdyc89yL8o0tsxmL8u87s8-YMgmE4Tg8gII5oHgvQPguJZEHsDAKI1cYIZoKIicHAFCtCqI5oY8bgHPNMD42Ir4kI1E47dEgEoE5wEEtoV4gix0ryHyPyAKIKKC1iIwKI8Q5gB8j2DcUMqC2IyC8M7oaKcgaM8rGVBIxMw8lM0gE8lae0yChIiMsSlSzuBIszKABI36UQBI5+fojAFgRxM8cqHAcME0VECEpJB8+4M8LAMc0s7MKwyk7MRQKgUyqyxQQwyy48OILIPcLsXsfsQcYcUcccKcWcecJcFcdcTcbcXcfcbQ6cM8GA3KHXWfE0PsZAsLFafo9A0bTArqSbEHbfObVLYjRbD1Eg4-Mgx9WuSgxgPsGgiVKSO-KgB-bIZ-bMkSXgWgCYZg+2Xq-qpgt2DKVXDJUfOA-VULBEPXLvHKua4PXERfVqQqlfYq9fUqvAnfD3ffIghWGq71B9P1HiSgrvFq0rNq+-R-bqtoPqga27BFYax69KNKgODK43A3afELbrYPBffvNa5fPmLAkqnA0+WbFTAg-apbQ6o-Y6qjM-bAb6y69HboTsZAbAe6ka5g26vYT-f6GhK2KeJJE8LsFCfYo5ZoZoDAXkOGJYr-OIJJBACARQeQY8dktMPouYvovXbMBMMgFk0wrsdmT2G8NgbrNsMKKDQ84URxKATy8y3y7MeQFYtMFW0gYkjW-wMAMAjWuIYk48VWpmjWssU2vIjWjyjmnEgk+QLsXMMA74ySpNSikIu4kIh4p4ui8EpSIihAe4aSsKXgT42Iu42Iz20E14zIv6xxA4PQnYSDY8QQNMXUpMAQKgfmnWvQhMQ8bO64bO-01K9rHYP8TXSwMSbNP6ua8TX63XREApEtS3a3W3e3R3ctQ9abV3Ajcq3fEjaq+G7TcgwVc6gpASWUQoIAA Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.2.46 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-2-46.txl50.r.cloudfront.net Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://card-selector.td.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers date Wed, 14 Dec 2022 08:31:22 GMT via 1.1 eeeb5087a36839b2299b9c53f96feb8e.cloudfront.net (CloudFront) server nginx x-amz-cf-pop TXL50-P1 x-cache Miss from cloudfront cache-control no-cache, no-store x-amz-cf-id U93gNsdoZzrRxxkPHv2p-72mWOphlz05Yz3U7YlDJ8VN28XcKcPfLA== expires Wed, 14 Dec 2022 08:31:21 GMT
GET H/1.1	200 OK	ibs:dpid=575&dpuuid=8258321633469287016 dpm.demdex.net/ Frame 3968 Redirect Chain https://fei.pro-market.net/engine?site=141472;size=1x1;mimetype=img;du=67;csync=70278067664376496140301619823413399953 https://dpm.demdex.net/ibs:dpid=575&dpuuid=8258321633469287016	42 B 942 B	58ms 57ms	Image image/gif	52.209.194.100 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=575&dpuuid=8258321633469287016 Protocol HTTP/1.1 Server 52.209.194.100 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-209-194-100.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://td.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers DCS dcs-prod-irl1-1-v045-0e6039550.edge-irl1.demdex.com 2 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID bL4bsFq0TO4= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Content-Type image/gif Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers pragma no-cache date Wed, 14 Dec 2022 08:31:21 GMT via 1.1 google server Apache-Coyote/1.1 anserver gapp-eu-5.c.datonics-gcp-01.internal p3p CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC" access-control-allow-origin * location https://dpm.demdex.net/ibs:dpid=575&dpuuid=8258321633469287016 content-type image/gif cache-control no-cache, no-store, must-revalidate alt-svc clear content-length 0 expires Mon, 1 Jan 1990 0:0:0 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 107 B	134ms 51ms	Image image/gif	2a00:1450:4001:806::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-196335417-7&cid=96211973.1671006682&jid=484032440&_u=YCDACUAABAAAACgCI~&z=1767267616 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://card-selector.td.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers pragma no-cache date Wed, 14 Dec 2022 08:31:22 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.de/ads/	42 B 63 B	130ms 52ms	Image image/gif	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-196335417-7&cid=96211973.1671006682&jid=484032440&_u=YCDACUAABAAAACgCI~&z=1767267616 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://card-selector.td.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers pragma no-cache date Wed, 14 Dec 2022 08:31:22 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 501 B	131ms 50ms	Image image/gif	2a00:1450:4001:806::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-196335417-1&cid=96211973.1671006682&jid=1852661399&_u=YCDACUABBAAAACgCI~&z=1048193684 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://card-selector.td.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers pragma no-cache date Wed, 14 Dec 2022 08:31:22 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.de/ads/	42 B 63 B	128ms 52ms	Image image/gif	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-196335417-1&cid=96211973.1671006682&jid=1852661399&_u=YCDACUABBAAAACgCI~&z=1048193684 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://card-selector.td.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers pragma no-cache date Wed, 14 Dec 2022 08:31:22 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	noop px.owneriq.net/ Frame 3968 Redirect Chain https://px.owneriq.net/eucm/p/adpq?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D53196%26dpuuid%3D(OIQ_UUID) https://px.owneriq.net/ecc?redir=https%3a%2f%2fdpm.demdex.net%2fibs%3adpid%3d53196%26dpuuid%3dQ7242930821723160165&uid=Q7242930821723160165&ref=%2Feucm%2Fp%2Fadpq https://px.owneriq.net/noop?ct=image%2Fgif	0 287 B	37ms 37ms	Image image/gif	184.24.11.75 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://px.owneriq.net/noop?ct=image%2Fgif Protocol HTTP/1.1 Server 184.24.11.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-24-11-75.deploy.static.akamaitechnologies.com Software Apache/2.4.6 (CentOS) / PHP/7.3.33 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://td.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers P3P policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Date Wed, 14 Dec 2022 08:31:22 GMT Server Apache/2.4.6 (CentOS) Connection keep-alive X-Powered-By PHP/7.3.33 Content-Length 0 Content-Type image/gif Redirect headers Location https://px.owneriq.net/noop?ct=image%2Fgif Date Wed, 14 Dec 2022 08:31:22 GMT Server AkamaiGHost Connection keep-alive Content-Length 0
GET H/1.1	200 OK	ibs:dpid=59982&dpuuid= dpm.demdex.net/ Frame 3968 Redirect Chain https://exchange.adstanding.com/partners/aam/sync.php https://dpm.demdex.net/ibs:dpid=59982&dpuuid=	42 B 960 B	56ms 55ms	Image image/gif	52.209.194.100 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=59982&dpuuid= Protocol HTTP/1.1 Server 52.209.194.100 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-209-194-100.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://td.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers DCS dcs-prod-irl1-2-v045-001bf2e72.edge-irl1.demdex.com 1 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID w+oPC2FPQjo= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Content-Type image/gif Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private X-Error 104,300 Connection keep-alive Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers date Wed, 14 Dec 2022 08:31:22 GMT content-encoding gzip server Apache vary Accept-Encoding content-type text/html; charset=UTF-8 location https://dpm.demdex.net/ibs:dpid=59982&dpuuid= cache-control no-store expires 0
GET H2	204	v1 ads.yahoo.com/cms/ Frame 3968 Redirect Chain https://cm.everesttech.net/cm/yh https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=Y5mJ2AAAAFAnCQNn&sigv=1&esig=1~7654e8733e140865985efcc49a9b1da67636dc5f	0 194 B	630ms 37ms	Image text/plain	2a00:1288:80:807::1 YAHOO-DEB
General Check archive.org Show headers Download Go to Show image Full URL https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=Y5mJ2AAAAFAnCQNn&sigv=1&esig=1~7654e8733e140865985efcc49a9b1da67636dc5f Protocol H2 Server 2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB), Reverse DNS Software ATS / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://td.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers date Wed, 14 Dec 2022 08:31:23 GMT strict-transport-security max-age=15552000 cache-control no-store x-content-type-options nosniff server ATS expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" x-xss-protection 1; mode=block Redirect headers Location https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=Y5mJ2AAAAFAnCQNn&sigv=1&esig=1~7654e8733e140865985efcc49a9b1da67636dc5f Date Wed, 14 Dec 2022 08:31:22 GMT Cache-Control no-cache Server AMO-cookiemap/1.1 Connection keep-alive Content-Length 0 P3P CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
GET H/1.1	200 OK	ecm3 s.amazon-adsystem.com/ Frame 3968 Redirect Chain https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433 https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433&dcc=t https://dpm.demdex.net/ibs:dpid=139200&dpuuid=i2FbYOX0QT-5oxmGHY8g8A&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=70278067664376496140301619823413399953	43 B 479 B	123ms 123ms	Image image/gif	52.46.143.56 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=70278067664376496140301619823413399953 Protocol HTTP/1.1 Server 52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://td.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers Pragma no-cache Date Wed, 14 Dec 2022 08:31:23 GMT Strict-Transport-Security max-age=47474747; includeSubDomains; preload Server Server x-amz-rid A6109M014ZYQW6TYNC3A Vary Content-Type,Accept-Encoding,User-Agent Content-Type image/gif Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers DCS dcs-prod-irl1-1-v045-0078884aa.edge-irl1.demdex.com 2 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains X-TID P2WySKl5TSQ= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Location https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=70278067664376496140301619823413399953 Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 UTC