Submitted URL: https://www.atbonline.com/ATB/login.aspx
Effective URL: https://identity.auth.atb.com/login?state=hKFo2SBKaE5ZemdYVzZlakg2TDhMbjlJblNUT0pZSzFXSWdUMqFupWxvZ2luo3RpZNkgOXVWTkVEZVlaS2g2...
Submission: On February 23 via manual from US — Scanned from CA

Summary

This website contacted 15 IPs in 2 countries across 10 domains to perform 47 HTTP transactions. The main IP is 107.162.183.6, located in United States and belongs to DEFENSE-NET, US. The main domain is identity.auth.atb.com. The Cisco Umbrella rank of the primary domain is 689407.
TLS certificate: Issued by Entrust Certification Authority - L1K on June 28th 2022. Valid for: a year.
This is the only time identity.auth.atb.com was scanned on urlscan.io!

urlscan.io Verdict: No classification


Live information

Domain & IP information

IP Address AS Autonomous System
2 2 142.241.241.10 14873 (ATB)
17 34.107.145.12 396982 (GOOGLE-CL...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 35.241.48.88 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
6 151.101.1.35 54113 (FASTLY)
1 3 107.162.183.6 55002 (DEFENSE-NET)
1 104.77.231.184 16625 (AKAMAI-AS)
4 2606:4700:e2:... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
2 34.120.4.36 396982 (GOOGLE-CL...)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
47 15
Apex Domain
Subdomains
Transfer
23 atb.com
personal.atb.com
www.atb.com — Cisco Umbrella Rank: 805641
identity.auth.atb.com — Cisco Umbrella Rank: 689407
verify.auth.atb.com
5 MB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 36
firebaseinstallations.googleapis.com — Cisco Umbrella Rank: 567
firebaseremoteconfig.googleapis.com — Cisco Umbrella Rank: 477
5 KB
6 paypal.com
c.paypal.com — Cisco Umbrella Rank: 5801
chd.stats.paypal.com Failed
c6.paypal.com — Cisco Umbrella Rank: 6754
44 KB
4 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 856
88 KB
2 postescanada-canadapost.ca
ws1.postescanada-canadapost.ca — Cisco Umbrella Rank: 74082
26 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 44
123 KB
2 atbonline.com
www.atbonline.com
256 B
1 gstatic.com
fonts.gstatic.com
17 KB
1 typography.com
cloud.typography.com — Cisco Umbrella Rank: 5883
296 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
254 B
47 10
Domain Requested by
17 personal.atb.com personal.atb.com
identity.auth.atb.com
5 c.paypal.com personal.atb.com
c.paypal.com
4 use.fontawesome.com identity.auth.atb.com
use.fontawesome.com
3 identity.auth.atb.com 1 redirects personal.atb.com
identity.auth.atb.com
2 firebaseremoteconfig.googleapis.com identity.auth.atb.com
2 firebaseinstallations.googleapis.com identity.auth.atb.com
2 verify.auth.atb.com identity.auth.atb.com
2 fonts.googleapis.com identity.auth.atb.com
client
2 ws1.postescanada-canadapost.ca personal.atb.com
2 www.googletagmanager.com personal.atb.com
identity.auth.atb.com
2 www.atbonline.com 2 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 cloud.typography.com identity.auth.atb.com
1 c6.paypal.com
1 www.google-analytics.com www.googletagmanager.com
1 www.atb.com personal.atb.com
0 chd.stats.paypal.com Failed
47 17

This site contains links to these domains. Also see Links.

Domain
www.atb.com
Subject Issuer Validity Valid
personal.atb.com
Entrust Certification Authority - L1K
2022-09-11 -
2023-10-11
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-02-01 -
2023-04-26
3 months crt.sh
www.atb.com
Entrust Certification Authority - L1K
2023-01-04 -
2024-01-25
a year crt.sh
ws1.postescanada-canadapost.ca
Entrust Certification Authority - L1K
2022-03-15 -
2023-03-28
a year crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA
2022-11-10 -
2023-11-10
a year crt.sh
*.auth.atb.com
Entrust Certification Authority - L1K
2022-06-28 -
2023-07-27
a year crt.sh
*.typography.com
DigiCert TLS RSA SHA256 2020 CA1
2022-04-03 -
2023-04-03
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-06 -
2023-06-05
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-02-01 -
2023-04-26
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-02-01 -
2023-04-26
3 months crt.sh

This page contains 3 frames:

Primary Page: https://identity.auth.atb.com/login?state=hKFo2SBKaE5ZemdYVzZlakg2TDhMbjlJblNUT0pZSzFXSWdUMqFupWxvZ2luo3RpZNkgOXVWTkVEZVlaS2g2R2c2VGw4NmMyV0NEbXpZV0FnN02jY2lk2SB6aEF4aU9GdjZjNWZDNG5pR0FIN3BMRkVncHRldjByQQ&client=zhAxiOFv6c5fC4niGAH7pLFEgptev0rA&protocol=oauth2&audience=https%3A%2F%2Fapi.atb.com%2F&redirect_uri=https%3A%2F%2Fpersonal.atb.com&realm=RetailPing&pmData=null&platformVersion=c2a69efd&session=15ccdfa465584fcb8cd31b7f0801dff4&scope=openid%20profile%20email&response_type=code&response_mode=query&nonce=Y1JjQTJYVFZVS1F0b0VnTUNSeGdwb2JILlBsbDFSN0lqSEZjTEZRWGN3RQ%3D%3D&code_challenge=s4tbWG4m9k90JqIydCDQlI96DfQ1BGehz6aupjSbBjY&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMTUuMCJ9
Frame ID: FA49793B8034EAB9B054CCCFD1FF1A83
Requests: 40 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: 27F1E3618F866C83955C0891ECC9E77C
Requests: 5 HTTP requests in this frame

Frame: https://chd.stats.paypal.com/v2/counter2.cgi?p=15ccdfa465584fcb8cd31b7f0801dff4&s=simility_rda
Frame ID: 019FC31F6EAD7E2BE6DDA91A6ABBFBF2
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

ATB Personal BankingClear buttonClear buttonShow button

Page URL History Show full URLs

  1. https://www.atbonline.com/ATB/login.aspx HTTP 302
    https://personal.atb.com/ Page URL
  2. https://identity.auth.atb.com/authorize?audience=https%3A%2F%2Fapi.atb.com%2F&client_id=zhAxiOFv6c5fC4niGA... HTTP 302
    https://identity.auth.atb.com/login?state=hKFo2SBKaE5ZemdYVzZlakg2TDhMbjlJblNUT0pZSzFXSWdUMqFupWxvZ2luo3Rp... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

47
Requests

94 %
HTTPS

53 %
IPv6

10
Domains

17
Subdomains

15
IPs

2
Countries

5027 kB
Transfer

6128 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.atbonline.com/ATB/login.aspx HTTP 302
    https://personal.atb.com/ Page URL
  2. https://identity.auth.atb.com/authorize?audience=https%3A%2F%2Fapi.atb.com%2F&client_id=zhAxiOFv6c5fC4niGAH7pLFEgptev0rA&redirect_uri=https%3A%2F%2Fpersonal.atb.com&realm=RetailPing&pmData=null&platformVersion=c2a69efd&session=15ccdfa465584fcb8cd31b7f0801dff4&scope=openid%20profile%20email&response_type=code&response_mode=query&state=RzJYbFJDTmhyajhELkROVmFyZ291bmNUM1hTYm1wZWxIYUMuT1dnR0JKRQ%3D%3D&nonce=Y1JjQTJYVFZVS1F0b0VnTUNSeGdwb2JILlBsbDFSN0lqSEZjTEZRWGN3RQ%3D%3D&code_challenge=s4tbWG4m9k90JqIydCDQlI96DfQ1BGehz6aupjSbBjY&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMTUuMCJ9 HTTP 302
    https://identity.auth.atb.com/login?state=hKFo2SBKaE5ZemdYVzZlakg2TDhMbjlJblNUT0pZSzFXSWdUMqFupWxvZ2luo3RpZNkgOXVWTkVEZVlaS2g2R2c2VGw4NmMyV0NEbXpZV0FnN02jY2lk2SB6aEF4aU9GdjZjNWZDNG5pR0FIN3BMRkVncHRldjByQQ&client=zhAxiOFv6c5fC4niGAH7pLFEgptev0rA&protocol=oauth2&audience=https%3A%2F%2Fapi.atb.com%2F&redirect_uri=https%3A%2F%2Fpersonal.atb.com&realm=RetailPing&pmData=null&platformVersion=c2a69efd&session=15ccdfa465584fcb8cd31b7f0801dff4&scope=openid%20profile%20email&response_type=code&response_mode=query&nonce=Y1JjQTJYVFZVS1F0b0VnTUNSeGdwb2JILlBsbDFSN0lqSEZjTEZRWGN3RQ%3D%3D&code_challenge=s4tbWG4m9k90JqIydCDQlI96DfQ1BGehz6aupjSbBjY&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMTUuMCJ9 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://www.atbonline.com/ATB/login.aspx HTTP 302
  • https://personal.atb.com/
Request Chain 23
  • https://b.stats.paypal.com/v2/counter.cgi?p=15ccdfa465584fcb8cd31b7f0801dff4&s=simility_rda HTTP 302
  • https://chd.stats.paypal.com/v2/counter2.cgi?p=15ccdfa465584fcb8cd31b7f0801dff4&s=simility_rda
Request Chain 30
  • https://www.atbonline.com/ATB/Themes/558450/5744869DEF9B13858.css HTTP 302
  • https://personal.atb.com/

47 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
personal.atb.com/
Redirect Chain
  • https://www.atbonline.com/ATB/login.aspx
  • https://personal.atb.com/
3 KB
4 KB
Document
General
Full URL
https://personal.atb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.145.12 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.145.107.34.bc.googleusercontent.com
Software
nginx/1.17.7 /
Resource Hash
29228b69f3edb83441246d50804235451b6d6d0616ec3d5e1566bd841f204621
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' https://*.atb.com https://*.qualtrics.com https://*.postescanada-canadapost.ca https://c.paypal.com https://*.stats.paypal.com data:; frame-src https://*.moneydesktop.com https://*.atb.com https://*.qualtrics.com https://*.atbonline.com https://c.paypal.com; script-src 'self' https://www.googletagmanager.com https://*.qualtrics.com https://*.postescanada-canadapost.ca https://c.paypal.com; style-src https://*.atb.com https://www.atbonline.com https://*.postescanada-canadapost.ca 'self' 'unsafe-inline' https://fonts.googleapis.com; connect-src 'self' https://api.avo.app https://*.mixpanel.com https://*.atb.com https://*.qualtrics.com https://*.google-analytics.com https://*.googleapis.com https://*.postescanada-canadapost.ca; font-src https://*.atb.com 'self' https://fonts.gstatic.com https://*.postescanada-canadapost.ca data:; object-src 'none'; frame-ancestors https://*.atbprosper.com https://*.finn.ai https://*.atbcloud.net https://*.atb.com
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2705
content-security-policy
default-src 'self'; img-src 'self' https://*.atb.com https://*.qualtrics.com https://*.postescanada-canadapost.ca https://c.paypal.com https://*.stats.paypal.com data:; frame-src https://*.moneydesktop.com https://*.atb.com https://*.qualtrics.com https://*.atbonline.com https://c.paypal.com; script-src 'self' https://www.googletagmanager.com https://*.qualtrics.com https://*.postescanada-canadapost.ca https://c.paypal.com; style-src https://*.atb.com https://www.atbonline.com https://*.postescanada-canadapost.ca 'self' 'unsafe-inline' https://fonts.googleapis.com; connect-src 'self' https://api.avo.app https://*.mixpanel.com https://*.atb.com https://*.qualtrics.com https://*.google-analytics.com https://*.googleapis.com https://*.postescanada-canadapost.ca; font-src https://*.atb.com 'self' https://fonts.gstatic.com https://*.postescanada-canadapost.ca data:; object-src 'none'; frame-ancestors https://*.atbprosper.com https://*.finn.ai https://*.atbcloud.net https://*.atb.com
content-type
text/html
date
Thu, 23 Feb 2023 16:41:10 GMT
etag
"63f683a3-a91"
last-modified
Wed, 22 Feb 2023 21:05:39 GMT
server
nginx/1.17.7
strict-transport-security
max-age=15768000; includeSubDomains; preload
via
1.1 google
x-content-type-options
nosniff
x-frame-options
deny
x-xss-protection
1; mode=block

Redirect headers

Connection
Keep-Alive
Content-Length
0
Location
https://personal.atb.com
Server
BigIP
prodEnvConfig.js
personal.atb.com/assets/scripts/
1 KB
1 KB
Script
General
Full URL
https://personal.atb.com/assets/scripts/prodEnvConfig.js
Requested by
Host: personal.atb.com
URL: https://personal.atb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.145.12 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.145.107.34.bc.googleusercontent.com
Software
nginx/1.17.7 /
Resource Hash
68aa6cd546c93e46277f45eaf364f6a078421fd1b7691d609df3a8f88b8593b5
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' https://*.atb.com https://*.qualtrics.com https://*.postescanada-canadapost.ca https://c.paypal.com https://*.stats.paypal.com data:; frame-src https://*.moneydesktop.com https://*.atb.com https://*.qualtrics.com https://*.atbonline.com https://c.paypal.com; script-src 'self' https://www.googletagmanager.com https://*.qualtrics.com https://*.postescanada-canadapost.ca https://c.paypal.com; style-src https://*.atb.com https://www.atbonline.com https://*.postescanada-canadapost.ca 'self' 'unsafe-inline' https://fonts.googleapis.com; connect-src 'self' https://api.avo.app https://*.mixpanel.com https://*.atb.com https://*.qualtrics.com https://*.google-analytics.com https://*.googleapis.com https://*.postescanada-canadapost.ca; font-src https://*.atb.com 'self' https://fonts.gstatic.com https://*.postescanada-canadapost.ca data:; object-src 'none'; frame-ancestors https://*.atbprosper.com https://*.finn.ai https://*.atbcloud.net https://*.atb.com
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://personal.atb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 16:41:10 GMT
content-security-policy
default-src 'self'; img-src 'self' https://*.atb.com https://*.qualtrics.com https://*.postescanada-canadapost.ca https://c.paypal.com https://*.stats.paypal.com data:; frame-src https://*.moneydesktop.com https://*.atb.com https://*.qualtrics.com https://*.atbonline.com https://c.paypal.com; script-src 'self' https://www.googletagmanager.com https://*.qualtrics.com https://*.postescanada-canadapost.ca https://c.paypal.com; style-src https://*.atb.com https://www.atbonline.com https://*.postescanada-canadapost.ca 'self' 'unsafe-inline' https://fonts.googleapis.com; connect-src 'self' https://api.avo.app https://*.mixpanel.com https://*.atb.com https://*.qualtrics.com https://*.google-analytics.com https://*.googleapis.com https://*.postescanada-canadapost.ca; font-src https://*.atb.com 'self' https://fonts.gstatic.com https://*.postescanada-canadapost.ca data:; object-src 'none'; frame-ancestors https://*.atbprosper.com https://*.finn.ai https://*.atbcloud.net https://*.atb.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000; includeSubDomains; preload
last-modified
Wed, 22 Feb 2023 19:01:52 GMT
server
nginx/1.17.7
via
1.1 google
etag
"63f666a0-4de"
x-frame-options
deny
content-type
application/javascript
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1246
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/
216 KB
76 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-C84DLBZWXT
Requested by
Host: personal.atb.com
URL: https://personal.atb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2008 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a067768cb192524f3da30c3ac2b635e3657b043a11ec1141d6ae3f282407a277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://personal.atb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 16:41:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77330
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 23 Feb 2023 16:41:10 GMT
gaInit.js
personal.atb.com/assets/scripts/
245 B
327 B
Script
General
Full URL
https://personal.atb.com/assets/scripts/gaInit.js
Requested by
Host: personal.atb.com
URL: https://personal.atb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.145.12 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.145.107.34.bc.googleusercontent.com
Software
nginx/1.17.7 /
Resource Hash
8c6aed849a1905bcbfd003ec51ad4339ac8e239dc48dff2c8f11168f5abcd36b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' https://*.atb.com https://*.qualtrics.com https://*.postescanada-canadapost.ca https://c.paypal.com https://*.stats.paypal.com data:; frame-src https://*.moneydesktop.com https://*.atb.com https://*.qualtrics.com https://*.atbonline.com https://c.paypal.com; script-src 'self' https://www.googletagmanager.com https://*.qualtrics.com https://*.postescanada-canadapost.ca https://c.paypal.com; style-src https://*.atb.com https://www.atbonline.com https://*.postescanada-canadapost.ca 'self' 'unsafe-inline' https://fonts.googleapis.com; connect-src 'self' https://api.avo.app https://*.mixpanel.com https://*.atb.com https://*.qualtrics.com https://*.google-analytics.com https://*.googleapis.com https://*.postescanada-canadapost.ca; font-src https://*.atb.com 'self' https://fonts.gstatic.com https://*.postescanada-canadapost.ca data:; object-src 'none'; frame-ancestors https://*.atbprosper.com https://*.finn.ai https://*.atbcloud.net https://*.atb.com
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://personal.atb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 16:41:10 GMT
content-security-policy
default-src 'self'; img-src 'self' https://*.atb.com https://*.qualtrics.com https://*.postescanada-canadapost.ca https://c.paypal.com https://*.stats.paypal.com data:; frame-src https://*.moneydesktop.com https://*.atb.com https://*.qualtrics.com https://*.atbonline.com https://c.paypal.com; script-src 'self' https://www.googletagmanager.com https://*.qualtrics.com https://*.postescanada-canadapost.ca https://c.paypal.com; style-src https://*.atb.com https://www.atbonline.com https://*.postescanada-canadapost.ca 'self' 'unsafe-inline' https://fonts.googleapis.com; connect-src 'self' https://api.avo.app https://*.mixpanel.com https://*.atb.com https://*.qualtrics.com https://*.google-analytics.com https://*.googleapis.com https://*.postescanada-canadapost.ca; font-src https://*.atb.com 'self' https://fonts.gstatic.com https://*.postescanada-canadapost.ca data:; object-src 'none'; frame-ancestors https://*.atbprosper.com https://*.finn.ai https://*.atbcloud.net https://*.atb.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000; includeSubDomains; preload
last-modified
Wed, 22 Feb 2023 19:01:52 GMT
server
nginx/1.17.7
via
1.1 google
etag
"63f666a0-f5"
x-frame-options
deny
content-type
application/javascript
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
245
x-xss-protection
1; mode=block
rsa.js
personal.atb.com/assets/scripts/
38 KB
38 KB
Script
General
Full URL
https://personal.atb.com/assets/scripts/rsa.js
Requested by
Host: personal.atb.com
URL: https://personal.atb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.145.12 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.145.107.34.bc.googleusercontent.com
Software
nginx/1.17.7 /
Resource Hash
7f91e443482a6f9c755c7c1fe7b96cd2cc7bbfce2a1e6710cfc2774a31f34be6
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' https://*.atb.com https://*.qualtrics.com https://*.postescanada-canadapost.ca https://c.paypal.com https://*.stats.paypal.com data:; frame-src https://*.moneydesktop.com https://*.atb.com https://*.qualtrics.com https://*.atbonline.com https://c.paypal.com; script-src 'self' https://www.googletagmanager.com https://*.qualtrics.com https://*.postescanada-canadapost.ca https://c.paypal.com; style-src https://*.atb.com https://www.atbonline.com https://*.postescanada-canadapost.ca 'self' 'unsafe-inline' https://fonts.googleapis.com; connect-src 'self' https://api.avo.app https://*.mixpanel.com https://*.atb.com https://*.qualtrics.com https://*.google-analytics.com https://*.googleapis.com https://*.postescanada-canadapost.ca; font-src https://*.atb.com 'self' https://fonts.gstatic.com https://*.postescanada-canadapost.ca data:; object-src 'none'; frame-ancestors https://*.atbprosper.com https://*.finn.ai https://*.atbcloud.net https://*.atb.com
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://personal.atb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 16:41:10 GMT
content-security-policy
default-src 'self'; img-src 'self' https://*.atb.com https://*.qualtrics.com https://*.postescanada-canadapost.ca https://c.paypal.com https://*.stats.paypal.com data:; frame-src https://*.moneydesktop.com https://*.atb.com https://*.qualtrics.com https://*.atbonline.com https://c.paypal.com; script-src 'self' https://www.googletagmanager.com https://*.qualtrics.com https://*.postescanada-canadapost.ca https://c.paypal.com; style-src https://*.atb.com https://www.atbonline.com https://*.postescanada-canadapost.ca 'self' 'unsafe-inline' https://fonts.googleapis.com; connect-src 'self' https://api.avo.app https://*.mixpanel.com https://*.atb.com https://*.qualtrics.com https://*.google-analytics.com https://*.googleapis.com https://*.postescanada-canadapost.ca; font-src https://*.atb.com 'self' https://fonts.gstatic.com https://*.postescanada-canadapost.ca data:; object-src 'none'; frame-ancestors https://*.atbprosper.com https://*.finn.ai https://*.atbcloud.net https://*.atb.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000; includeSubDomains; preload
last-modified
Wed, 22 Feb 2023 19:01:52 GMT
server
nginx/1.17.7
via
1.1 google
etag
"63f666a0-96c8"
x-frame-options
deny
content-type
application/javascript
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38600
x-xss-protection
1; mode=block
qualtrics.js
personal.atb.com/assets/scripts/
2 KB
2 KB
Script
General
Full URL
https://personal.atb.com/assets/scripts/qualtrics.js
Requested by
Host: personal.atb.com
URL: https://personal.atb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.145.12 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.145.107.34.bc.googleusercontent.com
Software
nginx/1.17.7 /
Resource Hash
9049b6cd2a18d27e2794ef8258ff3ff785ec341b52dcd255d512977036951bc7
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' https://*.atb.com https://*.qualtrics.com https://*.postescanada-canadapost.ca https://c.paypal.com https://*.stats.paypal.com data:; frame-src https://*.moneydesktop.com https://*.atb.com https://*.qualtrics.com https://*.atbonline.com https://c.paypal.com; script-src 'self' https://www.googletagmanager.com https://*.qualtrics.com https://*.postescanada-canadapost.ca https://c.paypal.com; style-src https://*.atb.com https://www.atbonline.com https://*.postescanada-canadapost.ca 'self' 'unsafe-inline' https://fonts.googleapis.com; connect-src 'self' https://api.avo.app https://*.mixpanel.com https://*.atb.com https://*.qualtrics.com https://*.google-analytics.com https://*.googleapis.com https://*.postescanada-canadapost.ca; font-src https://*.atb.com 'self' https://fonts.gstatic.com https://*.postescanada-canadapost.ca data:; object-src 'none'; frame-ancestors https://*.atbprosper.com https://*.finn.ai https://*.atbcloud.net https://*.atb.com
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://personal.atb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 16:41:10 GMT
content-security-policy
default-src 'self'; img-src 'self' https://*.atb.com https://*.qualtrics.com https://*.postescanada-canadapost.ca https://c.paypal.com https://*.stats.paypal.com data:; frame-src https://*.moneydesktop.com https://*.atb.com https://*.qualtrics.com https://*.atbonline.com https://c.paypal.com; script-src 'self' https://www.googletagmanager.com https://*.qualtrics.com https://*.postescanada-canadapost.ca https://c.paypal.com; style-src https://*.atb.com https://www.atbonline.com https://*.postescanada-canadapost.ca 'self' 'unsafe-inline' https://fonts.googleapis.com; connect-src 'self' https://api.avo.app https://*.mixpanel.com https://*.atb.com https://*.qualtrics.com https://*.google-analytics.com https://*.googleapis.com https://*.postescanada-canadapost.ca; font-src https://*.atb.com 'self' https://fonts.gstatic.com https://*.postescanada-canadapost.ca data:; object-src 'none'; frame-ancestors https://*.atbprosper.com https://*.finn.ai https://*.atbcloud.net https://*.atb.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000; includeSubDomains; preload
last-modified
Wed, 22 Feb 2023 19:01:52 GMT
server
nginx/1.17.7
via
1.1 google
etag
"63f666a0-847"
x-frame-options
deny
content-type
application/javascript
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2119
x-xss-protection
1; mode=block
index.css
personal.atb.com/
739 B
828 B
Stylesheet
General
Full URL
https://personal.atb.com/index.css
Requested by
Host: personal.atb.com
URL: https://personal.atb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.145.12 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.145.107.34.bc.googleusercontent.com
Software
nginx/1.17.7 /
Resource Hash
40a7f0dc9ecd558b2da98bb67d3257184530e713474922fde3254cfdcd21751c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' https://*.atb.com https://*.qualtrics.com https://*.postescanada-canadapost.ca https://c.paypal.com https://*.stats.paypal.com data:; frame-src https://*.moneydesktop.com https://*.atb.com https://*.qualtrics.com https://*.atbonline.com https://c.paypal.com; script-src 'self' https://www.googletagmanager.com https://*.qualtrics.com https://*.postescanada-canadapost.ca https://c.paypal.com; style-src https://*.atb.com https://www.atbonline.com https://*.postescanada-canadapost.ca 'self' 'unsafe-inline' https://fonts.googleapis.com; connect-src 'self' https://api.avo.app https://*.mixpanel.com https://*.atb.com https://*.qualtrics.com https://*.google-analytics.com https://*.googleapis.com https://*.postescanada-canadapost.ca; font-src https://*.atb.com 'self' https://fonts.gstatic.com https://*.postescanada-canadapost.ca data:; object-src 'none'; frame-ancestors https://*.atbprosper.com https://*.finn.ai https://*.atbcloud.net https://*.atb.com
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://personal.atb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 16:41:10 GMT
content-security-policy
default-src 'self'; img-src 'self' https://*.atb.com https://*.qualtrics.com https://*.postescanada-canadapost.ca https://c.paypal.com https://*.stats.paypal.com data:; frame-src https://*.moneydesktop.com https://*.atb.com https://*.qualtrics.com https://*.atbonline.com https://c.paypal.com; script-src 'self' https://www.googletagmanager.com https://*.qualtrics.com https://*.postescanada-canadapost.ca https://c.paypal.com; style-src https://*.atb.com https://www.atbonline.com https://*.postescanada-canadapost.ca 'self' 'unsafe-inline' https://fonts.googleapis.com; connect-src 'self' https://api.avo.app https://*.mixpanel.com https://*.atb.com https://*.qualtrics.com https://*.google-analytics.com https://*.googleapis.com https://*.postescanada-canadapost.ca; font-src https://*.atb.com 'self' https://fonts.gstatic.com https://*.postescanada-canadapost.ca data:; object-src 'none'; frame-ancestors https://*.atbprosper.com https://*.finn.ai https://*.atbcloud.net https://*.atb.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000; includeSubDomains; preload
last-modified
Wed, 22 Feb 2023 19:01:52 GMT
server
nginx/1.17.7
via
1.1 google
etag
"63f666a0-2e3"
x-frame-options
deny
content-type
text/css
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
739
x-xss-protection
1; mode=block
index.css
www.atb.com/Static/fonts/
8 KB
6 KB
Stylesheet
General
Full URL
https://www.atb.com/Static/fonts/index.css
Requested by
Host: personal.atb.com
URL: https://personal.atb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:f677 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
987449e4b4b047f1d50a5d348541f0ad0f5b586dfaeed91af0ccca7d24dee6a7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; report-uri https://csp.atbaux.com/csp-error; default-src 'none'; connect-src 'self' https: https://tr.snapchat.com https://www.atb.com/ https://www.facebook.com https://ajax.googleapis.com https://forms.hsforms.com/emailcheck/v1/ https://ct.pinterest.com/md/ https://web-atbva-uat.k8s-prod-na.finn.ai/api/v1/finn-chat/ https://web-atbva-prod.k8s-prod-na.finn.ai/api/v1/finn-chat/ https://web-atbva-uat.k8s-prod-na.finn.ai/ https://web-atbva-prod.k8s-prod-na.finn.ai/ https://msg-atbva-uat.k8s-prod-na.finn.ai/subscriptions/finnChat/ https://msg-atbva-prod.k8s-prod-na.finn.ai/subscriptions/finnChat/ wss://msg-atbva-uat.k8s-prod-na.finn.ai/ wss://msg-atbva-prod.k8s-prod-na.finn.ai/ https://msg-atbva-prod.k8s-prod-na.finn.ai/ https://cdn.siteimprove.net https://superscribe.atbaux.com https://api.genesyscloud.com https://www.google-analytics.com/ https://dc.services.visualstudio.com/v2/track https://siteintercept.qualtrics.com https://atb.postclickmarketing.com https://interactive.atb.com https://vimeo.com https://rates.atbaux.com/ https://tags.srv.stackadapt.com/ https://ct.pinterest.com/user/ https://q.quora.com/ https://stats.g.doubleclick.net https://east.srv.stackadapt.com https://uw.srv.stackadapt.com https://bat.bing.com https://analytics.google.com https://eu.srv.stackadapt.com https://www.google.ca/ads/ga-audiences https://www.google.com/pagead/landing https://s.yimg.com https://maps.googleapis.com https://api.hubapi.com; base-uri 'none'; font-src 'self' data: https://maxcdn.bootstrapcdn.com https://fonts.gstatic.com; form-action https://www.facebook.com https://tr.snapchat.com https://forms.hsforms.com https://tr.snapchat.com/p https://tr.snapchat.com/cm/i https://feedback.atb.com; frame-ancestors 'none'; style-src 'self' 'unsafe-inline' https://tags.srv.stackadapt.com https://cloud.typography.com https://maxcdn.bootstrapcdn.com/font-awesome/ https://web-atbva-uat.k8s-prod-na.finn.ai/webchat/static/styles/styles.css https://fonts.googleapis.com https://tagmanager.google.com https://www.googletagmanager.com https://east.srv.stackadapt.com https://uw.srv.stackadapt.com https://eu.srv.stackadapt.com https://optimize.google.com/optimize/editor/css/css.css; script-src 'self' https: https://zn5hxoymepfxxwpmj-atbfeedback.siteintercept.qualtrics.com 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https://zn5hxoymepfxxwpmj-atbfeedback.siteintercept.qualtrics.com https://siteintercept.qualtrics.com https://www.google.com/recaptcha/api.js https://www.google.com/recaptcha/enterprise.js https://www.googletagmanager.com/ https://www.google-analytics.com https://tagmanager.google.com https://az416426.vo.msecnd.net/scripts/a/ai.0.js https://maps.googleapis.com/maps/api/js https://adservice.google.com/ https://adservice.google.com/* https://www.google.com/ads/ga-audiences https://js.hs-scripts.com/4764334.js https://js.hsforms.net/forms/v2.js https://forms.hsforms.com/ https://forms.hsforms.com/submissions/v3/public/submit/formsnext/multipart/ https://znbd9nr9vkcjqslin-atbfeedback.siteintercept.qualtrics.com https://dl.episerver.net/13.2.4/epi-util/find.js https://js.hs-analytics.net/analytics/1563383400000/4764334.js https://www.workable.com/api/accounts/377831 https://www.workable.com/assets/embed.js https://extend.vimeocdn.com/ga/10780070.js https://zn5hxoymepfxxwpmj-atbfeedback.siteintercept.qualtrics.com/WRSiteInterceptEngine/ https://code.jquery.com/jquery-3.4.1.min.js https://sc-static.net/ https://static.ads-twitter.com/uwt.js https://analytics.twitter.com/i/ https://connect.facebook.net/en_US/fbevents.js https://connect.facebook.net/signals/config/ https://www.youtube.com/s/player/* https://cdn.jsdelivr.net/npm/vue@2.6.10/dist/vue.runtime.min.js https://snap.licdn.com/li.lms-analytics/insight.min.js https://s.pinimg.com/ct/core.js https://s.pinimg.com/ct/lib/ https://a.quora.com/qevents.js https://tags.srv.stackadapt.com/events.js https://east.srv.stackadapt.com/events.js https://uw.srv.stackadapt.com/events.js https://eu.srv.stackadapt.com/events.js https://platform.twitter.com/oct.js https://static.ads-twitter.com/oct.js https://www.youtube.com/iframe_api https://s.ytimg.com/yts/jsbin/ https://secure.quantserve.com/quant.js https://edge.quantserve.com/quant.js https://js.hs-banner.com https://apply.workable.com https://www.google.com/ads/ga-audiences* https://s.mitaa.io/dtag.min.js https://ionfiles.scribblecdn.net/scripts/ionizer-1.2.min.js http://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js https://web-atbva-uat.k8s-prod-na.finn.ai/webchat/static/ https://js.hs-banner.com/4764334.js https://bat.bing.com https://clarity.microsoft.com https://9897839.fls.doubleclick.net https://web-atbva-uat.k8s-prod-na.finn.ai/webchat/static/bundle.js https://web-atbva-uat.k8s-prod-na.finn.ai/webchat/static/config.js https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js https://siteimproveanalytics.com/js/siteanalyze_77682.js https://siteimproveanalytics.com/ 'sha256-AoNQZpaRmemSTxMy9xcqXX5VLwI6IMPYugO7bFHOW+U=' 'sha256-VazP97ZCwtekAsvgPBSUwPFKdrwD3unUfSGVYrahUqU=' 'sha256-CSXorXvZcTkaix6Yvo6HppcZGetbYMGWSFlBw8HfCJo=' 'sha256-27gTObPp0STAt+fV8fwrG9pRwkVFaEg7ZHzBv6L0yto=' 'sha256-2bKthQiZc2RXXJ2zuNdQgergsosNJNO0j0pY5/AMUKE=' 'sha256-3ZrSyKXyfCBhxmUPydg8a9mgpCxBzKb9p2d6IFRh3+Q=' 'sha256-kiNksdOX+M4g0/nMTqaTImuB/PHpOdvlQF6VaBmvnoE=' 'sha256-fmBnciP22+IeufKiwett0ScrQcvXA2ltLjO5AkOn/eQ=' 'sha256-GxB2ppK+t1dQ/6WHfZRc7UJL/ct7a59qHKzBE/c1SzE=' 'sha256-kN2TxtGds1lhWybMfEoIXWeS4x4Enya8DiiyBAbeyHs=' 'sha256-olgZwKESUKBk5MwFwAYxCIamu4KAcRjk5VqnZxOlat0=' 'sha256-rXnvrupdVgmIsBg96vSU/gV2uQjZSH3AKma5y9FlGaU=' 'nonce-JVUHFuyc3484OguvmdqnSk95QXtXZ0PrYUPMVvYTUC8='; img-src 'self' data: *; frame-src https://www.facebook.com https://tr6.snapchat.com https://www.pinterest.com https://tr.snapchat.com https://verify.auth.atb.com/ https://verify-uat.auth-dev.atb.com/ https://www.googletagmanager.com https://va.atb.com/ https://virtual-assist-prod.atb.com/ https://virtual-assist-uat.atb.com/ https://web-atbva-prod.k8s-prod-na.finn.ai/ https://bank-api-gateway-atbva-prod.k8s-prod-na.finn.ai https://bank-api-gateway-atbva-prod.k8s-prod-na.finn.ai/ https://identity-prod.auth-dev.atb.com/ https://identity.auth.atb.com/ https://web-atbva-uat.k8s-prod-na.finn.ai/ https://bank-api-gateway-atbva-uat.k8s-prod-na.finn.ai https://bank-api-gateway-atbva-uat.k8s-prod-na.finn.ai/ https://identity-uat.auth-dev.atb.com/ https://8389598.fls.doubleclick.net/ https://www.google.com https://stats.g.doubleclick.net/ https://siteintercept.qualtrics.com/ https://feedback.atb.com/ https://www.youtube.com/ https://player.vimeo.com/ https://atb.postclickmarketing.com/ https://interactive.atb.com/ https://forms.hsforms.com/ https://tr.snapchat.com/ https://www.atbonline.com/ https://app.hubspot.com/ https://9897839.fls.doubleclick.net https://bid.g.doubleclick.net/ https://10829704.fls.doubleclick.net/ https://finn-demo-assets.finn.ai/ https://personal.atb.com/ https://www.pinterest.ca/ https://ct.pinterest.com/ https://optimize.google.com/; manifest-src 'self'; child-src 'none'; object-src 'self';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://personal.atb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 16:41:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests; report-uri https://csp.atbaux.com/csp-error; default-src 'none'; connect-src 'self' https: https://tr.snapchat.com https://www.atb.com/ https://www.facebook.com https://ajax.googleapis.com https://forms.hsforms.com/emailcheck/v1/ https://ct.pinterest.com/md/ https://web-atbva-uat.k8s-prod-na.finn.ai/api/v1/finn-chat/ https://web-atbva-prod.k8s-prod-na.finn.ai/api/v1/finn-chat/ https://web-atbva-uat.k8s-prod-na.finn.ai/ https://web-atbva-prod.k8s-prod-na.finn.ai/ https://msg-atbva-uat.k8s-prod-na.finn.ai/subscriptions/finnChat/ https://msg-atbva-prod.k8s-prod-na.finn.ai/subscriptions/finnChat/ wss://msg-atbva-uat.k8s-prod-na.finn.ai/ wss://msg-atbva-prod.k8s-prod-na.finn.ai/ https://msg-atbva-prod.k8s-prod-na.finn.ai/ https://cdn.siteimprove.net https://superscribe.atbaux.com https://api.genesyscloud.com https://www.google-analytics.com/ https://dc.services.visualstudio.com/v2/track https://siteintercept.qualtrics.com https://atb.postclickmarketing.com https://interactive.atb.com https://vimeo.com https://rates.atbaux.com/ https://tags.srv.stackadapt.com/ https://ct.pinterest.com/user/ https://q.quora.com/ https://stats.g.doubleclick.net https://east.srv.stackadapt.com https://uw.srv.stackadapt.com https://bat.bing.com https://analytics.google.com https://eu.srv.stackadapt.com https://www.google.ca/ads/ga-audiences https://www.google.com/pagead/landing https://s.yimg.com https://maps.googleapis.com https://api.hubapi.com; base-uri 'none'; font-src 'self' data: https://maxcdn.bootstrapcdn.com https://fonts.gstatic.com; form-action https://www.facebook.com https://tr.snapchat.com https://forms.hsforms.com https://tr.snapchat.com/p https://tr.snapchat.com/cm/i https://feedback.atb.com; frame-ancestors 'none'; style-src 'self' 'unsafe-inline' https://tags.srv.stackadapt.com https://cloud.typography.com https://maxcdn.bootstrapcdn.com/font-awesome/ https://web-atbva-uat.k8s-prod-na.finn.ai/webchat/static/styles/styles.css https://fonts.googleapis.com https://tagmanager.google.com https://www.googletagmanager.com https://east.srv.stackadapt.com https://uw.srv.stackadapt.com https://eu.srv.stackadapt.com https://optimize.google.com/optimize/editor/css/css.css; script-src 'self' https: https://zn5hxoymepfxxwpmj-atbfeedback.siteintercept.qualtrics.com 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https://zn5hxoymepfxxwpmj-atbfeedback.siteintercept.qualtrics.com https://siteintercept.qualtrics.com https://www.google.com/recaptcha/api.js https://www.google.com/recaptcha/enterprise.js https://www.googletagmanager.com/ https://www.google-analytics.com https://tagmanager.google.com https://az416426.vo.msecnd.net/scripts/a/ai.0.js https://maps.googleapis.com/maps/api/js https://adservice.google.com/ https://adservice.google.com/* https://www.google.com/ads/ga-audiences https://js.hs-scripts.com/4764334.js https://js.hsforms.net/forms/v2.js https://forms.hsforms.com/ https://forms.hsforms.com/submissions/v3/public/submit/formsnext/multipart/ https://znbd9nr9vkcjqslin-atbfeedback.siteintercept.qualtrics.com https://dl.episerver.net/13.2.4/epi-util/find.js https://js.hs-analytics.net/analytics/1563383400000/4764334.js https://www.workable.com/api/accounts/377831 https://www.workable.com/assets/embed.js https://extend.vimeocdn.com/ga/10780070.js https://zn5hxoymepfxxwpmj-atbfeedback.siteintercept.qualtrics.com/WRSiteInterceptEngine/ https://code.jquery.com/jquery-3.4.1.min.js https://sc-static.net/ https://static.ads-twitter.com/uwt.js https://analytics.twitter.com/i/ https://connect.facebook.net/en_US/fbevents.js https://connect.facebook.net/signals/config/ https://www.youtube.com/s/player/* https://cdn.jsdelivr.net/npm/vue@2.6.10/dist/vue.runtime.min.js https://snap.licdn.com/li.lms-analytics/insight.min.js https://s.pinimg.com/ct/core.js https://s.pinimg.com/ct/lib/ https://a.quora.com/qevents.js https://tags.srv.stackadapt.com/events.js https://east.srv.stackadapt.com/events.js https://uw.srv.stackadapt.com/events.js https://eu.srv.stackadapt.com/events.js https://platform.twitter.com/oct.js https://static.ads-twitter.com/oct.js https://www.youtube.com/iframe_api https://s.ytimg.com/yts/jsbin/ https://secure.quantserve.com/quant.js https://edge.quantserve.com/quant.js https://js.hs-banner.com https://apply.workable.com https://www.google.com/ads/ga-audiences* https://s.mitaa.io/dtag.min.js https://ionfiles.scribblecdn.net/scripts/ionizer-1.2.min.js http://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js https://web-atbva-uat.k8s-prod-na.finn.ai/webchat/static/ https://js.hs-banner.com/4764334.js https://bat.bing.com https://clarity.microsoft.com https://9897839.fls.doubleclick.net https://web-atbva-uat.k8s-prod-na.finn.ai/webchat/static/bundle.js https://web-atbva-uat.k8s-prod-na.finn.ai/webchat/static/config.js https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js https://siteimproveanalytics.com/js/siteanalyze_77682.js https://siteimproveanalytics.com/ 'sha256-AoNQZpaRmemSTxMy9xcqXX5VLwI6IMPYugO7bFHOW+U=' 'sha256-VazP97ZCwtekAsvgPBSUwPFKdrwD3unUfSGVYrahUqU=' 'sha256-CSXorXvZcTkaix6Yvo6HppcZGetbYMGWSFlBw8HfCJo=' 'sha256-27gTObPp0STAt+fV8fwrG9pRwkVFaEg7ZHzBv6L0yto=' 'sha256-2bKthQiZc2RXXJ2zuNdQgergsosNJNO0j0pY5/AMUKE=' 'sha256-3ZrSyKXyfCBhxmUPydg8a9mgpCxBzKb9p2d6IFRh3+Q=' 'sha256-kiNksdOX+M4g0/nMTqaTImuB/PHpOdvlQF6VaBmvnoE=' 'sha256-fmBnciP22+IeufKiwett0ScrQcvXA2ltLjO5AkOn/eQ=' 'sha256-GxB2ppK+t1dQ/6WHfZRc7UJL/ct7a59qHKzBE/c1SzE=' 'sha256-kN2TxtGds1lhWybMfEoIXWeS4x4Enya8DiiyBAbeyHs=' 'sha256-olgZwKESUKBk5MwFwAYxCIamu4KAcRjk5VqnZxOlat0=' 'sha256-rXnvrupdVgmIsBg96vSU/gV2uQjZSH3AKma5y9FlGaU=' 'nonce-JVUHFuyc3484OguvmdqnSk95QXtXZ0PrYUPMVvYTUC8='; img-src 'self' data: *; frame-src https://www.facebook.com https://tr6.snapchat.com https://www.pinterest.com https://tr.snapchat.com https://verify.auth.atb.com/ https://verify-uat.auth-dev.atb.com/ https://www.googletagmanager.com https://va.atb.com/ https://virtual-assist-prod.atb.com/ https://virtual-assist-uat.atb.com/ https://web-atbva-prod.k8s-prod-na.finn.ai/ https://bank-api-gateway-atbva-prod.k8s-prod-na.finn.ai https://bank-api-gateway-atbva-prod.k8s-prod-na.finn.ai/ https://identity-prod.auth-dev.atb.com/ https://identity.auth.atb.com/ https://web-atbva-uat.k8s-prod-na.finn.ai/ https://bank-api-gateway-atbva-uat.k8s-prod-na.finn.ai https://bank-api-gateway-atbva-uat.k8s-prod-na.finn.ai/ https://identity-uat.auth-dev.atb.com/ https://8389598.fls.doubleclick.net/ https://www.google.com https://stats.g.doubleclick.net/ https://siteintercept.qualtrics.com/ https://feedback.atb.com/ https://www.youtube.com/ https://player.vimeo.com/ https://atb.postclickmarketing.com/ https://interactive.atb.com/ https://forms.hsforms.com/ https://tr.snapchat.com/ https://www.atbonline.com/ https://app.hubspot.com/ https://9897839.fls.doubleclick.net https://bid.g.doubleclick.net/ https://10829704.fls.doubleclick.net/ https://finn-demo-assets.finn.ai/ https://personal.atb.com/ https://www.pinterest.ca/ https://ct.pinterest.com/ https://optimize.google.com/; manifest-src 'self'; child-src 'none'; object-src 'self';
cf-cache-status
HIT
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
54859
x-powered-by
ASP.NET
content-length
944
x-xss-protection
1; mode=block
request-context
appId=cid-v1:4bfe3162-8ed7-4ce8-a697-b34850a88b82
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 01 Sep 2022 13:50:48 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://atbtest.report-uri.com/a/d/g"}],"include_subdomains":true}
access-control-expose-headers
Request-Context
cache-control
public,max-age=86400
accept-ranges
bytes
cf-ray
79e168502fb27156-YUL
Inter-Regular.ttf
personal.atb.com/assets/fonts/Inter/
303 KB
303 KB
Font
General
Full URL
https://personal.atb.com/assets/fonts/Inter/Inter-Regular.ttf
Requested by
Host: personal.atb.com
URL: https://personal.atb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.145.12 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.145.107.34.bc.googleusercontent.com
Software
nginx/1.17.7 /
Resource Hash
4544b79fc104238a747fb310c5594c5b38ea8104804af558455859e545dfc0f0
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' https://*.atb.com https://*.qualtrics.com https://*.postescanada-canadapost.ca https://c.paypal.com https://*.stats.paypal.com data:; frame-src https://*.moneydesktop.com https://*.atb.com https://*.qualtrics.com https://*.atbonline.com https://c.paypal.com; script-src 'self' https://www.googletagmanager.com https://*.qualtrics.com https://*.postescanada-canadapost.ca https://c.paypal.com; style-src https://*.atb.com https://www.atbonline.com https://*.postescanada-canadapost.ca 'self' 'unsafe-inline' https://fonts.googleapis.com; connect-src 'self' https://api.avo.app https://*.mixpanel.com https://*.atb.com https://*.qualtrics.com https://*.google-analytics.com https://*.googleapis.com https://*.postescanada-canadapost.ca; font-src https://*.atb.com 'self' https://fonts.gstatic.com https://*.postescanada-canadapost.ca data:; object-src 'none'; frame-ancestors https://*.atbprosper.com https://*.finn.ai https://*.atbcloud.net https://*.atb.com
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://personal.atb.com/
Origin
https://personal.atb.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 16:41:10 GMT
content-security-policy
default-src 'self'; img-src 'self' https://*.atb.com https://*.qualtrics.com https://*.postescanada-canadapost.ca https://c.paypal.com https://*.stats.paypal.com data:; frame-src https://*.moneydesktop.com https://*.atb.com https://*.qualtrics.com https://*.atbonline.com https://c.paypal.com; script-src 'self' https://www.googletagmanager.com https://*.qualtrics.com https://*.postescanada-canadapost.ca https://c.paypal.com; style-src https://*.atb.com https://www.atbonline.com https://*.postescanada-canadapost.ca 'self' 'unsafe-inline' https://fonts.googleapis.com; connect-src 'self' https://api.avo.app https://*.mixpanel.com https://*.atb.com https://*.qualtrics.com https://*.google-analytics.com https://*.googleapis.com https://*.postescanada-canadapost.ca; font-src https://*.atb.com 'self' https://fonts.gstatic.com https://*.postescanada-canadapost.ca data:; object-src 'none'; frame-ancestors https://*.atbprosper.com https://*.finn.ai https://*.atbcloud.net https://*.atb.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000; includeSubDomains; preload
last-modified
Wed, 22 Feb 2023 19:01:52 GMT
server
nginx/1.17.7
via
1.1 google
etag
"63f666a0-4ba44"
x-frame-options
deny
content-type
text/plain
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
309828
x-xss-protection
1; mode=block
Inter-Bold.ttf
personal.atb.com/assets/fonts/Inter/
309 KB
309 KB
Font
General
Full URL
https://personal.atb.com/assets/fonts/Inter/Inter-Bold.ttf
Requested by
Host: personal.atb.com
URL: https://personal.atb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.145.12 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.145.107.34.bc.googleusercontent.com
Software
nginx/1.17.7 /
Resource Hash
19b7b6b4a1f19296356055c7c9acece85d63d319de9e3223665e3b9020da409a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' https://*.atb.com https://*.qualtrics.com https://*.postescanada-canadapost.ca https://c.paypal.com https://*.stats.paypal.com data:; frame-src https://*.moneydesktop.com https://*.atb.com https://*.qualtrics.com https://*.atbonline.com https://c.paypal.com; script-src 'self' https://www.googletagmanager.com https://*.qualtrics.com https://*.postescanada-canadapost.ca https://c.paypal.com; style-src https://*.atb.com https://www.atbonline.com https://*.postescanada-canadapost.ca 'self' 'unsafe-inline' https://fonts.googleapis.com; connect-src 'self' https://api.avo.app https://*.mixpanel.com https://*.atb.com https://*.qualtrics.com https://*.google-analytics.com https://*.googleapis.com https://*.postescanada-canadapost.ca; font-src https://*.atb.com 'self' https://fonts.gstatic.com https://*.postescanada-canadapost.ca data:; object-src 'none'; frame-ancestors https://*.atbprosper.com https://*.finn.ai https://*.atbcloud.net https://*.atb.com
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://personal.atb.com/
Origin
https://personal.atb.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 16:41:10 GMT
content-security-policy
default-src 'self'; img-src 'self' https://*.atb.com https://*.qualtrics.com https://*.postescanada-canadapost.ca https://c.paypal.com https://*.stats.paypal.com data:; frame-src https://*.moneydesktop.com https://*.atb.com https://*.qualtrics.com https://*.atbonline.com https://c.paypal.com; script-src 'self' https://www.googletagmanager.com https://*.qualtrics.com https://*.postescanada-canadapost.ca https://c.paypal.com; style-src https://*.atb.com https://www.atbonline.com https://*.postescanada-canadapost.ca 'self' 'unsafe-inline' https://fonts.googleapis.com; connect-src 'self' https://api.avo.app https://*.mixpanel.com https://*.atb.com https://*.qualtrics.com https://*.google-analytics.com https://*.googleapis.com https://*.postescanada-canadapost.ca; font-src https://*.atb.com 'self' https://fonts.gstatic.com https://*.postescanada-canadapost.ca data:; object-src 'none'; frame-ancestors https://*.atbprosper.com https://*.finn.ai https://*.atbcloud.net https://*.atb.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000; includeSubDomains; preload
last-modified
Wed, 22 Feb 2023 19:01:52 GMT
server
nginx/1.17.7
via
1.1 google
etag
"63f666a0-4d2c4"
x-frame-options
deny
content-type
text/plain
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
316100
x-xss-protection
1; mode=block
Inter-SemiBold.ttf
personal.atb.com/assets/fonts/Inter/
308 KB
309 KB
Font
General
Full URL
https://personal.atb.com/assets/fonts/Inter/Inter-SemiBold.ttf
Requested by
Host: personal.atb.com
URL: https://personal.atb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.145.12 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.145.107.34.bc.googleusercontent.com
Software
nginx/1.17.7 /
Resource Hash
fa156299bcc1f13b5d85bb78ea6e3917530b22b8d40a307e7a983d9a27ebdcbc
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' https://*.atb.com https://*.qualtrics.com https://*.postescanada-canadapost.ca https://c.paypal.com https://*.stats.paypal.com data:; frame-src https://*.moneydesktop.com https://*.atb.com https://*.qualtrics.com https://*.atbonline.com https://c.paypal.com; script-src 'self' https://www.googletagmanager.com https://*.qualtrics.com https://*.postescanada-canadapost.ca https://c.paypal.com; style-src https://*.atb.com https://www.atbonline.com https://*.postescanada-canadapost.ca 'self' 'unsafe-inline' https://fonts.googleapis.com; connect-src 'self' https://api.avo.app https://*.mixpanel.com https://*.atb.com https://*.qualtrics.com https://*.google-analytics.com https://*.googleapis.com https://*.postescanada-canadapost.ca; font-src https://*.atb.com 'self' https://fonts.gstatic.com https://*.postescanada-canadapost.ca data:; object-src 'none'; frame-ancestors https://*.atbprosper.com https://*.finn.ai https://*.atbcloud.net https://*.atb.com
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://personal.atb.com/
Origin
https://personal.atb.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 16:41:10 GMT
content-security-policy
default-src 'self'; img-src 'self' https://*.atb.com https://*.qualtrics.com https://*.postescanada-canadapost.ca https://c.paypal.com https://*.stats.paypal.com data:; frame-src https://*.moneydesktop.com https://*.atb.com https://*.qualtrics.com https://*.atbonline.com https://c.paypal.com; script-src 'self' https://www.googletagmanager.com https://*.qualtrics.com https://*.postescanada-canadapost.ca https://c.paypal.com; style-src https://*.atb.com https://www.atbonline.com https://*.postescanada-canadapost.ca 'self' 'unsafe-inline' https://fonts.googleapis.com; connect-src 'self' https://api.avo.app https://*.mixpanel.com https://*.atb.com https://*.qualtrics.com https://*.google-analytics.com https://*.googleapis.com https://*.postescanada-canadapost.ca; font-src https://*.atb.com 'self' https://fonts.gstatic.com https://*.postescanada-canadapost.ca data:; object-src 'none'; frame-ancestors https://*.atbprosper.com https://*.finn.ai https://*.atbcloud.net https://*.atb.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000; includeSubDomains; preload
last-modified
Wed, 22 Feb 2023 19:01:52 GMT
server
nginx/1.17.7
via
1.1 google
etag
"63f666a0-4d16c"
x-frame-options
deny
content-type
text/plain
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
315756
x-xss-protection
1; mode=block
ATB-TT-Norms-Bold.ttf
personal.atb.com/assets/fonts/ATB_TT_Norms/
225 KB
226 KB
Font
General
Full URL
https://personal.atb.com/assets/fonts/ATB_TT_Norms/ATB-TT-Norms-Bold.ttf
Requested by
Host: personal.atb.com
URL: https://personal.atb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.145.12 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.145.107.34.bc.googleusercontent.com
Software
nginx/1.17.7 /
Resource Hash
0df671c5249fa77d6202f7bb173a06ef7573959d5cd69396bc399019fc5dcf26
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' https://*.atb.com https://*.qualtrics.com https://*.postescanada-canadapost.ca https://c.paypal.com https://*.stats.paypal.com data:; frame-src https://*.moneydesktop.com https://*.atb.com https://*.qualtrics.com https://*.atbonline.com https://c.paypal.com; script-src 'self' https://www.googletagmanager.com https://*.qualtrics.com https://*.postescanada-canadapost.ca https://c.paypal.com; style-src https://*.atb.com https://www.atbonline.com https://*.postescanada-canadapost.ca 'self' 'unsafe-inline' https://fonts.googleapis.com; connect-src 'self' https://api.avo.app https://*.mixpanel.com https://*.atb.com https://*.qualtrics.com https://*.google-analytics.com https://*.googleapis.com https://*.postescanada-canadapost.ca; font-src https://*.atb.com 'self' https://fonts.gstatic.com https://*.postescanada-canadapost.ca data:; object-src 'none'; frame-ancestors https://*.atbprosper.com https://*.finn.ai https://*.atbcloud.net https://*.atb.com
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://personal.atb.com/
Origin
https://personal.atb.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 16:41:10 GMT
content-security-policy
default-src 'self'; img-src 'self' https://*.atb.com https://*.qualtrics.com https://*.postescanada-canadapost.ca https://c.paypal.com https://*.stats.paypal.com data:; frame-src https://*.moneydesktop.com https://*.atb.com https://*.qualtrics.com https://*.atbonline.com https://c.paypal.com; script-src 'self' https://www.googletagmanager.com https://*.qualtrics.com https://*.postescanada-canadapost.ca https://c.paypal.com; style-src https://*.atb.com https://www.atbonline.com https://*.postescanada-canadapost.ca 'self' 'unsafe-inline' https://fonts.googleapis.com; connect-src 'self' https://api.avo.app https://*.mixpanel.com https://*.atb.com https://*.qualtrics.com https://*.google-analytics.com https://*.googleapis.com https://*.postescanada-canadapost.ca; font-src https://*.atb.com 'self' https://fonts.gstatic.com https://*.postescanada-canadapost.ca data:; object-src 'none'; frame-ancestors https://*.atbprosper.com https://*.finn.ai https://*.atbcloud.net https://*.atb.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000; includeSubDomains; preload
last-modified
Wed, 22 Feb 2023 19:01:52 GMT
server
nginx/1.17.7
via
1.1 google
etag
"63f666a0-38554"
x-frame-options
deny
content-type
text/plain
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
230740
x-xss-protection
1; mode=block
ATB-TT-Norms-ExtraBold.ttf
personal.atb.com/assets/fonts/ATB_TT_Norms/
225 KB
225 KB
Font
General
Full URL
https://personal.atb.com/assets/fonts/ATB_TT_Norms/ATB-TT-Norms-ExtraBold.ttf
Requested by
Host: personal.atb.com
URL: https://personal.atb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.145.12 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.145.107.34.bc.googleusercontent.com
Software
nginx/1.17.7 /
Resource Hash
547e3cfbdee8551197e28eb07766feaab2fe9f3e072046e5377a73e4c016ec6c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' https://*.atb.com https://*.qualtrics.com https://*.postescanada-canadapost.ca https://c.paypal.com https://*.stats.paypal.com data:; frame-src https://*.moneydesktop.com https://*.atb.com https://*.qualtrics.com https://*.atbonline.com https://c.paypal.com; script-src 'self' https://www.googletagmanager.com https://*.qualtrics.com https://*.postescanada-canadapost.ca https://c.paypal.com; style-src https://*.atb.com https://www.atbonline.com https://*.postescanada-canadapost.ca 'self' 'unsafe-inline' https://fonts.googleapis.com; connect-src 'self' https://api.avo.app https://*.mixpanel.com https://*.atb.com https://*.qualtrics.com https://*.google-analytics.com https://*.googleapis.com https://*.postescanada-canadapost.ca; font-src https://*.atb.com 'self' https://fonts.gstatic.com https://*.postescanada-canadapost.ca data:; object-src 'none'; frame-ancestors https://*.atbprosper.com https://*.finn.ai https://*.atbcloud.net https://*.atb.com
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://personal.atb.com/
Origin
https://personal.atb.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 16:41:10 GMT
content-security-policy
default-src 'self'; img-src 'self' https://*.atb.com https://*.qualtrics.com https://*.postescanada-canadapost.ca https://c.paypal.com https://*.stats.paypal.com data:; frame-src https://*.moneydesktop.com https://*.atb.com https://*.qualtrics.com https://*.atbonline.com https://c.paypal.com; script-src 'self' https://www.googletagmanager.com https://*.qualtrics.com https://*.postescanada-canadapost.ca https://c.paypal.com; style-src https://*.atb.com https://www.atbonline.com https://*.postescanada-canadapost.ca 'self' 'unsafe-inline' https://fonts.googleapis.com; connect-src 'self' https://api.avo.app https://*.mixpanel.com https://*.atb.com https://*.qualtrics.com https://*.google-analytics.com https://*.googleapis.com https://*.postescanada-canadapost.ca; font-src https://*.atb.com 'self' https://fonts.gstatic.com https://*.postescanada-canadapost.ca data:; object-src 'none'; frame-ancestors https://*.atbprosper.com https://*.finn.ai https://*.atbcloud.net https://*.atb.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000; includeSubDomains; preload
last-modified
Wed, 22 Feb 2023 19:01:52 GMT
server
nginx/1.17.7
via
1.1 google
etag
"63f666a0-382f4"
x-frame-options
deny
content-type
text/plain
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
230132
x-xss-protection
1; mode=block
addresscomplete-2.30.min.css
ws1.postescanada-canadapost.ca/css/
8 KB
2 KB
Stylesheet
General
Full URL
https://ws1.postescanada-canadapost.ca/css/addresscomplete-2.30.min.css?key=JE31-YZ72-KW38-PG11
Requested by
Host: personal.atb.com
URL: https://personal.atb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.48.88 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
88.48.241.35.bc.googleusercontent.com
Software
nginx/1.20.2 /
Resource Hash
08d86b34d73b04ed344e79fd98e1e0986bb56cc93c9b9e6bb4ad0d816e1642a8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://personal.atb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 16:41:10 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.20.2
content-type
text/css;charset=UTF-8
cache-control
public
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2046
addresscomplete-2.30.min.js
ws1.postescanada-canadapost.ca/js/
86 KB
24 KB
Script
General
Full URL
https://ws1.postescanada-canadapost.ca/js/addresscomplete-2.30.min.js?key=JE31-YZ72-KW38-PG11
Requested by
Host: personal.atb.com
URL: https://personal.atb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.48.88 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
88.48.241.35.bc.googleusercontent.com
Software
nginx/1.20.2 /
Resource Hash
d8f7044bbb960a0c00051ce0f1af4a2ac9b9e2cd7a95b5acf9838095efcb9405

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://personal.atb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 16:41:10 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.20.2
content-type
text/javascript;charset=UTF-8
cache-control
public
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24291
7.9cc3d630.chunk.css
personal.atb.com/static/css/
515 KB
516 KB
Stylesheet
General
Full URL
https://personal.atb.com/static/css/7.9cc3d630.chunk.css
Requested by
Host: personal.atb.com
URL: https://personal.atb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.145.12 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.145.107.34.bc.googleusercontent.com
Software
nginx/1.17.7 /
Resource Hash
15433806537e760d7d1052f0edf32c663b79b38b82494ad2bb7b50fb3288c614
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' https://*.atb.com https://*.qualtrics.com https://*.postescanada-canadapost.ca https://c.paypal.com https://*.stats.paypal.com data:; frame-src https://*.moneydesktop.com https://*.atb.com https://*.qualtrics.com https://*.atbonline.com https://c.paypal.com; script-src 'self' https://www.googletagmanager.com https://*.qualtrics.com https://*.postescanada-canadapost.ca https://c.paypal.com; style-src https://*.atb.com https://www.atbonline.com https://*.postescanada-canadapost.ca 'self' 'unsafe-inline' https://fonts.googleapis.com; connect-src 'self' https://api.avo.app https://*.mixpanel.com https://*.atb.com https://*.qualtrics.com https://*.google-analytics.com https://*.googleapis.com https://*.postescanada-canadapost.ca; font-src https://*.atb.com 'self' https://fonts.gstatic.com https://*.postescanada-canadapost.ca data:; object-src 'none'; frame-ancestors https://*.atbprosper.com https://*.finn.ai https://*.atbcloud.net https://*.atb.com
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://personal.atb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 16:41:10 GMT
content-security-policy
default-src 'self'; img-src 'self' https://*.atb.com https://*.qualtrics.com https://*.postescanada-canadapost.ca https://c.paypal.com https://*.stats.paypal.com data:; frame-src https://*.moneydesktop.com https://*.atb.com https://*.qualtrics.com https://*.atbonline.com https://c.paypal.com; script-src 'self' https://www.googletagmanager.com https://*.qualtrics.com https://*.postescanada-canadapost.ca https://c.paypal.com; style-src https://*.atb.com https://www.atbonline.com https://*.postescanada-canadapost.ca 'self' 'unsafe-inline' https://fonts.googleapis.com; connect-src 'self' https://api.avo.app https://*.mixpanel.com https://*.atb.com https://*.qualtrics.com https://*.google-analytics.com https://*.googleapis.com https://*.postescanada-canadapost.ca; font-src https://*.atb.com 'self' https://fonts.gstatic.com https://*.postescanada-canadapost.ca data:; object-src 'none'; frame-ancestors https://*.atbprosper.com https://*.finn.ai https://*.atbcloud.net https://*.atb.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000; includeSubDomains; preload
last-modified
Wed, 22 Feb 2023 19:04:40 GMT
server
nginx/1.17.7
via
1.1 google
etag
"63f66748-80b63"
x-frame-options
deny
content-type
text/css
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
527203
x-xss-protection
1; mode=block
main.7f1cfc6e.chunk.css
personal.atb.com/static/css/
213 KB
213 KB
Stylesheet
General
Full URL
https://personal.atb.com/static/css/main.7f1cfc6e.chunk.css
Requested by
Host: personal.atb.com
URL: https://personal.atb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.145.12 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.145.107.34.bc.googleusercontent.com
Software
nginx/1.17.7 /
Resource Hash
0b93f0dad200239dfc7239c498134c2ef3559eef74bda771465f65f905b65bcf
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' https://*.atb.com https://*.qualtrics.com https://*.postescanada-canadapost.ca https://c.paypal.com https://*.stats.paypal.com data:; frame-src https://*.moneydesktop.com https://*.atb.com https://*.qualtrics.com https://*.atbonline.com https://c.paypal.com; script-src 'self' https://www.googletagmanager.com https://*.qualtrics.com https://*.postescanada-canadapost.ca https://c.paypal.com; style-src https://*.atb.com https://www.atbonline.com https://*.postescanada-canadapost.ca 'self' 'unsafe-inline' https://fonts.googleapis.com; connect-src 'self' https://api.avo.app https://*.mixpanel.com https://*.atb.com https://*.qualtrics.com https://*.google-analytics.com https://*.googleapis.com https://*.postescanada-canadapost.ca; font-src https://*.atb.com 'self' https://fonts.gstatic.com https://*.postescanada-canadapost.ca data:; object-src 'none'; frame-ancestors https://*.atbprosper.com https://*.finn.ai https://*.atbcloud.net https://*.atb.com
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://personal.atb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 16:41:10 GMT
content-security-policy
default-src 'self'; img-src 'self' https://*.atb.com https://*.qualtrics.com https://*.postescanada-canadapost.ca https://c.paypal.com https://*.stats.paypal.com data:; frame-src https://*.moneydesktop.com https://*.atb.com https://*.qualtrics.com https://*.atbonline.com https://c.paypal.com; script-src 'self' https://www.googletagmanager.com https://*.qualtrics.com https://*.postescanada-canadapost.ca https://c.paypal.com; style-src https://*.atb.com https://www.atbonline.com https://*.postescanada-canadapost.ca 'self' 'unsafe-inline' https://fonts.googleapis.com; connect-src 'self' https://api.avo.app https://*.mixpanel.com https://*.atb.com https://*.qualtrics.com https://*.google-analytics.com https://*.googleapis.com https://*.postescanada-canadapost.ca; font-src https://*.atb.com 'self' https://fonts.gstatic.com https://*.postescanada-canadapost.ca data:; object-src 'none'; frame-ancestors https://*.atbprosper.com https://*.finn.ai https://*.atbcloud.net https://*.atb.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000; includeSubDomains; preload
last-modified
Wed, 22 Feb 2023 19:04:40 GMT
server
nginx/1.17.7
via
1.1 google
etag
"63f66748-353c9"
x-frame-options
deny
content-type
text/css
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
218057
x-xss-protection
1; mode=block
runtime~main.a4c40e53.js
personal.atb.com/static/js/
4 KB
4 KB
Script
General
Full URL
https://personal.atb.com/static/js/runtime~main.a4c40e53.js
Requested by
Host: personal.atb.com
URL: https://personal.atb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.145.12 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.145.107.34.bc.googleusercontent.com
Software
nginx/1.17.7 /
Resource Hash
16b78d57fa707e95968841f5d34626458795bf6378ef550801cb6b834ec768a4
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' https://*.atb.com https://*.qualtrics.com https://*.postescanada-canadapost.ca https://c.paypal.com https://*.stats.paypal.com data:; frame-src https://*.moneydesktop.com https://*.atb.com https://*.qualtrics.com https://*.atbonline.com https://c.paypal.com; script-src 'self' https://www.googletagmanager.com https://*.qualtrics.com https://*.postescanada-canadapost.ca https://c.paypal.com; style-src https://*.atb.com https://www.atbonline.com https://*.postescanada-canadapost.ca 'self' 'unsafe-inline' https://fonts.googleapis.com; connect-src 'self' https://api.avo.app https://*.mixpanel.com https://*.atb.com https://*.qualtrics.com https://*.google-analytics.com https://*.googleapis.com https://*.postescanada-canadapost.ca; font-src https://*.atb.com 'self' https://fonts.gstatic.com https://*.postescanada-canadapost.ca data:; object-src 'none'; frame-ancestors https://*.atbprosper.com https://*.finn.ai https://*.atbcloud.net https://*.atb.com
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://personal.atb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 16:41:10 GMT
content-security-policy
default-src 'self'; img-src 'self' https://*.atb.com https://*.qualtrics.com https://*.postescanada-canadapost.ca https://c.paypal.com https://*.stats.paypal.com data:; frame-src https://*.moneydesktop.com https://*.atb.com https://*.qualtrics.com https://*.atbonline.com https://c.paypal.com; script-src 'self' https://www.googletagmanager.com https://*.qualtrics.com https://*.postescanada-canadapost.ca https://c.paypal.com; style-src https://*.atb.com https://www.atbonline.com https://*.postescanada-canadapost.ca 'self' 'unsafe-inline' https://fonts.googleapis.com; connect-src 'self' https://api.avo.app https://*.mixpanel.com https://*.atb.com https://*.qualtrics.com https://*.google-analytics.com https://*.googleapis.com https://*.postescanada-canadapost.ca; font-src https://*.atb.com 'self' https://fonts.gstatic.com https://*.postescanada-canadapost.ca data:; object-src 'none'; frame-ancestors https://*.atbprosper.com https://*.finn.ai https://*.atbcloud.net https://*.atb.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000; includeSubDomains; preload
last-modified
Wed, 22 Feb 2023 19:04:40 GMT
server
nginx/1.17.7
via
1.1 google
etag
"63f66748-f58"
x-frame-options
deny
content-type
application/javascript
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3928
x-xss-protection
1; mode=block
7.1fae3215.chunk.js
personal.atb.com/static/js/
2 MB
2 MB
Script
General
Full URL
https://personal.atb.com/static/js/7.1fae3215.chunk.js
Requested by
Host: personal.atb.com
URL: https://personal.atb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.145.12 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.145.107.34.bc.googleusercontent.com
Software
nginx/1.17.7 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' https://*.atb.com https://*.qualtrics.com https://*.postescanada-canadapost.ca https://c.paypal.com https://*.stats.paypal.com data:; frame-src https://*.moneydesktop.com https://*.atb.com https://*.qualtrics.com https://*.atbonline.com https://c.paypal.com; script-src 'self' https://www.googletagmanager.com https://*.qualtrics.com https://*.postescanada-canadapost.ca https://c.paypal.com; style-src https://*.atb.com https://www.atbonline.com https://*.postescanada-canadapost.ca 'self' 'unsafe-inline' https://fonts.googleapis.com; connect-src 'self' https://api.avo.app https://*.mixpanel.com https://*.atb.com https://*.qualtrics.com https://*.google-analytics.com https://*.googleapis.com https://*.postescanada-canadapost.ca; font-src https://*.atb.com 'self' https://fonts.gstatic.com https://*.postescanada-canadapost.ca data:; object-src 'none'; frame-ancestors https://*.atbprosper.com https://*.finn.ai https://*.atbcloud.net https://*.atb.com
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://personal.atb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 16:41:10 GMT
content-security-policy
default-src 'self'; img-src 'self' https://*.atb.com https://*.qualtrics.com https://*.postescanada-canadapost.ca https://c.paypal.com https://*.stats.paypal.com data:; frame-src https://*.moneydesktop.com https://*.atb.com https://*.qualtrics.com https://*.atbonline.com https://c.paypal.com; script-src 'self' https://www.googletagmanager.com https://*.qualtrics.com https://*.postescanada-canadapost.ca https://c.paypal.com; style-src https://*.atb.com https://www.atbonline.com https://*.postescanada-canadapost.ca 'self' 'unsafe-inline' https://fonts.googleapis.com; connect-src 'self' https://api.avo.app https://*.mixpanel.com https://*.atb.com https://*.qualtrics.com https://*.google-analytics.com https://*.googleapis.com https://*.postescanada-canadapost.ca; font-src https://*.atb.com 'self' https://fonts.gstatic.com https://*.postescanada-canadapost.ca data:; object-src 'none'; frame-ancestors https://*.atbprosper.com https://*.finn.ai https://*.atbcloud.net https://*.atb.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000; includeSubDomains; preload
last-modified
Wed, 22 Feb 2023 19:04:40 GMT
server
nginx/1.17.7
via
1.1 google
etag
"63f66748-18c565"
x-frame-options
deny
content-type
application/javascript
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1623397
x-xss-protection
1; mode=block
main.1d8ab2a6.chunk.js
personal.atb.com/static/js/
312 KB
312 KB
Script
General
Full URL
https://personal.atb.com/static/js/main.1d8ab2a6.chunk.js
Requested by
Host: personal.atb.com
URL: https://personal.atb.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.145.12 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.145.107.34.bc.googleusercontent.com
Software
nginx/1.17.7 /
Resource Hash
1f000d02d5b2297fdd2b898c0af1def7898b9bc9c1ba3a71db7717c8e681b3c7
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' https://*.atb.com https://*.qualtrics.com https://*.postescanada-canadapost.ca https://c.paypal.com https://*.stats.paypal.com data:; frame-src https://*.moneydesktop.com https://*.atb.com https://*.qualtrics.com https://*.atbonline.com https://c.paypal.com; script-src 'self' https://www.googletagmanager.com https://*.qualtrics.com https://*.postescanada-canadapost.ca https://c.paypal.com; style-src https://*.atb.com https://www.atbonline.com https://*.postescanada-canadapost.ca 'self' 'unsafe-inline' https://fonts.googleapis.com; connect-src 'self' https://api.avo.app https://*.mixpanel.com https://*.atb.com https://*.qualtrics.com https://*.google-analytics.com https://*.googleapis.com https://*.postescanada-canadapost.ca; font-src https://*.atb.com 'self' https://fonts.gstatic.com https://*.postescanada-canadapost.ca data:; object-src 'none'; frame-ancestors https://*.atbprosper.com https://*.finn.ai https://*.atbcloud.net https://*.atb.com
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://personal.atb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 16:41:10 GMT
content-security-policy
default-src 'self'; img-src 'self' https://*.atb.com https://*.qualtrics.com https://*.postescanada-canadapost.ca https://c.paypal.com https://*.stats.paypal.com data:; frame-src https://*.moneydesktop.com https://*.atb.com https://*.qualtrics.com https://*.atbonline.com https://c.paypal.com; script-src 'self' https://www.googletagmanager.com https://*.qualtrics.com https://*.postescanada-canadapost.ca https://c.paypal.com; style-src https://*.atb.com https://www.atbonline.com https://*.postescanada-canadapost.ca 'self' 'unsafe-inline' https://fonts.googleapis.com; connect-src 'self' https://api.avo.app https://*.mixpanel.com https://*.atb.com https://*.qualtrics.com https://*.google-analytics.com https://*.googleapis.com https://*.postescanada-canadapost.ca; font-src https://*.atb.com 'self' https://fonts.gstatic.com https://*.postescanada-canadapost.ca data:; object-src 'none'; frame-ancestors https://*.atbprosper.com https://*.finn.ai https://*.atbcloud.net https://*.atb.com
x-content-type-options
nosniff
strict-transport-security
max-age=15768000; includeSubDomains; preload
last-modified
Wed, 22 Feb 2023 19:04:40 GMT
server
nginx/1.17.7
via
1.1 google
etag
"63f66748-4dfff"
x-frame-options
deny
content-type
application/javascript
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
319487
x-xss-protection
1; mode=block
collect
www.google-analytics.com/g/
0
254 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-C84DLBZWXT&gtm=45je32f0&_p=579650639&cid=1945740205.1677170470&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1677170470&sct=1&seg=0&dl=https%3A%2F%2Fpersonal.atb.com%2F&dt=&en=scroll&_fv=1&_nsi=1&_ss=1&epn.percent_scrolled=90
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C84DLBZWXT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://personal.atb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Feb 2023 16:41:10 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://personal.atb.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fb.js
c.paypal.com/da/r/
59 KB
21 KB
Script
General
Full URL
https://c.paypal.com/da/r/fb.js
Requested by
Host: personal.atb.com
URL: https://personal.atb.com/static/js/main.1d8ab2a6.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://personal.atb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits
17, 1, 637142
date
Thu, 23 Feb 2023 16:41:10 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
1969997
x-cache
HIT, HIT, HIT
paypal-debug-id
8d02b3197927f
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
20545
x-served-by
cache-sjc10074-SJC, cache-yul12830-YUL, cache-yul12833-YUL
last-modified
Tue, 31 Jan 2023 20:30:46 GMT
traceparent
00-00000000000000000008d02b3197927f-a6cbabdc8c2b29e1-01
x-timer
S1677170471.974174,VS0,VE1
etag
W/"63d97a76-ecbf"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=86400
access-control-allow-credentials
false
access-control-max-age
86400
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Feb 2023 16:41:10 GMT
Primary Request login
identity.auth.atb.com/
Redirect Chain
  • https://identity.auth.atb.com/authorize?audience=https%3A%2F%2Fapi.atb.com%2F&client_id=zhAxiOFv6c5fC4niGAH7pLFEgptev0rA&redirect_uri=https%3A%2F%2Fpersonal.atb.com&realm=RetailPing&pmData=null&pla...
  • https://identity.auth.atb.com/login?state=hKFo2SBKaE5ZemdYVzZlakg2TDhMbjlJblNUT0pZSzFXSWdUMqFupWxvZ2luo3RpZNkgOXVWTkVEZVlaS2g2R2c2VGw4NmMyV0NEbXpZV0FnN02jY2lk2SB6aEF4aU9GdjZjNWZDNG5pR0FIN3BMRkVncHR...
933 KB
325 KB
Document
General
Full URL
https://identity.auth.atb.com/login?state=hKFo2SBKaE5ZemdYVzZlakg2TDhMbjlJblNUT0pZSzFXSWdUMqFupWxvZ2luo3RpZNkgOXVWTkVEZVlaS2g2R2c2VGw4NmMyV0NEbXpZV0FnN02jY2lk2SB6aEF4aU9GdjZjNWZDNG5pR0FIN3BMRkVncHRldjByQQ&client=zhAxiOFv6c5fC4niGAH7pLFEgptev0rA&protocol=oauth2&audience=https%3A%2F%2Fapi.atb.com%2F&redirect_uri=https%3A%2F%2Fpersonal.atb.com&realm=RetailPing&pmData=null&platformVersion=c2a69efd&session=15ccdfa465584fcb8cd31b7f0801dff4&scope=openid%20profile%20email&response_type=code&response_mode=query&nonce=Y1JjQTJYVFZVS1F0b0VnTUNSeGdwb2JILlBsbDFSN0lqSEZjTEZRWGN3RQ%3D%3D&code_challenge=s4tbWG4m9k90JqIydCDQlI96DfQ1BGehz6aupjSbBjY&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMTUuMCJ9
Requested by
Host: personal.atb.com
URL: https://personal.atb.com/static/js/7.1fae3215.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.162.183.6 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
94b487bf7acaaff6f7fb2796f4b6516c40b41d4cb325559b049859daba612b34
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://personal.atb.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-store, max-age=0, no-transform
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Thu, 23 Feb 2023 16:41:11 GMT
ETag
W/"e9237-+jejeJvdx+0css09su9zJJBxG90"
Pragma
no-cache
Referrer-Policy
same-origin
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 dca1-bit11044
X-Auth0-RequestId
fb60338bacc1bebfbe40
X-Content-Type-Options
nosniff
X-Robots-Tag
noindex, nofollow noindex, nofollow, nosnippet, noarchive
X-XSS-Protection
1; mode=block

Redirect headers

Cache-Control
no-store, max-age=0, no-transform
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Thu, 23 Feb 2023 16:41:11 GMT
Location
/login?state=hKFo2SBKaE5ZemdYVzZlakg2TDhMbjlJblNUT0pZSzFXSWdUMqFupWxvZ2luo3RpZNkgOXVWTkVEZVlaS2g2R2c2VGw4NmMyV0NEbXpZV0FnN02jY2lk2SB6aEF4aU9GdjZjNWZDNG5pR0FIN3BMRkVncHRldjByQQ&client=zhAxiOFv6c5fC4niGAH7pLFEgptev0rA&protocol=oauth2&audience=https%3A%2F%2Fapi.atb.com%2F&redirect_uri=https%3A%2F%2Fpersonal.atb.com&realm=RetailPing&pmData=null&platformVersion=c2a69efd&session=15ccdfa465584fcb8cd31b7f0801dff4&scope=openid%20profile%20email&response_type=code&response_mode=query&nonce=Y1JjQTJYVFZVS1F0b0VnTUNSeGdwb2JILlBsbDFSN0lqSEZjTEZRWGN3RQ%3D%3D&code_challenge=s4tbWG4m9k90JqIydCDQlI96DfQ1BGehz6aupjSbBjY&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMTUuMCJ9
Pragma
no-cache
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains
Transfer-Encoding
chunked
Vary
Accept, Accept-Encoding
Via
1.1 dca1-bit11044
X-Auth0-RequestId
c327945b38011f766a90
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
i
c.paypal.com/v1/r/d/ Frame 27F1
160 B
1 KB
Document
General
Full URL
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://personal.atb.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA, Sec-CH-UA-Full
accept-ranges
none
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy-report-only
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type
text/html;charset=UTF-8
correlation-id
2ea43cdf378a3
date
Thu, 23 Feb 2023 16:41:11 GMT
origin-trial
A+THamRrv1ypMR6JeaJx7Wmo8rytLELMAeCL0XGhTihfUtp+dVqcCNYiWxOzySlH2Xk7lzRrFY3mxv6viKT1qggAAACKeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9
paypal-debug-id
2ea43cdf378a3
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
timing-allow-origin
*
traceparent
00-00000000000000000002ea43cdf378a3-e92ca8b672daac9b-01
vary
Accept-Encoding
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-content-type-options
nosniff
x-served-by
cache-lax10646-LGB, cache-yul12833-YUL
x-timer
S1677170471.011182,VS0,VE114
x-xss-protection
1; mode=block
counter2.cgi
chd.stats.paypal.com/v2/ Frame 019F
Redirect Chain
  • https://b.stats.paypal.com/v2/counter.cgi?p=15ccdfa465584fcb8cd31b7f0801dff4&s=simility_rda
  • https://chd.stats.paypal.com/v2/counter2.cgi?p=15ccdfa465584fcb8cd31b7f0801dff4&s=simility_rda
0
0

fb.js
c.paypal.com/da/r/ Frame 27F1
59 KB
21 KB
Script
General
Full URL
https://c.paypal.com/da/r/fb.js
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits
17, 1, 637144
date
Thu, 23 Feb 2023 16:41:11 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
1969997
x-cache
HIT, HIT, HIT
paypal-debug-id
8d02b3197927f
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
20545
x-served-by
cache-sjc10074-SJC, cache-yul12830-YUL, cache-yul12833-YUL
last-modified
Tue, 31 Jan 2023 20:30:46 GMT
traceparent
00-00000000000000000008d02b3197927f-a6cbabdc8c2b29e1-01
x-timer
S1677170471.186260,VS0,VE1
etag
W/"63d97a76-ecbf"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=86400
access-control-allow-credentials
false
access-control-max-age
86400
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Feb 2023 16:41:11 GMT
p1
c.paypal.com/v1/r/d/b/ Frame 27F1
125 B
811 B
XHR
General
Full URL
https://c.paypal.com/v1/r/d/b/p1
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 23 Feb 2023 16:41:11 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id
5946651aa4635
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
content-length
125
x-served-by
cache-sna10740-LGB, cache-yul12833-YUL
correlation-id
5946651aa4635
traceparent
00-00000000000000000005946651aa4635-7b0cc9739604dbf3-01
content-type
application/json
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
0, 0
e
c.paypal.com/v1/r/d/b/ Frame 27F1
0
270 B
XHR
General
Full URL
https://c.paypal.com/v1/r/d/b/e
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json

Response headers

x-served-by
cache-lax10664-LGB, cache-yul12833-YUL
date
Thu, 23 Feb 2023 16:41:11 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
correlation-id
c8073e4635b18
via
1.1 varnish, 1.1 varnish
traceparent
00-0000000000000000000c8073e4635b18-19584119786e3c7f-01
x-cache
MISS, MISS
paypal-debug-id
c8073e4635b18
cache-control
max-age=0, no-cache, no-store, must-revalidate
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
0, 0
p3
c6.paypal.com/v1/r/d/b/ Frame 27F1
0
156 B
Image
General
Full URL
https://c6.paypal.com/v1/r/d/b/p3?f=15ccdfa465584fcb8cd31b7f0801dff4&s=simility_rda
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://c.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-served-by
cache-lax10680-LGB, cache-yul12833-YUL
date
Thu, 23 Feb 2023 16:41:11 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
correlation-id
1c147f2f0f94a
via
1.1 varnish, 1.1 varnish
traceparent
00-00000000000000000001c147f2f0f94a-e4390e16246ad0f0-01
x-timer
S1677170471.273670,VS0,VE127
x-cache
MISS, MISS
paypal-debug-id
1c147f2f0f94a
cache-control
max-age=0, no-cache, no-store, must-revalidate
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
accept-ranges
bytes
timing-allow-origin
*
content-length
0
x-cache-hits
0, 0
collect
www.google-analytics.com/g/
0
0

ATB_fqeu89sv8ba3.js
identity.auth.atb.com/ATB/Bundles/js/
235 KB
132 KB
Script
General
Full URL
https://identity.auth.atb.com/ATB/Bundles/js/ATB_fqeu89sv8ba3.js
Requested by
Host: identity.auth.atb.com
URL: https://identity.auth.atb.com/login?state=hKFo2SBKaE5ZemdYVzZlakg2TDhMbjlJblNUT0pZSzFXSWdUMqFupWxvZ2luo3RpZNkgOXVWTkVEZVlaS2g2R2c2VGw4NmMyV0NEbXpZV0FnN02jY2lk2SB6aEF4aU9GdjZjNWZDNG5pR0FIN3BMRkVncHRldjByQQ&client=zhAxiOFv6c5fC4niGAH7pLFEgptev0rA&protocol=oauth2&audience=https%3A%2F%2Fapi.atb.com%2F&redirect_uri=https%3A%2F%2Fpersonal.atb.com&realm=RetailPing&pmData=null&platformVersion=c2a69efd&session=15ccdfa465584fcb8cd31b7f0801dff4&scope=openid%20profile%20email&response_type=code&response_mode=query&nonce=Y1JjQTJYVFZVS1F0b0VnTUNSeGdwb2JILlBsbDFSN0lqSEZjTEZRWGN3RQ%3D%3D&code_challenge=s4tbWG4m9k90JqIydCDQlI96DfQ1BGehz6aupjSbBjY&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMTUuMCJ9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.162.183.6 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software
/
Resource Hash
d8e7b7c357835146572720b252f15cfea0e17ff37e75d499ed656871bbc23d0c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://identity.auth.atb.com/login?state=hKFo2SBKaE5ZemdYVzZlakg2TDhMbjlJblNUT0pZSzFXSWdUMqFupWxvZ2luo3RpZNkgOXVWTkVEZVlaS2g2R2c2VGw4NmMyV0NEbXpZV0FnN02jY2lk2SB6aEF4aU9GdjZjNWZDNG5pR0FIN3BMRkVncHRldjByQQ&client=zhAxiOFv6c5fC4niGAH7pLFEgptev0rA&protocol=oauth2&audience=https%3A%2F%2Fapi.atb.com%2F&redirect_uri=https%3A%2F%2Fpersonal.atb.com&realm=RetailPing&pmData=null&platformVersion=c2a69efd&session=15ccdfa465584fcb8cd31b7f0801dff4&scope=openid%20profile%20email&response_type=code&response_mode=query&nonce=Y1JjQTJYVFZVS1F0b0VnTUNSeGdwb2JILlBsbDFSN0lqSEZjTEZRWGN3RQ%3D%3D&code_challenge=s4tbWG4m9k90JqIydCDQlI96DfQ1BGehz6aupjSbBjY&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMTUuMCJ9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Feb 2023 16:41:11 GMT
Content-Encoding
gzip
Via
1.1 google, 1.1 dca1-bit11044
Content-Type
application/javascript; charset=UTF-8
X-Ion-Hop
1
Cache-Control
no-cache, no-store, must-revalidate
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Expires
0
/
personal.atb.com/
Redirect Chain
  • https://www.atbonline.com/ATB/Themes/558450/5744869DEF9B13858.css
  • https://personal.atb.com/
0
0
Stylesheet
General
Full URL
https://personal.atb.com/
Requested by
Host: identity.auth.atb.com
URL: https://identity.auth.atb.com/login?state=hKFo2SBKaE5ZemdYVzZlakg2TDhMbjlJblNUT0pZSzFXSWdUMqFupWxvZ2luo3RpZNkgOXVWTkVEZVlaS2g2R2c2VGw4NmMyV0NEbXpZV0FnN02jY2lk2SB6aEF4aU9GdjZjNWZDNG5pR0FIN3BMRkVncHRldjByQQ&client=zhAxiOFv6c5fC4niGAH7pLFEgptev0rA&protocol=oauth2&audience=https%3A%2F%2Fapi.atb.com%2F&redirect_uri=https%3A%2F%2Fpersonal.atb.com&realm=RetailPing&pmData=null&platformVersion=c2a69efd&session=15ccdfa465584fcb8cd31b7f0801dff4&scope=openid%20profile%20email&response_type=code&response_mode=query&nonce=Y1JjQTJYVFZVS1F0b0VnTUNSeGdwb2JILlBsbDFSN0lqSEZjTEZRWGN3RQ%3D%3D&code_challenge=s4tbWG4m9k90JqIydCDQlI96DfQ1BGehz6aupjSbBjY&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMTUuMCJ9
Protocol
H3
Server
34.107.145.12 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
12.145.107.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Redirect headers

Location
https://personal.atb.com
Server
BigIP
Connection
Keep-Alive
Content-Length
0
fonts.css
cloud.typography.com/6700732/6101192/css/
17 B
296 B
Stylesheet
General
Full URL
https://cloud.typography.com/6700732/6101192/css/fonts.css
Requested by
Host: identity.auth.atb.com
URL: https://identity.auth.atb.com/login?state=hKFo2SBKaE5ZemdYVzZlakg2TDhMbjlJblNUT0pZSzFXSWdUMqFupWxvZ2luo3RpZNkgOXVWTkVEZVlaS2g2R2c2VGw4NmMyV0NEbXpZV0FnN02jY2lk2SB6aEF4aU9GdjZjNWZDNG5pR0FIN3BMRkVncHRldjByQQ&client=zhAxiOFv6c5fC4niGAH7pLFEgptev0rA&protocol=oauth2&audience=https%3A%2F%2Fapi.atb.com%2F&redirect_uri=https%3A%2F%2Fpersonal.atb.com&realm=RetailPing&pmData=null&platformVersion=c2a69efd&session=15ccdfa465584fcb8cd31b7f0801dff4&scope=openid%20profile%20email&response_type=code&response_mode=query&nonce=Y1JjQTJYVFZVS1F0b0VnTUNSeGdwb2JILlBsbDFSN0lqSEZjTEZRWGN3RQ%3D%3D&code_challenge=s4tbWG4m9k90JqIydCDQlI96DfQ1BGehz6aupjSbBjY&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMTUuMCJ9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.77.231.184 Boston, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-77-231-184.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
f2e53e56c4c3f42d0f7654ddedfa5cb642a4c2a6389435c6e4ae65fbfafd9f12

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Unused62
8096267
Date
Thu, 23 Feb 2023 16:41:11 GMT
Server
AkamaiNetStorage
ETag
"f130fd70bd4cfa88cacd6d9b4c8c0f19:1645578808.921578"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=47
Connection
keep-alive
Content-Length
17
f26ba7188d.js
use.fontawesome.com/
9 KB
4 KB
Script
General
Full URL
https://use.fontawesome.com/f26ba7188d.js
Requested by
Host: identity.auth.atb.com
URL: https://identity.auth.atb.com/login?state=hKFo2SBKaE5ZemdYVzZlakg2TDhMbjlJblNUT0pZSzFXSWdUMqFupWxvZ2luo3RpZNkgOXVWTkVEZVlaS2g2R2c2VGw4NmMyV0NEbXpZV0FnN02jY2lk2SB6aEF4aU9GdjZjNWZDNG5pR0FIN3BMRkVncHRldjByQQ&client=zhAxiOFv6c5fC4niGAH7pLFEgptev0rA&protocol=oauth2&audience=https%3A%2F%2Fapi.atb.com%2F&redirect_uri=https%3A%2F%2Fpersonal.atb.com&realm=RetailPing&pmData=null&platformVersion=c2a69efd&session=15ccdfa465584fcb8cd31b7f0801dff4&scope=openid%20profile%20email&response_type=code&response_mode=query&nonce=Y1JjQTJYVFZVS1F0b0VnTUNSeGdwb2JILlBsbDFSN0lqSEZjTEZRWGN3RQ%3D%3D&code_challenge=s4tbWG4m9k90JqIydCDQlI96DfQ1BGehz6aupjSbBjY&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMTUuMCJ9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12e7f8ca7ea72a8b13e8fe72b191a9da937ccbedf604c43c14c5eea999414cb0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 16:41:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
BYERH8KZNNS09R10
age
3660
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
C8YEu3YD1XavN7ydXxM9klCXZFknZLeKIbVoT//IX9BnIX/A4XvzIrpIVd7gGGoeoYWP7+CH6kY=
last-modified
Thu, 01 Jul 2021 20:17:15 GMT
server
cloudflare
etag
W/"efefb6fa0b93a5a4d8a40cd312d55868"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hjkSLJd38YIC5MHd9w4si7%2BjYD85C5pOpI8K0f6qiByTdT5sY%2BFQqgOtwAHQXL00nxeq34TcmZt50lBcDJqF%2BWtix7IKetoP1MLOMED6w2oHMXhu1SAWtLHAL%2FyMdXgmCOkPhLiY47TtyG9iFAs25ZyV"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=1800
cf-ray
79e1685748faefe9-EWR
css
fonts.googleapis.com/
10 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
Requested by
Host: identity.auth.atb.com
URL: https://identity.auth.atb.com/login?state=hKFo2SBKaE5ZemdYVzZlakg2TDhMbjlJblNUT0pZSzFXSWdUMqFupWxvZ2luo3RpZNkgOXVWTkVEZVlaS2g2R2c2VGw4NmMyV0NEbXpZV0FnN02jY2lk2SB6aEF4aU9GdjZjNWZDNG5pR0FIN3BMRkVncHRldjByQQ&client=zhAxiOFv6c5fC4niGAH7pLFEgptev0rA&protocol=oauth2&audience=https%3A%2F%2Fapi.atb.com%2F&redirect_uri=https%3A%2F%2Fpersonal.atb.com&realm=RetailPing&pmData=null&platformVersion=c2a69efd&session=15ccdfa465584fcb8cd31b7f0801dff4&scope=openid%20profile%20email&response_type=code&response_mode=query&nonce=Y1JjQTJYVFZVS1F0b0VnTUNSeGdwb2JILlBsbDFSN0lqSEZjTEZRWGN3RQ%3D%3D&code_challenge=s4tbWG4m9k90JqIydCDQlI96DfQ1BGehz6aupjSbBjY&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMTUuMCJ9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6c4133ff5eff0f23ca2f6fdaceea1d4dd3a91e499a0b0aef688b0f31206b0328
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 23 Feb 2023 16:41:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 23 Feb 2023 15:28:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Feb 2023 16:41:11 GMT
f26ba7188d.css
use.fontawesome.com/
1 KB
768 B
Stylesheet
General
Full URL
https://use.fontawesome.com/f26ba7188d.css
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/f26ba7188d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
005e80bfd14ddccc33b7df27c931b1f0e1bd7314ccfbb979681a0cd014293d58

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 16:41:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
BYYV8A5788CFY3Z9
age
1693
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
neeugwEA7TgM3Szz19FVjvN0WLFd1dHkralSMLYz2ZDcpYcyALZZ5XoYBD9yHEvaY3O/Q89A1hA=
last-modified
Thu, 01 Jul 2021 20:17:15 GMT
server
cloudflare
etag
W/"bc125437cc478cc348a54b7c8fd22c7b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CALSIluGbbfuRasr4hOx8ZS%2Ft8O8LLzY0Li%2BkLVaBOgEkBSOoPib2FRFvbCar7k7jqhrmq9EvapftDiY4fDpTmwOwR1RZDBP%2B1ZtMat45ENaI0pSZZLA0U%2F1%2FQeehDt%2FxKABx7ctCZ3MW1J4pOUYFSsu"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1800
cf-ray
79e168595ba3efe9-EWR
gtm.js
www.googletagmanager.com/
123 KB
47 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KGVVNNM
Requested by
Host: identity.auth.atb.com
URL: https://identity.auth.atb.com/login?state=hKFo2SBKaE5ZemdYVzZlakg2TDhMbjlJblNUT0pZSzFXSWdUMqFupWxvZ2luo3RpZNkgOXVWTkVEZVlaS2g2R2c2VGw4NmMyV0NEbXpZV0FnN02jY2lk2SB6aEF4aU9GdjZjNWZDNG5pR0FIN3BMRkVncHRldjByQQ&client=zhAxiOFv6c5fC4niGAH7pLFEgptev0rA&protocol=oauth2&audience=https%3A%2F%2Fapi.atb.com%2F&redirect_uri=https%3A%2F%2Fpersonal.atb.com&realm=RetailPing&pmData=null&platformVersion=c2a69efd&session=15ccdfa465584fcb8cd31b7f0801dff4&scope=openid%20profile%20email&response_type=code&response_mode=query&nonce=Y1JjQTJYVFZVS1F0b0VnTUNSeGdwb2JILlBsbDFSN0lqSEZjTEZRWGN3RQ%3D%3D&code_challenge=s4tbWG4m9k90JqIydCDQlI96DfQ1BGehz6aupjSbBjY&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMTUuMCJ9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2008 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
823718c0c567dce1a5cc7ddab23d8218ef8eaab5cd7e0fd139e74e6b2c416457
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 16:41:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47641
x-xss-protection
0
last-modified
Thu, 23 Feb 2023 16:05:58 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 23 Feb 2023 16:41:11 GMT
css2
fonts.googleapis.com/
2 KB
678 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Inter&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0370a4223069208a01c9a4c3f1ba1da1954f4bbad2ab3ec4467d29f7ff77a7b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 23 Feb 2023 16:41:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 23 Feb 2023 15:11:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Feb 2023 16:41:12 GMT
atb-jewel-new.svg
verify.auth.atb.com/images/RebankWeb/
8 KB
8 KB
Image
General
Full URL
https://verify.auth.atb.com/images/RebankWeb/atb-jewel-new.svg
Requested by
Host: identity.auth.atb.com
URL: https://identity.auth.atb.com/login?state=hKFo2SBKaE5ZemdYVzZlakg2TDhMbjlJblNUT0pZSzFXSWdUMqFupWxvZ2luo3RpZNkgOXVWTkVEZVlaS2g2R2c2VGw4NmMyV0NEbXpZV0FnN02jY2lk2SB6aEF4aU9GdjZjNWZDNG5pR0FIN3BMRkVncHRldjByQQ&client=zhAxiOFv6c5fC4niGAH7pLFEgptev0rA&protocol=oauth2&audience=https%3A%2F%2Fapi.atb.com%2F&redirect_uri=https%3A%2F%2Fpersonal.atb.com&realm=RetailPing&pmData=null&platformVersion=c2a69efd&session=15ccdfa465584fcb8cd31b7f0801dff4&scope=openid%20profile%20email&response_type=code&response_mode=query&nonce=Y1JjQTJYVFZVS1F0b0VnTUNSeGdwb2JILlBsbDFSN0lqSEZjTEZRWGN3RQ%3D%3D&code_challenge=s4tbWG4m9k90JqIydCDQlI96DfQ1BGehz6aupjSbBjY&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMTUuMCJ9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.4.36 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
36.4.120.34.bc.googleusercontent.com
Software
nginx/1.17.7 /
Resource Hash
20b28a52ddc5d86f4e2fd74734e7d0c28cfaf5bbe42112268b902aeb95928abe

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 16:41:12 GMT
via
1.1 google
last-modified
Fri, 13 Jan 2023 17:41:51 GMT
server
nginx/1.17.7
etag
"63c197df-1e21"
content-type
image/svg+xml
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7713
login-page-sketch.svg
verify.auth.atb.com/images/RebankWeb/
200 KB
201 KB
Image
General
Full URL
https://verify.auth.atb.com/images/RebankWeb/login-page-sketch.svg
Requested by
Host: identity.auth.atb.com
URL: https://identity.auth.atb.com/login?state=hKFo2SBKaE5ZemdYVzZlakg2TDhMbjlJblNUT0pZSzFXSWdUMqFupWxvZ2luo3RpZNkgOXVWTkVEZVlaS2g2R2c2VGw4NmMyV0NEbXpZV0FnN02jY2lk2SB6aEF4aU9GdjZjNWZDNG5pR0FIN3BMRkVncHRldjByQQ&client=zhAxiOFv6c5fC4niGAH7pLFEgptev0rA&protocol=oauth2&audience=https%3A%2F%2Fapi.atb.com%2F&redirect_uri=https%3A%2F%2Fpersonal.atb.com&realm=RetailPing&pmData=null&platformVersion=c2a69efd&session=15ccdfa465584fcb8cd31b7f0801dff4&scope=openid%20profile%20email&response_type=code&response_mode=query&nonce=Y1JjQTJYVFZVS1F0b0VnTUNSeGdwb2JILlBsbDFSN0lqSEZjTEZRWGN3RQ%3D%3D&code_challenge=s4tbWG4m9k90JqIydCDQlI96DfQ1BGehz6aupjSbBjY&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMTUuMCJ9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.4.36 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
36.4.120.34.bc.googleusercontent.com
Software
nginx/1.17.7 /
Resource Hash
49b1f22cef3e4872343184e18aadba0a716668d5a6a39250347f1d509fe5c69b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://identity.auth.atb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 16:41:12 GMT
via
1.1 google
last-modified
Fri, 13 Jan 2023 17:41:51 GMT
server
nginx/1.17.7
etag
"63c197df-32095"
content-type
image/svg+xml
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
204949
font-awesome-css.min.css
use.fontawesome.com/releases/v4.7.0/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/f26ba7188d.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://use.fontawesome.com/f26ba7188d.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 16:41:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
E70EHGRXBAP538GB
age
2399662
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
pDZo6txnALtYX4/VAQdR8fcarFmPRr9NvSZgwB/4HDEjp/DEZL0zR2WlRycXeNlgBfZYs69cBSZDoy0TucsiiA==
last-modified
Wed, 30 Jun 2021 15:26:48 GMT
server
cloudflare
etag
W/"36082410df2ef7f83932219089dc1443"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CxJOxOepmTSmPb%2FQXxDFgr2fDlY91vwxVXE1NYMgS5DL2kZ4%2Fzkx8XzGN3XuUBGRXKrV7Lt9ArvJdDftaKlntt0EuvP2lJKpD2b2gPf3uql3cNV5veyni4dZJksc%2F71njtF8lLN685sKL00VVs04UJRx"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
79e1685aa95a8cee-EWR
UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuLyfAZ9hiA.woff2
fonts.gstatic.com/s/inter/v12/
16 KB
17 KB
Font
General
Full URL
https://fonts.gstatic.com/s/inter/v12/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuLyfAZ9hiA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0364d368abf457d4e70dbc7a7a360f3486eaea2837b194915b23d4398bee91ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://identity.auth.atb.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 17 Feb 2023 10:59:04 GMT
x-content-type-options
nosniff
age
538928
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16708
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 21:02:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 17 Feb 2024 10:59:04 GMT
fontawesome-webfont.woff2
use.fontawesome.com/releases/v4.7.0/fonts/
75 KB
76 KB
Font
General
Full URL
https://use.fontawesome.com/releases/v4.7.0/fonts/fontawesome-webfont.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/f26ba7188d.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://use.fontawesome.com/f26ba7188d.css
Origin
https://identity.auth.atb.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 16:41:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
DSWDKNDKEHMF9HQB
age
1261841
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
x-amz-id-2
PBhhUjVEhgbVx5PdonIBfzYFy5kWH9kBqkUm89t0mne7U3IJcpLl0b5M0HoQh3LbI0QTtwaExSo=
last-modified
Wed, 30 Jun 2021 15:26:48 GMT
server
cloudflare
etag
"af7ae505a9eed503f8b8e6982036873e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B4lrVwNee92KiSCB01USXERNlBzeC%2Fy%2Fwueaw4Ic9%2BYhudo3UK1nhCMGeh93gtRO029k8sfukVzlBNpU4TZd9L%2Fb2dxWTiGQXuFDx7UwJx3OUlL6pyCr%2Bcdw10MbgbQZCnQgkCAFSioTrdE70NqZAhOM"}],"group":"cf-nel","max_age":604800}
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
79e1685bc823c463-EWR
installations
firebaseinstallations.googleapis.com/v1/projects/pd-rebank-firebase/
625 B
679 B
Fetch
General
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/pd-rebank-firebase/installations
Requested by
Host: identity.auth.atb.com
URL: https://identity.auth.atb.com/ATB/Bundles/js/ATB_fqeu89sv8ba3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b6f674ac279c94d2217c8bf78bb84fbd0dea83372cb1624f433d6d38dc7f2124
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept
application/json
Referer
x-goog-api-key
AIzaSyDrj-ZVUQ4gNkzfszZ7V6eAq4UJS8ir9I0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
content-type
application/json

Response headers

date
Thu, 23 Feb 2023 16:41:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://identity.auth.atb.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
489
x-xss-protection
0
installations
firebaseinstallations.googleapis.com/v1/projects/pd-rebank-firebase/ Frame
0
0
Preflight
General
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/pd-rebank-firebase/installations
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key
Access-Control-Request-Method
POST
Origin
https://identity.auth.atb.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-goog-api-key
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://identity.auth.atb.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Thu, 23 Feb 2023 16:41:12 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
truncated
/
89 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
firebase:fetch
firebaseremoteconfig.googleapis.com/v1/projects/pd-rebank-firebase/namespaces/
5 KB
2 KB
Fetch
General
Full URL
https://firebaseremoteconfig.googleapis.com/v1/projects/pd-rebank-firebase/namespaces/firebase:fetch?key=AIzaSyDrj-ZVUQ4gNkzfszZ7V6eAq4UJS8ir9I0
Requested by
Host: identity.auth.atb.com
URL: https://identity.auth.atb.com/ATB/Bundles/js/ATB_fqeu89sv8ba3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f9c093de305696698c6cec53b4308cbe7e18618628c3b34c53843fd0970b29ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Content-Encoding
gzip
Referer
If-None-Match
*
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 23 Feb 2023 16:41:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
etag
etag-pd-rebank-firebase-firebase-fetch-1034153723
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://identity.auth.atb.com
access-control-expose-headers
etag,vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2305
x-xss-protection
0
firebase:fetch
firebaseremoteconfig.googleapis.com/v1/projects/pd-rebank-firebase/namespaces/ Frame
0
0
Preflight
General
Full URL
https://firebaseremoteconfig.googleapis.com/v1/projects/pd-rebank-firebase/namespaces/firebase:fetch?key=AIzaSyDrj-ZVUQ4gNkzfszZ7V6eAq4UJS8ir9I0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-encoding,content-type,if-none-match
Access-Control-Request-Method
POST
Origin
https://identity.auth.atb.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-headers
content-encoding,content-type,if-none-match
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://identity.auth.atb.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Thu, 23 Feb 2023 16:41:12 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
chd.stats.paypal.com
URL
https://chd.stats.paypal.com/v2/counter2.cgi?p=15ccdfa465584fcb8cd31b7f0801dff4&s=simility_rda
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/g/collect?v=2&tid=G-C84DLBZWXT&gtm=45je32f0&_p=579650639&cid=1945740205.1677170470&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1677170470&sct=1&seg=0&dl=https%3A%2F%2Fpersonal.atb.com%2F&dt=ATB%20Personal%20Banking&en=user_engagement&_et=1067

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| FontAwesomeCdnConfig string| cssUrl object| dataLayer function| Hashtable function| startsWith function| DomDataCollection function| IE_FingerPrint function| Mozilla_FingerPrint function| Opera_FingerPrint function| Timer function| randrange function| detectIE function| genRandomNumber function| getRandomPort function| BlackberryLocationCollector function| detectFields function| FingerPrint function| urlEncode function| encode_deviceprint function| decode_deviceprint function| post_deviceprint function| post_fingerprints function| add_deviceprint function| form_add_data function| form_add_deviceprint function| detectDeviceCollectionAPIMode function| init function| startCollection function| stopCollection function| getGeolocationStruct function| HTML5LocationCollector function| RSAUIEvent function| InteractionElement function| UIElementList function| activeXDetect function| stripIllegalChars function| stripFullPath function| convertTimestampToGMT function| getTimestampInMillis function| debug object| ProxyCollector string| SEP string| PAIR string| DEV string| HTML5 string| BLACKBERRY string| UNDEFINED string| GEO_LOCATION_DEFAULT_STRUCT object| geoLocator boolean| geoLocatorStatus object| TimestampCollector object| UIEventCollector object| BrowserDetect function| forceIE89Synchronicity object| plugin string| t string| __RSA_DEVICE__ string| __RSA_GEO__ function| webpackJsonp object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| google_tag_manager

13 Cookies

Domain/Path Name / Value
identity.auth.atb.com/usernamepassword/login Name: _csrf
Value: PLll13O3OzpVEqbhwdqEmYQZ
.atb.com/ Name: _ga
Value: GA1.1.1945740205.1677170470
identity.auth.atb.com/ Name: did
Value: s%3Av0%3Ae12d0ba0-b398-11ed-97d6-0ba4afcfc98e.OxY5Asp3YUWLBmYgyNek%2Fx53NQfVPoHkSQ29SIji2iI
identity.auth.atb.com/ Name: auth0
Value: s%3AAtYoPHhbRBMxBg4wDkV6LxN3H-aGYNAj.jXJ5iITxlgZyozy5pRvvcuVDaeLdAJhjn9Dgld2ciQU
identity.auth.atb.com/ Name: did_compat
Value: s%3Av0%3Ae12d0ba0-b398-11ed-97d6-0ba4afcfc98e.OxY5Asp3YUWLBmYgyNek%2Fx53NQfVPoHkSQ29SIji2iI
identity.auth.atb.com/ Name: auth0_compat
Value: s%3AAtYoPHhbRBMxBg4wDkV6LxN3H-aGYNAj.jXJ5iITxlgZyozy5pRvvcuVDaeLdAJhjn9Dgld2ciQU
.c.paypal.com/ Name: sc_f
Value: mOQNtjjBpJhMH80ebIhb1Xr3fLuDAnE2fnERc3q0Thppxx-YsADJP86SDIgrFD1dUELK7oKnZx6Uo9UudmVMzzi2la1lTojyxhUH_m
.paypal.com/ Name: KHcl0EuY7AKSMgfvHl7J5E7hPtK
Value: nWWym9rQ-sBri_1sftZVVWDFrwGGdF0Ecy0aNjfEr6foy2SsbN0xPtnm2y_VXyJWOScaDZxMdmcSjdnr
.paypal.com/ Name: l7_az
Value: dcg13.slc
.atb.com/ Name: _ga_C84DLBZWXT
Value: GS1.1.1677170470.1.0.1677170471.0.0.0
.atb.com/ Name: WQqMQak1
Value: A7xyJn-GAQAA6VMcd7Akrfmlw6bBER9qaTWSObR8kX8xmyhZFQ1U5OXaHn4lAZU4mbSucuFZwH8AAEB3AAAAAA|1|0|123fbc45038cc479bdcda189867407bf7ec59d48
.atb.com/ Name: mp_e2b510632040fe085eb8391e85fd8c30_mixpanel
Value: %7B%22distinct_id%22%3A%20%221867f266fdcfa-03cb237d72a0ad-6f385457-1d4c00-1867f266fdd91a%22%2C%22%24device_id%22%3A%20%221867f266fdcfa-03cb237d72a0ad-6f385457-1d4c00-1867f266fdd91a%22%2C%22%24initial_referrer%22%3A%20%22https%3A%2F%2Fpersonal.atb.com%2F%22%2C%22%24initial_referring_domain%22%3A%20%22personal.atb.com%22%7D
.atb.com/ Name: authOrigin
Value:

2 Console Messages

Source Level URL
Text
rendering warning URL: https://identity.auth.atb.com/ATB/Bundles/js/ATB_fqeu89sv8ba3.js
Message:
Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
rendering warning URL: https://identity.auth.atb.com/ATB/Bundles/js/ATB_fqeu89sv8ba3.js
Message:
Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; img-src 'self' https://*.atb.com https://*.qualtrics.com https://*.postescanada-canadapost.ca https://c.paypal.com https://*.stats.paypal.com data:; frame-src https://*.moneydesktop.com https://*.atb.com https://*.qualtrics.com https://*.atbonline.com https://c.paypal.com; script-src 'self' https://www.googletagmanager.com https://*.qualtrics.com https://*.postescanada-canadapost.ca https://c.paypal.com; style-src https://*.atb.com https://www.atbonline.com https://*.postescanada-canadapost.ca 'self' 'unsafe-inline' https://fonts.googleapis.com; connect-src 'self' https://api.avo.app https://*.mixpanel.com https://*.atb.com https://*.qualtrics.com https://*.google-analytics.com https://*.googleapis.com https://*.postescanada-canadapost.ca; font-src https://*.atb.com 'self' https://fonts.gstatic.com https://*.postescanada-canadapost.ca data:; object-src 'none'; frame-ancestors https://*.atbprosper.com https://*.finn.ai https://*.atbcloud.net https://*.atb.com
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.paypal.com
c6.paypal.com
chd.stats.paypal.com
cloud.typography.com
firebaseinstallations.googleapis.com
firebaseremoteconfig.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
identity.auth.atb.com
personal.atb.com
use.fontawesome.com
verify.auth.atb.com
ws1.postescanada-canadapost.ca
www.atb.com
www.atbonline.com
www.google-analytics.com
www.googletagmanager.com
chd.stats.paypal.com
www.google-analytics.com
104.77.231.184
107.162.183.6
142.241.241.10
151.101.1.35
2606:4700::6810:f677
2606:4700:e2::ac40:850f
2607:f8b0:4006:809::200a
2607:f8b0:4006:816::200a
2607:f8b0:4006:81c::2003
2607:f8b0:4006:81c::2008
2607:f8b0:4006:820::200e
2607:f8b0:4006:821::200a
34.107.145.12
34.120.4.36
35.241.48.88
005e80bfd14ddccc33b7df27c931b1f0e1bd7314ccfbb979681a0cd014293d58
0364d368abf457d4e70dbc7a7a360f3486eaea2837b194915b23d4398bee91ac
0370a4223069208a01c9a4c3f1ba1da1954f4bbad2ab3ec4467d29f7ff77a7b0
08d86b34d73b04ed344e79fd98e1e0986bb56cc93c9b9e6bb4ad0d816e1642a8
0b93f0dad200239dfc7239c498134c2ef3559eef74bda771465f65f905b65bcf
0df671c5249fa77d6202f7bb173a06ef7573959d5cd69396bc399019fc5dcf26
12e7f8ca7ea72a8b13e8fe72b191a9da937ccbedf604c43c14c5eea999414cb0
15433806537e760d7d1052f0edf32c663b79b38b82494ad2bb7b50fb3288c614
16b78d57fa707e95968841f5d34626458795bf6378ef550801cb6b834ec768a4
19b7b6b4a1f19296356055c7c9acece85d63d319de9e3223665e3b9020da409a
1f000d02d5b2297fdd2b898c0af1def7898b9bc9c1ba3a71db7717c8e681b3c7
20b28a52ddc5d86f4e2fd74734e7d0c28cfaf5bbe42112268b902aeb95928abe
29228b69f3edb83441246d50804235451b6d6d0616ec3d5e1566bd841f204621
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
40a7f0dc9ecd558b2da98bb67d3257184530e713474922fde3254cfdcd21751c
4544b79fc104238a747fb310c5594c5b38ea8104804af558455859e545dfc0f0
49b1f22cef3e4872343184e18aadba0a716668d5a6a39250347f1d509fe5c69b
50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23
547e3cfbdee8551197e28eb07766feaab2fe9f3e072046e5377a73e4c016ec6c
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
68aa6cd546c93e46277f45eaf364f6a078421fd1b7691d609df3a8f88b8593b5
6c4133ff5eff0f23ca2f6fdaceea1d4dd3a91e499a0b0aef688b0f31206b0328
7f91e443482a6f9c755c7c1fe7b96cd2cc7bbfce2a1e6710cfc2774a31f34be6
823718c0c567dce1a5cc7ddab23d8218ef8eaab5cd7e0fd139e74e6b2c416457
8c6aed849a1905bcbfd003ec51ad4339ac8e239dc48dff2c8f11168f5abcd36b
9049b6cd2a18d27e2794ef8258ff3ff785ec341b52dcd255d512977036951bc7
94b487bf7acaaff6f7fb2796f4b6516c40b41d4cb325559b049859daba612b34
987449e4b4b047f1d50a5d348541f0ad0f5b586dfaeed91af0ccca7d24dee6a7
a067768cb192524f3da30c3ac2b635e3657b043a11ec1141d6ae3f282407a277
b6f674ac279c94d2217c8bf78bb84fbd0dea83372cb1624f433d6d38dc7f2124
d8e7b7c357835146572720b252f15cfea0e17ff37e75d499ed656871bbc23d0c
d8f7044bbb960a0c00051ce0f1af4a2ac9b9e2cd7a95b5acf9838095efcb9405
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f2e53e56c4c3f42d0f7654ddedfa5cb642a4c2a6389435c6e4ae65fbfafd9f12
f9c093de305696698c6cec53b4308cbe7e18618628c3b34c53843fd0970b29ef
fa156299bcc1f13b5d85bb78ea6e3917530b22b8d40a307e7a983d9a27ebdcbc