urlscan.io logo urlscan.io
SecurityTrails logo

icbc.com Open in urlscan Pro
2606:4700::6812:1650  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://icbc.com/
Effective URL: https://icbc.com/
Submission: On May 13 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 4 countries across 12 domains to perform 85 HTTP transactions. The main IP is 2606:4700::6812:1650, located in United States and belongs to CLOUDFLARENET, US. The main domain is icbc.com. The Cisco Umbrella rank of the primary domain is 346666.
TLS certificate: Issued by E1 on April 24th 2024. Valid for: 3 months.
This is the only time icbc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

40    2606:4700::6812:1650 (United States)

ASN13335 (CLOUDFLARENET, US)
icbc.com
11    2600:9000:26db:e200:12:94b3:c380:93a1 (United States)

ASN16509 (AMAZON-02, US)
images.ctfassets.net
3    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a02:26f0:3500:16::215:1484 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
1    2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
1    108.138.40.243 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-40-243.muc50.r.cloudfront.net
sc-static.net
2    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
5    35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com
tr.snapchat.com
tr6.snapchat.com
1    157.240.253.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra5.fbcdn.net
connect.facebook.net
2    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
9    104.17.209.240 (None, )

ASN13335 (CLOUDFLARENET, US)
zn1smtssdoz1qleha-icbc.siteintercept.qualtrics.com
siteintercept.qualtrics.com
5    104.17.208.240 (None, )

ASN13335 (CLOUDFLARENET, US)
siteintercept.qualtrics.com
Apex Domain
Subdomains		 Transfer
40 icbc.com
icbc.com — Cisco Umbrella Rank: 346666
977 KB
14 qualtrics.com
zn1smtssdoz1qleha-icbc.siteintercept.qualtrics.com
siteintercept.qualtrics.com — Cisco Umbrella Rank: 908
104 KB
11 ctfassets.net
images.ctfassets.net — Cisco Umbrella Rank: 3686
337 KB
5 snapchat.com
tr.snapchat.com — Cisco Umbrella Rank: 901
tr6.snapchat.com — Cisco Umbrella Rank: 1398
1 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 183
75 KB
3 typekit.net
use.typekit.net — Cisco Umbrella Rank: 448
p.typekit.net — Cisco Umbrella Rank: 565
27 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
280 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 101
307 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 89
250 B
1 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3095
250 B
1 sc-static.net
sc-static.net — Cisco Umbrella Rank: 1134
19 KB
0 google.de Failed
www.google.de Failed
85 12
Domain Requested by
40 icbc.com icbc.com
13 siteintercept.qualtrics.com zn1smtssdoz1qleha-icbc.siteintercept.qualtrics.com
siteintercept.qualtrics.com
11 images.ctfassets.net icbc.com
4 tr.snapchat.com sc-static.net
icbc.com
3 connect.facebook.net icbc.com
connect.facebook.net
3 www.googletagmanager.com icbc.com
www.googletagmanager.com
2 www.facebook.com icbc.com
2 use.typekit.net icbc.com
use.typekit.net
1 tr6.snapchat.com sc-static.net
1 zn1smtssdoz1qleha-icbc.siteintercept.qualtrics.com icbc.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 sc-static.net www.googletagmanager.com
1 p.typekit.net use.typekit.net
0 www.google.de Failed icbc.com
85 15
Subject Issuer Validity Valid
icbc.com
E1		 2024-04-24 -
2024-07-23		 3 months crt.sh
images.ctfassets.net
Amazon RSA 2048 M02		 2023-12-19 -
2025-01-16		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
use.typekit.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-01 -
2025-03-03		 a year crt.sh
sc-static.net
Amazon RSA 2048 M03		 2023-12-21 -
2025-01-18		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-02-21 -
2024-05-21		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.snap.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-21 -
2025-02-20		 a year crt.sh
*.qualtrics.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-03-27 -
2025-02-19		 a year crt.sh

This page contains 2 frames:

Primary Page: https://icbc.com/
Frame ID: 9EC5D54B0C915DC8B58FCF1260A9BA67
Requests: 84 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=1eef60b2-b7f8-4298-980c-b4279a5d3072&u_scsid=bc19975e-274f-4f01-9e17-fd42a41b9bd7&u_sclid=fd071037-f780-4ca0-86d4-59de46cfab92
Frame ID: 71245166A9E2FE6379A950981C1A40F1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ICBC — Insurance Corporation of British Columbia

Page URL History Show full URLs

  1. http://icbc.com/ HTTP 307
    https://icbc.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+(?:https?:)?//(?:assets|downloads|images|videos)\.(?:ct?fassets\.net|contentful\.com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+use\.typekit\.(?:net|com)

Page Statistics

85
Requests

99 %
HTTPS

64 %
IPv6

12
Domains

15
Subdomains

15
IPs

4
Countries

1820 kB
Transfer

4467 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://icbc.com/ HTTP 307
    https://icbc.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

85 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
icbc.com/
Redirect Chain
  • http://icbc.com/
  • https://icbc.com/
172 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://icbc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1650 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Next.js
Resource Hash
e73da9a9f9e5aced66cf9abf9d6a1a11f42ad48965dd08f40eb0076bcdec3750
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

age
0
cache-control
private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8834bce02f06975c-FRA
content-encoding
gzip
content-security-policy
default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
content-type
text/html; charset=utf-8
date
Mon, 13 May 2024 18:33:36 GMT
link
<https://icbc.com/>; rel="alternate"; hreflang="en", <https://icbc.com/zh-Hans>; rel="alternate"; hreflang="zh-Hans", <https://icbc.com/pa>; rel="alternate"; hreflang="pa", <https://icbc.com/>; rel="alternate"; hreflang="x-default"
referrer-policy
origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-matched-path
/[locale]
x-powered-by
Next.js
x-vercel-cache
MISS
x-vercel-execution-region
pdx1
x-vercel-id
fra1::pdx1::6nrzb-1715625216050-1f709accff6f
x-xss-protection
1; mode=block

Redirect headers

Location
https://icbc.com/
Non-Authoritative-Reason
HttpsUpgrades
1e7ef287c9d49f76-s.p.woff2
icbc.com/_next/static/media/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://icbc.com/_next/static/media/1e7ef287c9d49f76-s.p.woff2
Requested by
Host: icbc.com
URL: https://icbc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1650 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ec682605bd482308224ccbf524ed9ccb4ec100d85b023db8c64e53eaaa35601
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Origin
https://icbc.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 18:33:36 GMT
content-security-policy
default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
DYNAMIC
age
11416
content-disposition
inline; filename="1e7ef287c9d49f76-s.p.woff2"
content-length
33465
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
x-vercel-id
fra1::qhppm-1715625216522-5b46be1b2ff3
server
cloudflare
x-matched-path
/_next/static/media/1e7ef287c9d49f76-s.p.woff2
etag
"badaf8b15d16ab97b783f175d52c4b26"
x-vercel-cache
HIT
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
8834bce32bc1975c-FRA
1f02118ecd1cb8ec-s.p.woff2
icbc.com/_next/static/media/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://icbc.com/_next/static/media/1f02118ecd1cb8ec-s.p.woff2
Requested by
Host: icbc.com
URL: https://icbc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1650 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd56d04acd3a3d46766bc068070e0f4989b831d2aab849d22f8cd2f7eadb8997
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Origin
https://icbc.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 18:33:36 GMT
content-security-policy
default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
DYNAMIC
age
11416
content-disposition
inline; filename="1f02118ecd1cb8ec-s.p.woff2"
content-length
37813
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
x-vercel-id
fra1::d4mcl-1715625216532-3ea26200334b
server
cloudflare
x-matched-path
/_next/static/media/1f02118ecd1cb8ec-s.p.woff2
etag
"6dbd738eb802cba12db09944df7e6f1f"
x-vercel-cache
HIT
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
8834bce32bc2975c-FRA
283994cfa651f03f-s.p.woff2
icbc.com/_next/static/media/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://icbc.com/_next/static/media/283994cfa651f03f-s.p.woff2
Requested by
Host: icbc.com
URL: https://icbc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1650 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
590bfe60f3d3c20ca94a25d3095df6fd84312aef23970cdf2406601aded61803
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Origin
https://icbc.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 18:33:36 GMT
content-security-policy
default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
DYNAMIC
age
11416
content-disposition
inline; filename="283994cfa651f03f-s.p.woff2"
content-length
14372
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
x-vercel-id
fra1::6rnd7-1715625216534-b99d472f98e3
server
cloudflare
x-matched-path
/_next/static/media/283994cfa651f03f-s.p.woff2
etag
"413206b4f3451a212a9f86ed81f09b43"
x-vercel-cache
HIT
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
8834bce32bc3975c-FRA
31f85985c25a79b4-s.p.woff2
icbc.com/_next/static/media/ 		40 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://icbc.com/_next/static/media/31f85985c25a79b4-s.p.woff2
Requested by
Host: icbc.com
URL: https://icbc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1650 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa7c7c187db8069f2d7e0bdeddad26189c3133701511112ad9802f9f27026cd2
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Origin
https://icbc.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 18:33:36 GMT
content-security-policy
default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
DYNAMIC
age
12191
content-disposition
inline; filename="31f85985c25a79b4-s.p.woff2"
content-length
40841
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
x-vercel-id
fra1::4dp58-1715625216533-ead2c16e3e32
server
cloudflare
x-matched-path
/_next/static/media/31f85985c25a79b4-s.p.woff2
etag
"766dc30bff92e3bd0255424b8a2b280d"
x-vercel-cache
HIT
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
8834bce32bc5975c-FRA
35cc13d17d5566ed-s.p.woff2
icbc.com/_next/static/media/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://icbc.com/_next/static/media/35cc13d17d5566ed-s.p.woff2
Requested by
Host: icbc.com
URL: https://icbc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1650 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1181a71db88bd63d71a3bb89d102545774584186f1b45ecfc5df2541d72e131
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Origin
https://icbc.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 18:33:36 GMT
content-security-policy
default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
DYNAMIC
age
9615
content-disposition
inline; filename="35cc13d17d5566ed-s.p.woff2"
content-length
36049
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
x-vercel-id
fra1::bsx2x-1715625216533-99fb1530a289
server
cloudflare
x-matched-path
/_next/static/media/35cc13d17d5566ed-s.p.woff2
etag
"f22f94ecebfb90a784bb70d5e3ec778b"
x-vercel-cache
HIT
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
8834bce32bc8975c-FRA
3e7f31236d01f7e0-s.p.woff2
icbc.com/_next/static/media/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://icbc.com/_next/static/media/3e7f31236d01f7e0-s.p.woff2
Requested by
Host: icbc.com
URL: https://icbc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1650 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75438c28800111b1bce9d5537cd7261537b0e3a2f5ec01a1fccffe1acf24c00
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Origin
https://icbc.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 18:33:36 GMT
content-security-policy
default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
DYNAMIC
age
11416
content-disposition
inline; filename="3e7f31236d01f7e0-s.p.woff2"
content-length
7352
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
x-vercel-id
fra1::6vxtz-1715625216534-2ec2b6122d0f
server
cloudflare
x-matched-path
/_next/static/media/3e7f31236d01f7e0-s.p.woff2
etag
"dd128bf35a93b25be846d141292fa609"
x-vercel-cache
HIT
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
8834bce32bcc975c-FRA
3ead03e05d7e317e-s.p.woff2
icbc.com/_next/static/media/ 		42 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://icbc.com/_next/static/media/3ead03e05d7e317e-s.p.woff2
Requested by
Host: icbc.com
URL: https://icbc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1650 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a219a0e7e4f8bef6a73b50795121a4454a656ea323e42d15fabf2e017b033652
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Origin
https://icbc.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 18:33:36 GMT
content-security-policy
default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
DYNAMIC
age
11416
content-disposition
inline; filename="3ead03e05d7e317e-s.p.woff2"
content-length
42745
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
x-vercel-id
fra1::csl7t-1715625216543-77cf2a0005c1
server
cloudflare
x-matched-path
/_next/static/media/3ead03e05d7e317e-s.p.woff2
etag
"cc5713cfb42ae749c469c2de012b7d3d"
x-vercel-cache
HIT
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
8834bce32bd0975c-FRA
47f64c09cab76d88-s.p.woff2
icbc.com/_next/static/media/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://icbc.com/_next/static/media/47f64c09cab76d88-s.p.woff2
Requested by
Host: icbc.com
URL: https://icbc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1650 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3394cfc35c1165584b374e3afecb3c29823c73eb17042ac60b0cfe0aa546a30
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Origin
https://icbc.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 18:33:36 GMT
content-security-policy
default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
DYNAMIC
age
11416
content-disposition
inline; filename="47f64c09cab76d88-s.p.woff2"
content-length
33621
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
x-vercel-id
fra1::zvmhr-1715625216549-ecafc702815b
server
cloudflare
x-matched-path
/_next/static/media/47f64c09cab76d88-s.p.woff2
etag
"78347c9e068df84748547277de5be21c"
x-vercel-cache
HIT
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
8834bce32bd2975c-FRA
4aa2cf96c6da58d6-s.p.woff2
icbc.com/_next/static/media/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://icbc.com/_next/static/media/4aa2cf96c6da58d6-s.p.woff2
Requested by
Host: icbc.com
URL: https://icbc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1650 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6046e308e739d62823757333e7fd4b324e97cbc0376a8ad5ef3f6512baee1b74
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Origin
https://icbc.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 18:33:36 GMT
content-security-policy
default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
DYNAMIC
age
11416
content-disposition
inline; filename="4aa2cf96c6da58d6-s.p.woff2"
content-length
35425
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
x-vercel-id
fra1::v8lkt-1715625216553-25408d0277ac
server
cloudflare
x-matched-path
/_next/static/media/4aa2cf96c6da58d6-s.p.woff2
etag
"7dcfb23223e1eca84eed7cf5b75be06b"
x-vercel-cache
HIT
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
8834bce34bf9975c-FRA
55725e51d6c73740-s.p.woff2
icbc.com/_next/static/media/ 		35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://icbc.com/_next/static/media/55725e51d6c73740-s.p.woff2
Requested by
Host: icbc.com
URL: https://icbc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1650 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fa7ff461f24ba9eed0c062c7d2276c2ff4cfcaba9019c50a090b2d90fc96aab
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Origin
https://icbc.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 18:33:36 GMT
content-security-policy
default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
DYNAMIC
age
11416
content-disposition
inline; filename="55725e51d6c73740-s.p.woff2"
content-length
35489
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
x-vercel-id
fra1::4csfz-1715625216578-dacf96a6ab13
server
cloudflare
x-matched-path
/_next/static/media/55725e51d6c73740-s.p.woff2
etag
"6f30bf8ecf257616954789f59c948e8b"
x-vercel-cache
HIT
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
8834bce34bfc975c-FRA
565c3ec04446fcc2-s.p.woff2
icbc.com/_next/static/media/ 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://icbc.com/_next/static/media/565c3ec04446fcc2-s.p.woff2
Requested by
Host: icbc.com
URL: https://icbc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1650 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73a62a88055d3a50685aefd8efa486769cbf8061fb4ae2ef33fc1b376de45331
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Origin
https://icbc.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 18:33:36 GMT
content-security-policy
default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
DYNAMIC
age
11416
content-disposition
inline; filename="565c3ec04446fcc2-s.p.woff2"
content-length
36861
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
x-vercel-id
fra1::8m6t4-1715625216563-0b9526d47cef
server
cloudflare
x-matched-path
/_next/static/media/565c3ec04446fcc2-s.p.woff2
etag
"65cbcf5c4eab984802ab1c177f3a14aa"
x-vercel-cache
HIT
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
8834bce34c00975c-FRA
57788fe4dfd3bcc5-s.p.woff2
icbc.com/_next/static/media/ 		31 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://icbc.com/_next/static/media/57788fe4dfd3bcc5-s.p.woff2
Requested by
Host: icbc.com
URL: https://icbc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1650 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dca4f60a6a5a847e7428b93faa8d0e6f3889db8f56893ff43691f55032edb067
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Origin
https://icbc.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 18:33:36 GMT
content-security-policy
default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
DYNAMIC
age
11416
content-disposition
inline; filename="57788fe4dfd3bcc5-s.p.woff2"
content-length
32037
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
x-vercel-id
fra1::6vxtz-1715625216550-69839b6411b8
server
cloudflare
x-matched-path
/_next/static/media/57788fe4dfd3bcc5-s.p.woff2
etag
"2a5b113613c671217d32c12a65859047"
x-vercel-cache
HIT
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
8834bce34c03975c-FRA
6aa16e9c90846751-s.p.woff2
icbc.com/_next/static/media/ 		36 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://icbc.com/_next/static/media/6aa16e9c90846751-s.p.woff2
Requested by
Host: icbc.com
URL: https://icbc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1650 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c176163d632c0d53b3ef7bb39be29225698dc5432b447236c0a3a344af2f1a1c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Origin
https://icbc.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 18:33:36 GMT
content-security-policy
default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
DYNAMIC
age
11416
content-disposition
inline; filename="6aa16e9c90846751-s.p.woff2"
content-length
36525
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
x-vercel-id
fra1::4csfz-1715625216565-3b91fc7a283c
server
cloudflare
x-matched-path
/_next/static/media/6aa16e9c90846751-s.p.woff2
etag
"309d9b712c063a0928f2251ae24201b4"
x-vercel-cache
HIT
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
8834bce34c06975c-FRA
902218041fae52a5-s.p.woff2
icbc.com/_next/static/media/ 		38 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://icbc.com/_next/static/media/902218041fae52a5-s.p.woff2
Requested by
Host: icbc.com
URL: https://icbc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1650 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa44fa4856bb6e9cc841f113c6d8d13e6f56b337b70d7485b64ee2d26e764706
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Origin
https://icbc.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 18:33:36 GMT
content-security-policy
default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
DYNAMIC
age
11416
content-disposition
inline; filename="902218041fae52a5-s.p.woff2"
content-length
39337
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
x-vercel-id
fra1::jx6dw-1715625216557-b878a565ca0f
server
cloudflare
x-matched-path
/_next/static/media/902218041fae52a5-s.p.woff2
etag
"8726cbb8853f5368bdb915fc95046e33"
x-vercel-cache
HIT
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
8834bce34c07975c-FRA
b21a3175e93aceac-s.p.woff2
icbc.com/_next/static/media/ 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://icbc.com/_next/static/media/b21a3175e93aceac-s.p.woff2
Requested by
Host: icbc.com
URL: https://icbc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1650 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f06039dad4831b50960fd0e3a7ad7b70678ecd565274488f20eb267963d399bc
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Origin
https://icbc.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 18:33:36 GMT
content-security-policy
default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
DYNAMIC
age
11416
content-disposition
inline; filename="b21a3175e93aceac-s.p.woff2"
content-length
38801
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
x-vercel-id
fra1::zvmhr-1715625216568-1a6591f6a9ab
server
cloudflare
x-matched-path
/_next/static/media/b21a3175e93aceac-s.p.woff2
etag
"197ef68aff47da34e0e5d0e39824d3a6"
x-vercel-cache
HIT
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
8834bce34c08975c-FRA
b262a489e0b9870f-s.p.woff2
icbc.com/_next/static/media/ 		41 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://icbc.com/_next/static/media/b262a489e0b9870f-s.p.woff2
Requested by
Host: icbc.com
URL: https://icbc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1650 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7700d5cbe9540a521d1f2d276e767026149ddd2ad2b38e016204778a15c39cc
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Origin
https://icbc.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 18:33:36 GMT
content-security-policy
default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
DYNAMIC
age
11416
content-disposition
inline; filename="b262a489e0b9870f-s.p.woff2"
content-length
42461
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
x-vercel-id
fra1::2thh5-1715625216570-5eff29493196
server
cloudflare
x-matched-path
/_next/static/media/b262a489e0b9870f-s.p.woff2
etag
"d5e28ca14262445b4072954e380608ee"
x-vercel-cache
HIT
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
8834bce34c0b975c-FRA
d14f9a17a1dc3357-s.p.woff2
icbc.com/_next/static/media/ 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://icbc.com/_next/static/media/d14f9a17a1dc3357-s.p.woff2
Requested by
Host: icbc.com
URL: https://icbc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1650 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80d515b59ca9d7c3a4562c45a331fc4ad0cae24967545218cb7c584356843b1d
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Origin
https://icbc.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 18:33:36 GMT
content-security-policy
default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
DYNAMIC
age
11057
content-disposition
inline; filename="d14f9a17a1dc3357-s.p.woff2"
content-length
36561
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
x-vercel-id
fra1::2fvh5-1715625216553-a7e1fb1f4885
server
cloudflare
x-matched-path
/_next/static/media/d14f9a17a1dc3357-s.p.woff2
etag
"7f83ffe4a439af878285b52cd1ac4a02"
x-vercel-cache
HIT
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
8834bce34c0e975c-FRA
d4788e3d56435b4d-s.p.woff2
icbc.com/_next/static/media/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://icbc.com/_next/static/media/d4788e3d56435b4d-s.p.woff2
Requested by
Host: icbc.com
URL: https://icbc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1650 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ae37b1eeac77036be39d5a8bd64a0bbe7dae76a1904980fcefd31a68fb256be
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Origin
https://icbc.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 18:33:36 GMT
content-security-policy
default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
DYNAMIC
age
11416
content-disposition
inline; filename="d4788e3d56435b4d-s.p.woff2"
content-length
36005
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
x-vercel-id
fra1::zzkr2-1715625216574-fdec755ce005
server
cloudflare
x-matched-path
/_next/static/media/d4788e3d56435b4d-s.p.woff2
etag
"362a6457b6814d6808716cac22f9edc1"
x-vercel-cache
HIT
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
8834bce34c10975c-FRA
edecec0774f0d47b-s.p.woff2
icbc.com/_next/static/media/ 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://icbc.com/_next/static/media/edecec0774f0d47b-s.p.woff2
Requested by
Host: icbc.com
URL: https://icbc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1650 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3a0d1533e51d405b8038338aa45ed272d8f7167747325854cd11683c87c07e1
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Origin
https://icbc.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 18:33:36 GMT
content-security-policy
default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
DYNAMIC
age
11416
content-disposition
inline; filename="edecec0774f0d47b-s.p.woff2"
content-length
39013
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
x-vercel-id
fra1::dx2qh-1715625216564-d8aaf2bd6e06
server
cloudflare
x-matched-path
/_next/static/media/edecec0774f0d47b-s.p.woff2
etag
"2b5cde3e98b7ff42db94ed82f783ada9"
x-vercel-cache
HIT
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
8834bce34c12975c-FRA
f91bec5599f17724-s.p.woff2
icbc.com/_next/static/media/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://icbc.com/_next/static/media/f91bec5599f17724-s.p.woff2
Requested by
Host: icbc.com
URL: https://icbc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1650 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97a76a7f6a7b7921e574bc2303b94fdfcf7f4519be7caf9a8b244e5ab1e63a19
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Origin
https://icbc.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 18:33:36 GMT
content-security-policy
default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
DYNAMIC
age
11416
content-disposition
inline; filename="f91bec5599f17724-s.p.woff2"
content-length
37789
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
x-vercel-id
fra1::2sb7r-1715625216574-4025f5da8a86
server
cloudflare
x-matched-path
/_next/static/media/f91bec5599f17724-s.p.woff2
etag
"edd331ffb5088e84351c186eb1c9ac09"
x-vercel-cache
HIT
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
8834bce34c15975c-FRA
card-dl_1_.svg
images.ctfassets.net/nnc41duedoho/4W6WcV41n0rGOytR2RAt7j/db098c2ef5cffe0317d3a15bc16a8fbd/ 		914 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/nnc41duedoho/4W6WcV41n0rGOytR2RAt7j/db098c2ef5cffe0317d3a15bc16a8fbd/card-dl_1_.svg
Requested by
Host: icbc.com
URL: https://icbc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:e200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
6ed6c0d10a1e3acfaadc42a1803145bed34bb4afb8d23b3097e43dc8d1e2ed87

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 02:47:38 GMT
via
1.1 a29f8f45a0707c5c9e054636ff51dce8.cloudfront.net (CloudFront)
last-modified
Thu, 01 Jun 2023 18:11:43 GMT
server
Contentful Images API
x-amz-cf-pop
MUC50-P3
age
56759
etag
"fdd367f105d5024c0f8b5592b5b496e2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
914
x-amz-cf-id
2m8I_HYA0KeUyH2lKX9B9spVTUwrPqzYTREUBJATADV8axF_MSxmKg==
card-vr.svg
images.ctfassets.net/nnc41duedoho/2qiSt57p5lTPhdfNKSxpKs/d07c81b851f698863526ec0fb489663c/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/nnc41duedoho/2qiSt57p5lTPhdfNKSxpKs/d07c81b851f698863526ec0fb489663c/card-vr.svg
Requested by
Host: icbc.com
URL: https://icbc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:e200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
ca77c473a35cf497d460d1703caf9f3f495360a95b2a0485a96aba7c8fa5a282

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 03:30:52 GMT
content-encoding
gzip
via
1.1 a29f8f45a0707c5c9e054636ff51dce8.cloudfront.net (CloudFront)
last-modified
Thu, 01 Jun 2023 18:11:45 GMT
server
Contentful Images API
x-amz-cf-pop
MUC50-P3
age
54165
etag
W/"15080b065fac83b50f09f0c710a588a4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
TjfLCqxyBulPcDZQlCMSlyPslLje5l-4HlF-khVkP4M60sBo24Wn7w==
card-ins.svg
images.ctfassets.net/nnc41duedoho/5icceLDI2SgZuZVhSNFmml/47930b6638ebbab7823e4783397340b8/ 		1 KB
966 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/nnc41duedoho/5icceLDI2SgZuZVhSNFmml/47930b6638ebbab7823e4783397340b8/card-ins.svg
Requested by
Host: icbc.com
URL: https://icbc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:e200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
d930532cc1526d1e49ed0752e23047abffc70dfcd530475e39d3b705a8daf2bb

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 02:14:59 GMT
content-encoding
gzip
via
1.1 a29f8f45a0707c5c9e054636ff51dce8.cloudfront.net (CloudFront)
last-modified
Thu, 01 Jun 2023 18:11:44 GMT
server
Contentful Images API
x-amz-cf-pop
MUC50-P3
age
58718
etag
W/"a16ff12b538f84604d21927f45d419fd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
bKmASHnglRFREbHX_pU_4QpFQyXNdzMOjztFAz_P-FyyZQs_jh-bpw==
card-clm.svg
images.ctfassets.net/nnc41duedoho/7yHHVbYTdHkX5YCsJaJ6nT/9f835fe970afb9748c8933ba3c9a0a10/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/nnc41duedoho/7yHHVbYTdHkX5YCsJaJ6nT/9f835fe970afb9748c8933ba3c9a0a10/card-clm.svg
Requested by
Host: icbc.com
URL: https://icbc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:e200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
9884094c543c5cdf02872121ac35bd20cbb3ed7fa976c633bdc22612b0285d8b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 02:14:59 GMT
content-encoding
gzip
via
1.1 a29f8f45a0707c5c9e054636ff51dce8.cloudfront.net (CloudFront)
last-modified
Thu, 01 Jun 2023 18:11:43 GMT
server
Contentful Images API
x-amz-cf-pop
MUC50-P3
age
58718
etag
W/"5812804b86bf22e97a5fa8acd9947a61"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
nA5Trirvw4gatUIH4Hp8nS_Vo19ISDrh0dh9q1oQdbyeeaXCB0OMFw==
3960d47b727c454d.css
icbc.com/_next/static/css/ 		58 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://icbc.com/_next/static/css/3960d47b727c454d.css
Requested by
Host: icbc.com
URL: https://icbc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1650 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa5ee7fc87fd90f5435b21faecd1f3d701e3d2583234ce7f9e9ee85a59d75448
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 18:33:36 GMT
content-security-policy
default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
DYNAMIC
age
11416
content-encoding
gzip
content-disposition
inline; filename="3960d47b727c454d.css"
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
x-vercel-id
fra1::2fvh5-1715625216530-d1301b981f09
server
cloudflare
x-matched-path
/_next/static/css/3960d47b727c454d.css
etag
W/"8e9796970140f71b5a4f2f57baebab9c"
x-vercel-cache
HIT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
8834bce32bbe975c-FRA
b36d2f988e8fef0f.css
icbc.com/_next/static/css/ 		815 B
757 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://icbc.com/_next/static/css/b36d2f988e8fef0f.css
Requested by
Host: icbc.com
URL: https://icbc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1650 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d13c643ced5ff098830096e4076364eada5583f535a8e40b31df4456ef62d2f8
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 18:33:36 GMT
content-security-policy
default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
DYNAMIC
age
11416
content-encoding
gzip
content-disposition
inline; filename="b36d2f988e8fef0f.css"
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
x-vercel-id
fra1::j7pm2-1715625216532-fc58ba1e402a
server
cloudflare
x-matched-path
/_next/static/css/b36d2f988e8fef0f.css
etag
W/"ebb300cbb578144bf6e1b7bda7b70f01"
x-vercel-cache
HIT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
8834bce32bc0975c-FRA
webpack-ad4f60409b2f6148.js
icbc.com/_next/static/chunks/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://icbc.com/_next/static/chunks/webpack-ad4f60409b2f6148.js
Requested by
Host: icbc.com
URL: https://icbc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1650 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb19499b62f8820f08c8754a6d3448f235256da35db81937c58c204fbb28ccb2
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 18:33:36 GMT
content-security-policy
default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
DYNAMIC
age
11416
content-encoding
gzip
content-disposition
inline; filename="webpack-ad4f60409b2f6148.js"
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
x-vercel-id
fra1::6cbfq-1715625216570-6f2b1f687520
server
cloudflare
x-matched-path
/_next/static/chunks/webpack-ad4f60409b2f6148.js
etag
W/"31db9c9934dd22fa24c39ecf20090316"
x-vercel-cache
HIT
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
8834bce34c18975c-FRA
781f17b4-281d5c45069c3768.js
icbc.com/_next/static/chunks/ 		168 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://icbc.com/_next/static/chunks/781f17b4-281d5c45069c3768.js
Requested by
Host: icbc.com
URL: https://icbc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1650 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16dcc203507c8177673666f52a2641f1662d41dac5c232ac6dbaa90816fca9fd
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 18:33:36 GMT
content-security-policy
default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
DYNAMIC
age
11416
content-encoding
gzip
content-disposition
inline; filename="781f17b4-281d5c45069c3768.js"
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
x-vercel-id
fra1::gvqsv-1715625216566-6a487798d5f6
server
cloudflare
x-matched-path
/_next/static/chunks/781f17b4-281d5c45069c3768.js
etag
W/"1b4824f4a8153eb370b46695b0a6975f"
x-vercel-cache
HIT
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
8834bce34c19975c-FRA
875-efefbf31cf854a89.js
icbc.com/_next/static/chunks/ 		110 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://icbc.com/_next/static/chunks/875-efefbf31cf854a89.js
Requested by
Host: icbc.com
URL: https://icbc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1650 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d062edd37fd4fe2135a3e4c1e8cf9cbda5ce0c1d7a868a152999f5fa6daa249
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 18:33:36 GMT
content-security-policy
default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
DYNAMIC
age
11416
content-encoding
gzip
content-disposition
inline; filename="875-efefbf31cf854a89.js"
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
x-vercel-id
fra1::k6nhs-1715625216573-5b427480a289
server
cloudflare
x-matched-path
/_next/static/chunks/875-efefbf31cf854a89.js
etag
W/"a3e7164a954d0a8e2fd0149ee4c11b09"
x-vercel-cache
HIT
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
8834bce34c1b975c-FRA
main-app-3aa0ac0619c8d962.js
icbc.com/_next/static/chunks/ 		462 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://icbc.com/_next/static/chunks/main-app-3aa0ac0619c8d962.js
Requested by
Host: icbc.com
URL: https://icbc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1650 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdc34bc59b84144c04d67a4a2fcd9381f7935ec65b20c93c2f27d23fa5b096de
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 18:33:36 GMT
content-security-policy
default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
DYNAMIC
age
11416
content-encoding
gzip
content-disposition
inline; filename="main-app-3aa0ac0619c8d962.js"
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
x-vercel-id
fra1::lqkv6-1715625216567-0538d59e608f
server
cloudflare
x-matched-path
/_next/static/chunks/main-app-3aa0ac0619c8d962.js
etag
W/"fe87bf30f02fed68396a8711970efc41"
x-vercel-cache
HIT
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
8834bce34c1c975c-FRA
247-707ab6ae0f23700c.js
icbc.com/_next/static/chunks/ 		70 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://icbc.com/_next/static/chunks/247-707ab6ae0f23700c.js
Requested by
Host: icbc.com
URL: https://icbc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1650 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8afc7141d633fbf7ded8bc98404edecf8d2deca9a76acf246881a45d3244f97d
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 18:33:36 GMT
content-security-policy
default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
DYNAMIC
age
11416
content-encoding
gzip
content-disposition
inline; filename="247-707ab6ae0f23700c.js"
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
x-vercel-id
fra1::j7pm2-1715625216564-e7bc5dcde32a
server
cloudflare
x-matched-path
/_next/static/chunks/247-707ab6ae0f23700c.js
etag
W/"d7a3cfa1fa1e9561198baacdedc7efe8"
x-vercel-cache
HIT
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
8834bce34c1f975c-FRA
548-a6fc784d96de335d.js
icbc.com/_next/static/chunks/ 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://icbc.com/_next/static/chunks/548-a6fc784d96de335d.js
Requested by
Host: icbc.com
URL: https://icbc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1650 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c8755ee5d44fbbad8e111632db780de370c2be2dce36a558d5aa060d534f5bf
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 18:33:36 GMT
content-security-policy
default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
DYNAMIC
age
11416
content-encoding
gzip
content-disposition
inline; filename="548-a6fc784d96de335d.js"
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
x-vercel-id
fra1::ttkg2-1715625216576-76cdfb8ed38f
server
cloudflare
x-matched-path
/_next/static/chunks/548-a6fc784d96de335d.js
etag
W/"757910333aea3bae8bdc995a3d39ebbe"
x-vercel-cache
HIT
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
8834bce34c21975c-FRA
layout-48f2666906bfff76.js
icbc.com/_next/static/chunks/app/(site)/%5Blocale%5D/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://icbc.com/_next/static/chunks/app/(site)/%5Blocale%5D/layout-48f2666906bfff76.js
Requested by
Host: icbc.com
URL: https://icbc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1650 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fa574b573159791bd49520a895fd96bc1e139d0f31cd3a155122b3f8d582a4e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 18:33:36 GMT
content-security-policy
default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
DYNAMIC
age
11416
content-encoding
gzip
content-disposition
inline; filename="layout-48f2666906bfff76.js"
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
x-vercel-id
fra1::j7pm2-1715625216554-6ed8051567c0
server
cloudflare
x-matched-path
/_next/static/chunks/app/(site)/%5Blocale%5D/layout-48f2666906bfff76.js
etag
W/"61bafeef39d36f7234677c5e70be8719"
x-vercel-cache
HIT
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
8834bce34c22975c-FRA
error-f0269210e2a9399a.js
icbc.com/_next/static/chunks/app/(site)/ 		1 KB
914 B 		Script
General
Check archive.org
Download Go to
Full URL
https://icbc.com/_next/static/chunks/app/(site)/error-f0269210e2a9399a.js
Requested by
Host: icbc.com
URL: https://icbc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1650 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb354b0b71a6855e7348208a2981cb2012f0351ca75184db48db620d603d65e7
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 18:33:36 GMT
content-security-policy
default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
DYNAMIC
age
11416
content-encoding
gzip
content-disposition
inline; filename="error-f0269210e2a9399a.js"
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
x-vercel-id
fra1::g96l5-1715625216577-1e2de0caaef0
server
cloudflare
x-matched-path
/_next/static/chunks/app/(site)/error-f0269210e2a9399a.js
etag
W/"806ad181ad43f3b1ea54c429a7a10c9f"
x-vercel-cache
HIT
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
8834bce34c23975c-FRA
151-bff137d4518f167b.js
icbc.com/_next/static/chunks/ 		211 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://icbc.com/_next/static/chunks/151-bff137d4518f167b.js
Requested by
Host: icbc.com
URL: https://icbc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1650 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ae990175769f33a8944eceeb9743f4ec5267be2fd439458f2db9d25f59550f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 18:33:36 GMT
content-security-policy
default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
DYNAMIC
age
11416
content-encoding
gzip
content-disposition
inline; filename="151-bff137d4518f167b.js"
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
x-vercel-id
fra1::csl7t-1715625216580-35a0f7f59f54
server
cloudflare
x-matched-path
/_next/static/chunks/151-bff137d4518f167b.js
etag
W/"564e0283a56bb7bff71776c28c3602c4"
x-vercel-cache
HIT
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
8834bce34c25975c-FRA
761-20222543cce07e7d.js
icbc.com/_next/static/chunks/ 		1 MB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://icbc.com/_next/static/chunks/761-20222543cce07e7d.js
Requested by
Host: icbc.com
URL: https://icbc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1650 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13ec3e2c6c14684cb12d52f1451404e6b1d8444cd8ba67cc0ba71de17de8b3fe
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 18:33:36 GMT
content-security-policy
default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
DYNAMIC
age
11416
content-encoding
gzip
content-disposition
inline; filename="761-20222543cce07e7d.js"
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
x-vercel-id
fra1::94dhj-1715625216566-fa9da5a92062
server
cloudflare
x-matched-path
/_next/static/chunks/761-20222543cce07e7d.js
etag
W/"e58202fbb66a8f00baddf2e089df4a4d"
x-vercel-cache
HIT
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
8834bce34c27975c-FRA
page-f98aa57f72614363.js
icbc.com/_next/static/chunks/app/(site)/%5Blocale%5D/%5B...slug%5D/ 		163 B
429 B 		Script
General
Check archive.org
Download Go to
Full URL
https://icbc.com/_next/static/chunks/app/(site)/%5Blocale%5D/%5B...slug%5D/page-f98aa57f72614363.js
Requested by
Host: icbc.com
URL: https://icbc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1650 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
324a9077e9d0f579f57b59d383ba36843d92a121ea61bbe7c74769af13bf13f4
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 18:33:36 GMT
content-security-policy
default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
DYNAMIC
age
12191
content-encoding
gzip
content-disposition
inline; filename="page-f98aa57f72614363.js"
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
x-vercel-id
fra1::8xhx9-1715625216578-fc292dbc5f79
server
cloudflare
x-matched-path
/_next/static/chunks/app/(site)/%5Blocale%5D/%5B...slug%5D/page-f98aa57f72614363.js
etag
W/"5eaca2a3af532a86c3f7f3e0fe2a567d"
x-vercel-cache
HIT
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
8834bce34c2a975c-FRA
gtm.js
www.googletagmanager.com/ 		303 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-594KZTL
Requested by
Host: icbc.com
URL: https://icbc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6ed2760917e5c67a0cd3efa8beae7f1de4bb458bbae99cd8798a48858b24e844
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 18:33:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100059
x-xss-protection
0
last-modified
Mon, 13 May 2024 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 13 May 2024 18:33:36 GMT
vqe3xdm.css
use.typekit.net/ 		3 KB
968 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/vqe3xdm.css
Requested by
Host: icbc.com
URL: https://icbc.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1484 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
fbe7f912a9cab6a32b5228e9085c7c00610cc171a7f89cef90a7c3ee84427f70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Mon, 13 May 2024 18:33:36 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
744
webpack-ad4f60409b2f6148.js
icbc.com/_next/static/chunks/ 		5 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://icbc.com/_next/static/chunks/webpack-ad4f60409b2f6148.js
Requested by
Host: icbc.com
URL: https://icbc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1650 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb19499b62f8820f08c8754a6d3448f235256da35db81937c58c204fbb28ccb2
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 18:33:36 GMT
content-security-policy
default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
age
11416
content-disposition
inline; filename="webpack-ad4f60409b2f6148.js"
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
x-vercel-id
fra1::6cbfq-1715625216570-6f2b1f687520
server
cloudflare
x-matched-path
/_next/static/chunks/webpack-ad4f60409b2f6148.js
etag
W/"31db9c9934dd22fa24c39ecf20090316"
x-vercel-cache
HIT
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
8834bce34c18975c-FRA
p.css
p.typekit.net/ 		5 B
173 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=vqe3xdm&ht=tk&f=9751.9752.9753.9754&a=151256356&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/vqe3xdm.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://use.typekit.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 18:33:36 GMT
last-modified
Fri, 23 Jun 2023 17:09:47 GMT
server
nginx
etag
"6495d1db-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
Headlights-single-width-389x565-rebate.png
images.ctfassets.net/nnc41duedoho/1zV4JUREt1t2hsBmC7vFge/0bcbbf1ee9e10f4f79947164ef4db064/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/nnc41duedoho/1zV4JUREt1t2hsBmC7vFge/0bcbbf1ee9e10f4f79947164ef4db064/Headlights-single-width-389x565-rebate.png
Requested by
Host: icbc.com
URL: https://icbc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:e200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
e6710925f633f07b29e326ecb41621f0f23aeb6120bc90c220e25164af4c5ac3

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 04:42:27 GMT
via
1.1 a29f8f45a0707c5c9e054636ff51dce8.cloudfront.net (CloudFront)
last-modified
Mon, 06 May 2024 16:40:16 GMT
server
Contentful Images API
x-amz-cf-pop
MUC50-P3
age
49870
etag
"6a36a3e467bfc53f41203cdf59f2e8c9"
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
11981
x-amz-cf-id
1-uLVM3BaFOa19BLZhlfaUH6jyh4uRqtH8svqNZB5pkYD2mje0dc8Q==
headlight-speed-campaign.png
images.ctfassets.net/nnc41duedoho/7elyAo4XIx8n1M1mZMdXsk/ed6aa4bf02429ace7fbe77e18d5b28e7/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/nnc41duedoho/7elyAo4XIx8n1M1mZMdXsk/ed6aa4bf02429ace7fbe77e18d5b28e7/headlight-speed-campaign.png
Requested by
Host: icbc.com
URL: https://icbc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:e200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
3e4b2ee1e8e7f1a3317572158145927de36c1e559eb8b722758f16cd2e66f7a7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 02:11:06 GMT
via
1.1 a29f8f45a0707c5c9e054636ff51dce8.cloudfront.net (CloudFront)
last-modified
Wed, 31 May 2023 18:52:53 GMT
server
Contentful Images API
x-amz-cf-pop
MUC50-P3
age
58951
etag
"a50ed3c1854a516d5f996509e5d7862e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
46839
x-amz-cf-id
RhrkkMuaxEMenPg2tYbEAEB2U8I8eTJQb1RsThk2bvWFFDIAvUtlaQ==
online-renewals-headlight.png
images.ctfassets.net/nnc41duedoho/4tgDnu3ZhVJVCmVUtS242M/d816d919d11d48c80f03e467d0882834/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/nnc41duedoho/4tgDnu3ZhVJVCmVUtS242M/d816d919d11d48c80f03e467d0882834/online-renewals-headlight.png
Requested by
Host: icbc.com
URL: https://icbc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:e200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
042756f370bab8fd1f3a0747a9df91d6e687d30363110e5514d31189fc54c0a4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 07:56:09 GMT
via
1.1 a29f8f45a0707c5c9e054636ff51dce8.cloudfront.net (CloudFront)
last-modified
Mon, 18 Dec 2023 23:47:06 GMT
server
Contentful Images API
x-amz-cf-pop
MUC50-P3
age
38248
etag
"c4fdf241c1dd8fa0f00e8965c5beeedb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
28901
x-amz-cf-id
MzI3HJZ6fX24vHPvK5-82CnrTWuA6mJeUwkOxY9c45S89pq8JbWXLA==
motorcycle-headlight.png
images.ctfassets.net/nnc41duedoho/6smGlW8kQlzQAyCQGFlmzy/e35570cea00a7bf3c087d7d736be4bdb/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/nnc41duedoho/6smGlW8kQlzQAyCQGFlmzy/e35570cea00a7bf3c087d7d736be4bdb/motorcycle-headlight.png
Requested by
Host: icbc.com
URL: https://icbc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:e200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
7df9b718ba46abfa55c7d4c4b5740d8cf51b1610759a7c927f8af57f01ca4569

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 02:44:45 GMT
via
1.1 a29f8f45a0707c5c9e054636ff51dce8.cloudfront.net (CloudFront)
last-modified
Tue, 30 Apr 2024 21:51:51 GMT
server
Contentful Images API
x-amz-cf-pop
MUC50-P3
age
56932
etag
"aba91a8cdba2a174614f26cd6c17979a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
24613
x-amz-cf-id
DgvkIq7ACE4DAmB0Musez1iEibbKh6D3r3YANAMzBQFbBNoxzVhxKg==
locatorbg-min.png
images.ctfassets.net/nnc41duedoho/gs8JUmDuEi2y6gJyoMFP2/3128c81ed9801dfe9b749e75bc1ce81d/ 		120 KB
120 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/nnc41duedoho/gs8JUmDuEi2y6gJyoMFP2/3128c81ed9801dfe9b749e75bc1ce81d/locatorbg-min.png
Requested by
Host: icbc.com
URL: https://icbc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:e200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
cfdbd2a216c56339816d130598dcc64cd259d14a4be90626ac66d16843dc3b6b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 03:54:54 GMT
via
1.1 a29f8f45a0707c5c9e054636ff51dce8.cloudfront.net (CloudFront)
last-modified
Wed, 01 Nov 2023 20:46:26 GMT
server
Contentful Images API
x-amz-cf-pop
MUC50-P3
age
52723
etag
"d1a8e30af5c9950c484f7c8dee6b60ec"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
122663
x-amz-cf-id
vMkHERTvdDOV8ci7Am9PGNoSjdnhCEdlIO8i2uzxRtNDIwNYPzs33g==
l
use.typekit.net/af/2a6bd8/00000000000000007735fdda/30/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/2a6bd8/00000000000000007735fdda/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/vqe3xdm.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1484 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
b69be10a47896150abc611abd03942a770c4a0a8f0e7614dd06ced1012de1906

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://use.typekit.net/vqe3xdm.css
Origin
https://icbc.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 18:33:36 GMT
server
nginx
etag
"3e1f29e084ac6bb5b89ddbbd6afa6af73434b974"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
26168
icbc-logo-blue.svg
images.ctfassets.net/nnc41duedoho/1x4d9a8J6jc0QyadIBoiTY/0aa77c3f2b4738dd9d740e6957ca70ea/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/nnc41duedoho/1x4d9a8J6jc0QyadIBoiTY/0aa77c3f2b4738dd9d740e6957ca70ea/icbc-logo-blue.svg?w=64&q=75
Requested by
Host: icbc.com
URL: https://icbc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:e200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
2a670842261a3539487f036f68c4f5b259ce572aa22c57eddb9f5db5686badd2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 05:26:53 GMT
content-encoding
gzip
via
1.1 a29f8f45a0707c5c9e054636ff51dce8.cloudfront.net (CloudFront)
last-modified
Tue, 26 Mar 2024 05:28:40 GMT
server
Contentful Images API
x-amz-cf-pop
MUC50-P3
age
47203
etag
W/"0a6185def7eeff7db39a4108e3996ec3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
707
x-amz-cf-id
iC99u5OufunifiRdLia-QDJE2S6-fK0DfsAgwItqbhvNQDUbc99e5Q==
nav-search.svg
icbc.com/icons/ 		519 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://icbc.com/icons/nav-search.svg
Requested by
Host: icbc.com
URL: https://icbc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1650 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b1af4a6916bf56174213b49d78ade9d18678945a1e4184875074bbe38829d8e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 18:33:36 GMT
content-security-policy
default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
DYNAMIC
age
12190
content-encoding
gzip
content-disposition
inline; filename="nav-search.svg"
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
x-vercel-id
fra1::77kxk-1715625216867-c34e33fc1ce7
server
cloudflare
x-matched-path
/icons/nav-search.svg
etag
W/"19af0975559e158fc096c990db3f583a"
x-vercel-cache
HIT
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
8834bce55ef0975c-FRA
ICBC-hero-970x970-BTN-savingtime.jpg
images.ctfassets.net/nnc41duedoho/50WPqKExvqJ6o5uv23WQIg/8a7d426fa91744a7f05b21366832d9eb/ 		99 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/nnc41duedoho/50WPqKExvqJ6o5uv23WQIg/8a7d426fa91744a7f05b21366832d9eb/ICBC-hero-970x970-BTN-savingtime.jpg?q=75
Requested by
Host: icbc.com
URL: https://icbc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:e200:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
c668bfdfc27d10a51009a5afce85d22136a7b97363e2721fc1cbe735135d9504

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 15:25:45 GMT
via
1.1 a29f8f45a0707c5c9e054636ff51dce8.cloudfront.net (CloudFront)
last-modified
Thu, 25 Apr 2024 18:17:59 GMT
server
Contentful Images API
x-amz-cf-pop
MUC50-P3
age
11271
etag
"069560b5b0672e04b81e0facbb4fec86"
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
101506
x-amz-cf-id
-a98kBp86HfxCSaNbQfQuwEEPj11aIJCKyRU9KECbKj0iJKDBPjaZw==
arrow-right.svg
icbc.com/icons/ 		270 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://icbc.com/icons/arrow-right.svg
Requested by
Host: icbc.com
URL: https://icbc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1650 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
402dbbaa73c4e85e4315cae01b2097feb15d45dcd5da0ace1282ee81a3a16fc9
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 18:33:36 GMT
content-security-policy
default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
DYNAMIC
age
12162
content-encoding
gzip
content-disposition
inline; filename="arrow-right.svg"
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
x-vercel-id
fra1::nxw42-1715625216867-4c9658c04f6e
server
cloudflare
x-matched-path
/icons/arrow-right.svg
etag
W/"28c2160eff570d28a065d97f19aaf3f7"
x-vercel-cache
HIT
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
8834bce55ef1975c-FRA
blue-circle-arrow-29px.svg
icbc.com/icons/ 		415 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://icbc.com/icons/blue-circle-arrow-29px.svg
Requested by
Host: icbc.com
URL: https://icbc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1650 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
932fc150fc9e41ab3b06d8be16fe8fab24c95640343ba9640420c2dcbe84f2d4
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 18:33:36 GMT
content-security-policy
default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
DYNAMIC
age
10349
content-encoding
gzip
content-disposition
inline; filename="blue-circle-arrow-29px.svg"
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
x-vercel-id
fra1::z8mmn-1715625216867-643da4d1b442
server
cloudflare
x-matched-path
/icons/blue-circle-arrow-29px.svg
etag
W/"67185dac4d24fd81af0b985a26ddb544"
x-vercel-cache
HIT
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
8834bce55ef3975c-FRA
js
www.googletagmanager.com/gtag/ 		295 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-7WC0SG7DZD&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-594KZTL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a0367f9a90ca0dee100260c2b3492a17c56ea8cbc60e2e5024f4cc69f1b668d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 18:33:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
101938
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 13 May 2024 18:33:36 GMT
destination
www.googletagmanager.com/gtag/ 		228 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-975064604&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-594KZTL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
50afd7339018fd9308d527fa6fdb3dd3bf13e7f4ace450ac23d17a4d849c75b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 18:33:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
83668
x-xss-protection
0
last-modified
Mon, 13 May 2024 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 13 May 2024 18:33:36 GMT
scevent.min.js
sc-static.net/ 		44 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-594KZTL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.40.243 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-40-243.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
5ef6d7000762e103c3a5d0451a96a8175675226cb598799db8a74738e704ad21

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 18:33:37 GMT
content-encoding
gzip
via
1.1 068dc56746723ff514ed3604e029e74e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
MUC50-P2
x-cache
Miss from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, s-maxage=0, max-age=600
access-control-allow-headers
Content-Type
content-length
19189
x-amz-cf-id
ATb8PKbSAoZ4GWLybpbkY2P5QP4UHH5l9xmXWrAXhuZm_R05eTyPXA==
fbevents.js
connect.facebook.net/en_US/ 		218 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: icbc.com
URL: https://icbc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 13 May 2024 18:33:37 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57845
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=25, rtx=0, c=14, mss=1294, tbw=2785, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma
public
x-fb-debug
Cuu8b/9K99fPs0Ce3N4lscX9SmrVsT9+N4nxhoI8upjigt4TFT9QK7BQLPIkcZO/nVopcO/tvOz7YJL6CJJwcA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
x-fb-optimizer
0
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
icbc.com/ 		131 B
596 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://icbc.com/?_rsc=1bz6h
Requested by
Host: icbc.com
URL: https://icbc.com/_next/static/chunks/875-efefbf31cf854a89.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1650 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Next.js
Resource Hash
438e9f784a259d24ff5ee6e3d4f54d7c4a9a3fdcc30e5f799d0a59fb52613734
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Next-Router-State-Tree
%5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%5B%22locale%22%2C%22en%22%2C%22d%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D%7D%5D
Next-Router-Prefetch
1
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Next-Url
/en
Referer
https://icbc.com/
RSC
1
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 18:33:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
cf-cache-status
DYNAMIC
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
0
x-powered-by
Next.js
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
x-vercel-id
fra1::pdx1::wqqfr-1715625216928-b7b23fc254ce
server
cloudflare
x-matched-path
/[locale].rsc
x-vercel-cache
MISS
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url
x-frame-options
SAMEORIGIN
content-type
text/x-component
x-vercel-execution-region
pdx1
cache-control
private, no-cache, no-store, max-age=0, must-revalidate
cf-ray
8834bce5bf5c975c-FRA
link
<https://icbc.com/>; rel="alternate"; hreflang="en", <https://icbc.com/zh-Hans>; rel="alternate"; hreflang="zh-Hans", <https://icbc.com/pa>; rel="alternate"; hreflang="pa", <https://icbc.com/>; rel="alternate"; hreflang="x-default"
collect
region1.analytics.google.com/g/ 		0
250 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-7WC0SG7DZD&gtm=45je4580v883979682z89122642718za200&_p=1715625216876&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1256787702.1715625217&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1715625217&sct=1&seg=0&dl=https%3A%2F%2Ficbc.com%2F&dt=ICBC%20%E2%80%94%20Insurance%20Corporation%20of%20British%20Columbia&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1080
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7WC0SG7DZD&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 13 May 2024 18:33:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://icbc.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
250 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-7WC0SG7DZD&cid=1256787702.1715625217&gtm=45je4580v883979682z89122642718za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7WC0SG7DZD&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 13 May 2024 18:33:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://icbc.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		0
0
1eef60b2-b7f8-4298-980c-b4279a5d3072.js
tr.snapchat.com/config/com/ 		175 B
449 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/config/com/1eef60b2-b7f8-4298-980c-b4279a5d3072.js?v=3.16.3-2405090301
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
c75770844abf01f6b0786b4c1ff673280aec1020264b1ffa6c3659e3b73bcf20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Origin
https://icbc.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 18:33:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google
server
API Gateway
content-type
application/javascript
access-control-allow-origin
https://icbc.com
x-envoy-upstream-service-time
96
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
175
i
tr.snapchat.com/cm/ Frame 7124 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/i?pid=1eef60b2-b7f8-4298-980c-b4279a5d3072&u_scsid=bc19975e-274f-4f01-9e17-fd42a41b9bd7&u_sclid=fd071037-f780-4ca0-86d4-59de46cfab92
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://icbc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Mon, 13 May 2024 18:33:37 GMT
server
API Gateway
strict-transport-security
max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via
1.1 google
x-envoy-upstream-service-time
2
p
tr.snapchat.com/ 		68 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.snapchat.com/p?pid=1eef60b2-b7f8-4298-980c-b4279a5d3072&ev=PAGE_VIEW&intg=gtm&pids=1eef60b2-b7f8-4298-980c-b4279a5d3072&u_c1=448bb2a0-6678-4c1d-88b5-affc8cdfec07&u_sclid=fd071037-f780-4ca0-86d4-59de46cfab92&u_scsid=bc19975e-274f-4f01-9e17-fd42a41b9bd7&bt=1d53c387&d_a=x86&d_bvs=%5B%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22124.0.6367.201%22%7D%2C%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22124.0.6367.201%22%7D%2C%7B%22brand%22%3A%22Not-A.Brand%22%2C%22version%22%3A%2299.0.0.0%22%7D%5D&d_os=10.0.0&d_ot=Win32&df=true&huah=true&m_dcl=894&m_fcps=905&m_pi=894&m_pl=0&m_pv=2&m_rd=1105&m_sh=1200&m_sl=0&m_sw=1600&pl=https%3A%2F%2Ficbc.com%2F&trackId=8b5ee7ad-d3cf-4994-881b-0791c47ad24f&ts=1715625217066&v=3.16.3-2405090301
Requested by
Host: icbc.com
URL: https://icbc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 18:33:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google
server
API Gateway
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, no-transform
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
689585411898611
connect.facebook.net/signals/config/ 		64 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/689585411898611?v=2.9.156&r=stable&domain=icbc.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1f8d63a58f6d4cc3c0efa1adbf8a10b3d95f7cd333dcf01753c70b06bd79676c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 13 May 2024 18:33:37 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
13510
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=21, rtx=0, c=59, mss=1294, tbw=63324, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma
public
x-fb-debug
Pvn2uZUO4TF2wKfif3I0Tw9rbh+nkY6Fsxy0XboKpCyZi4Q1MukL1fAfZjUHNla0iVsmlw0gbsfELlXNQSHHnw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
3320113474730438
connect.facebook.net/signals/config/ 		20 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/3320113474730438?v=2.9.156&r=stable&domain=icbc.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105%2C184%2C183%2C185%2C190%2C191%2C192%2C188%2C180%2C122%2C124%2C150%2C179%2C181%2C113%2C144%2C135%2C139%2C119%2C174%2C216%2C106%2C117%2C217%2C152%2C110%2C133%2C126%2C114
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
f42236b924b38c1ebf7f4d1dd4dee7dfaed4ae3f7333e035a382c539b7a38700
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 13 May 2024 18:33:37 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=23, rtx=0, c=23, mss=1232, tbw=4331, tp=9, tpl=0, uplat=65, ullat=0
pragma
public
x-fb-debug
uMwOKRoUoQvuSRw/DRnSzQFcfX4zinFgKWKG4D9EqDAFRbOSiDDZYpWFuePvrH/y7HlrP3DsfIFfgUauw58Myw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
32 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=689585411898611&ev=PageView&dl=https%3A%2F%2Ficbc.com%2F&rl=&if=false&ts=1715625217197&sw=1600&sh=1200&v=2.9.156&r=stable&ec=0&o=4126&fbp=fb.1.1715625217196.485368900&cs_est=true&ler=empty&cdl=API_unavailable&it=1715625217077&coo=false&rqm=GET
Requested by
Host: icbc.com
URL: https://icbc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=17, rtx=0, c=10, mss=1294, tbw=2791, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 13 May 2024 18:33:37 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=3320113474730438&ev=PageView&dl=https%3A%2F%2Ficbc.com%2F&rl=&if=false&ts=1715625217198&sw=1600&sh=1200&v=2.9.156&r=stable&ec=0&o=4126&fbp=fb.1.1715625217196.485368900&ler=empty&cdl=API_unavailable&it=1715625217077&coo=false&rqm=GET
Requested by
Host: icbc.com
URL: https://icbc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=17, rtx=0, c=10, mss=1294, tbw=2791, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 13 May 2024 18:33:37 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
zn1smtssdoz1qleha-icbc.siteintercept.qualtrics.com/SIE/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zn1smtssdoz1qleha-icbc.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_1SmTssDOZ1QLEHA
Requested by
Host: icbc.com
URL: https://icbc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6015774dbe2a4cf42adaa11b70bc6d4b1f7ca48d85d65bec5b4103c830d7204a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 18:33:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
233877
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"2670-YX1D5YNC/JUKwyt5oqeB6UUKypA"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-ray
8834bce86a2e5d5f-FRA
favicon.ico
icbc.com/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://icbc.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1650 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2d4af62678a9fc259be8bddf1ca8a91a067568626045c28de6c363a5c727680
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 18:33:37 GMT
content-security-policy
default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
DYNAMIC
age
11056
content-encoding
gzip
content-disposition
inline; filename="favicon.ico"
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
x-vercel-id
fra1::lm2ff-1715625217288-8173a7f91fa3
server
cloudflare
x-matched-path
/favicon.ico
etag
W/"fce854f1d1361c605f63bf7cf7a424f0"
x-vercel-cache
HIT
x-frame-options
SAMEORIGIN
content-type
image/vnd.microsoft.icon
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
8834bce7eb19975c-FRA
p
tr6.snapchat.com/ 		0
48 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr6.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://icbc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 13 May 2024 18:33:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time
0
via
1.1 google
server
API Gateway
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
12.0be1301d54981f0d910b.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ 		74 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/12.0be1301d54981f0d910b.chunk.js?Q_CLIENTVERSION=2.6.0&Q_CLIENTTYPE=web&Q_BRANDID=icbc.com
Requested by
Host: zn1smtssdoz1qleha-icbc.siteintercept.qualtrics.com
URL: https://zn1smtssdoz1qleha-icbc.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_1SmTssDOZ1QLEHA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d33ab27a0d762dd77f0cddbf1c173910a2babad8e246960f296d1c142e10390a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 18:33:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
412809
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 07 May 2024 21:59:58 GMT
server
cloudflare
etag
W/"1267d-18f55120f30"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-ray
8834bce8daa55d5f-FRA
p
tr.snapchat.com/ 		0
85 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://icbc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 13 May 2024 18:33:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google
server
API Gateway
access-control-allow-origin
https://icbc.com
x-envoy-upstream-service-time
1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
Targeting.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		14 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_1SmTssDOZ1QLEHA&Q_CLIENTVERSION=2.6.0&Q_CLIENTTYPE=web
Requested by
Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.0be1301d54981f0d910b.chunk.js?Q_CLIENTVERSION=2.6.0&Q_CLIENTTYPE=web&Q_BRANDID=icbc.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e354aa840d7dda3982f8812a5c844d8791bee18d36c83dcac7a5c5e9dfd6315a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://icbc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 13 May 2024 18:33:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
content-type
application/json
access-control-allow-origin
https://icbc.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
permissions-policy
camera=(), geolocation=(), microphone=()
trace-id
fcd38af47044b3bc
timing-allow-origin
*
cf-ray
8834bce94b405d5f-FRA
CoreModule.js
siteintercept.qualtrics.com/dxjsmodule/ 		102 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=2.6.0&Q_CLIENTTYPE=web&Q_BRANDID=icbc
Requested by
Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.0be1301d54981f0d910b.chunk.js?Q_CLIENTVERSION=2.6.0&Q_CLIENTTYPE=web&Q_BRANDID=icbc.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6629ce1123fe7b367448af7d50d3dd4617249c41cecb7ff45f4b887b92a22bf0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 18:33:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
412808
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 07 May 2024 21:59:58 GMT
server
cloudflare
etag
W/"19719-18f55120f30"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-ray
8834bcea5c775d5f-FRA
7.ad7af24456cfea5f2e92.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/7.ad7af24456cfea5f2e92.chunk.js?Q_CLIENTVERSION=2.6.0&Q_CLIENTTYPE=web&Q_BRANDID=icbc
Requested by
Host: zn1smtssdoz1qleha-icbc.siteintercept.qualtrics.com
URL: https://zn1smtssdoz1qleha-icbc.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_1SmTssDOZ1QLEHA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd952120f2df7bd15ccf4114a02888d39640daa9296a2126d6db34ab0727b20b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 18:33:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
412807
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 07 May 2024 21:59:58 GMT
server
cloudflare
etag
W/"b52-18f55120f30"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-ray
8834bceadd195d5f-FRA
1.501605ce4477bfa69af3.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ 		29 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/1.501605ce4477bfa69af3.chunk.js?Q_CLIENTVERSION=2.6.0&Q_CLIENTTYPE=web&Q_BRANDID=icbc
Requested by
Host: zn1smtssdoz1qleha-icbc.siteintercept.qualtrics.com
URL: https://zn1smtssdoz1qleha-icbc.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_1SmTssDOZ1QLEHA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b99d6c3d7225971e351d349a3170361a9ea0a3319582e15faaca5d859e36588
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 18:33:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
412807
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 07 May 2024 21:59:58 GMT
server
cloudflare
etag
W/"73f8-18f55120f30"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-ray
8834bceadd1c5d5f-FRA
WebResponsiveDialogModule.js
siteintercept.qualtrics.com/dxjsmodule/ 		42 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/WebResponsiveDialogModule.js?Q_CLIENTVERSION=2.6.0&Q_CLIENTTYPE=web&Q_BRANDID=icbc
Requested by
Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.0be1301d54981f0d910b.chunk.js?Q_CLIENTVERSION=2.6.0&Q_CLIENTTYPE=web&Q_BRANDID=icbc.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aefe18be7468a75b8554114970710a06f4bd9657236e1ebf7769e71a943e2817
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 18:33:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
412779
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 07 May 2024 21:59:58 GMT
server
cloudflare
etag
W/"a99c-18f55120f30"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-ray
8834bceadd1d5d5f-FRA
FeedbackButtonModule.js
siteintercept.qualtrics.com/dxjsmodule/ 		64 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/FeedbackButtonModule.js?Q_CLIENTVERSION=2.6.0&Q_CLIENTTYPE=web&Q_BRANDID=icbc
Requested by
Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.0be1301d54981f0d910b.chunk.js?Q_CLIENTVERSION=2.6.0&Q_CLIENTTYPE=web&Q_BRANDID=icbc.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02690e890c863fdffae6d035ce65bd1212c55d72a95a9d65efcf07f30299264d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 18:33:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
412807
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 07 May 2024 21:59:58 GMT
server
cloudflare
etag
W/"10098-18f55120f30"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-ray
8834bceadd1e5d5f-FRA
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_8kUwRdBn4tm6dMO&Version=26&Q_ORIGIN=https://icbc.com&Q_CLIENTVERSION=2.6.0&Q_CLIENTTYPE=web&Q_BRANDTIER=lIjhYuMl2g&Q_ARCACHEVERSION=21
Requested by
Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.0be1301d54981f0d910b.chunk.js?Q_CLIENTVERSION=2.6.0&Q_CLIENTTYPE=web&Q_BRANDID=icbc.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea50c4802f0333883410e7a6115a5c22ab2e5395efb1404215a3bd126a6efbde
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

servershortname
date
Mon, 13 May 2024 18:33:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
589791
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 06 May 2024 22:43:46 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
false
permissions-policy
camera=(), geolocation=(), microphone=()
cf-ray
8834bceb19441e66-FRA
expires
Thu, 04 May 2034 22:43:46 GMT
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		1 KB
859 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_3lQ0fJFhK3h4V2C&Version=24&Q_InterceptID=SI_8kUwRdBn4tm6dMO&Q_ORIGIN=https://icbc.com&Q_CLIENTVERSION=2.6.0&Q_CLIENTTYPE=web&Q_BRANDTIER=lIjhYuMl2g&Q_ARCACHEVERSION=21
Requested by
Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.0be1301d54981f0d910b.chunk.js?Q_CLIENTVERSION=2.6.0&Q_CLIENTTYPE=web&Q_BRANDID=icbc.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bacc644ebf5d5733a53213104627199cd0475a9005e0070f3ebe7f4190569395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

servershortname
date
Mon, 13 May 2024 18:33:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
293783
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 10 May 2024 08:57:14 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
false
permissions-policy
camera=(), geolocation=(), microphone=()
cf-ray
8834bceb194b1e66-FRA
expires
Mon, 08 May 2034 08:57:14 GMT
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		934 B
634 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_3K1w6HrMl6Ysvhs&Version=16&Q_ORIGIN=https://icbc.com&Q_CLIENTVERSION=2.6.0&Q_CLIENTTYPE=web&Q_BRANDTIER=lIjhYuMl2g&Q_ARCACHEVERSION=21
Requested by
Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.0be1301d54981f0d910b.chunk.js?Q_CLIENTVERSION=2.6.0&Q_CLIENTTYPE=web&Q_BRANDID=icbc.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b077759b7877528e67c1e40e5a8b3042cc089bfddc2217d3a94d51fdb24bf7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

servershortname
date
Mon, 13 May 2024 18:33:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
104533
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 12 May 2024 13:31:24 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
false
permissions-policy
camera=(), geolocation=(), microphone=()
cf-ray
8834bceb194d1e66-FRA
expires
Wed, 10 May 2034 13:31:24 GMT
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		2 KB
667 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_5ptEWWGehSupPvM&Version=11&Q_InterceptID=SI_3K1w6HrMl6Ysvhs&Q_ORIGIN=https://icbc.com&Q_CLIENTVERSION=2.6.0&Q_CLIENTTYPE=web&Q_BRANDTIER=lIjhYuMl2g&Q_ARCACHEVERSION=21
Requested by
Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.0be1301d54981f0d910b.chunk.js?Q_CLIENTVERSION=2.6.0&Q_CLIENTTYPE=web&Q_BRANDID=icbc.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d019063d563e8b24b766a55f3b9916e3f3b439d709ead92b0e3aa642a56633fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

servershortname
date
Mon, 13 May 2024 18:33:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
604757
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 06 May 2024 18:34:20 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
false
permissions-policy
camera=(), geolocation=(), microphone=()
cf-ray
8834bceb19481e66-FRA
expires
Thu, 04 May 2034 18:34:20 GMT
/
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		45 B
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_Impress=1&Q_CID=CR_5ptEWWGehSupPvM&Q_SIID=SI_3K1w6HrMl6Ysvhs&Q_ASID=AS_90753899&Q_CLIENTVERSION=2.6.0&Q_CLIENTTYPE=web&r=1715625217849
Requested by
Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=2.6.0&Q_CLIENTTYPE=web&Q_BRANDID=icbc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://icbc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 13 May 2024 18:33:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
content-encoding
br
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://icbc.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
permissions-policy
camera=(), geolocation=(), microphone=()
trace-id
b5de78f4f90506eb
cf-ray
8834bceb9a0b1e66-FRA
wr-dialog-close-btn-black.png
siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/ 		245 B
529 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/wr-dialog-close-btn-black.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88a249614a097dfd513c1599b937d89c8e48bb981bb6a273165dabe58535e33b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://icbc.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

servershortname
date
Mon, 13 May 2024 18:33:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
1619940
cf-polished
origSize=757
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
content-length
245
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:85,h2pri
last-modified
Wed, 27 Mar 2024 20:32:01 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=315360000, public
permissions-policy
camera=(), geolocation=(), microphone=()
trace-id
db91eba123d4deff
accept-ranges
bytes
cf-ray
8834bceb9e305d5f-FRA
expires
Sun, 23 Apr 2034 00:34:37 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google.de
URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7WC0SG7DZD&cid=1256787702.1715625217&gtm=45je4580v883979682z89122642718za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=813080305

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| webpackChunk_N_E undefined| _N_E object| next object| __next_f object| dataLayer object| google_tag_manager object| google_tag_data function| snaptr function| fbq function| _fbq function| onYouTubeIframeAPIReady object| gaGlobal object| _scPxHelper object| _scPxTeller object| QSI object| WAFQualtricsWebpackJsonP-cloud-2.6.0 object| _qsie

9 Cookies

Domain/Path Name / Value
sc-static.net/scevent.min.js Name: X-AB
Value: c2d9fee9ffee40beb17fb874dab0d72a
icbc.com/ Name: NEXT_LOCALE
Value: en
.icbc.com/ Name: _ga
Value: GA1.1.1256787702.1715625217
.icbc.com/ Name: _scid
Value: 448bb2a0-6678-4c1d-88b5-affc8cdfec07
.icbc.com/ Name: _scid_r
Value: 448bb2a0-6678-4c1d-88b5-affc8cdfec07
.snapchat.com/ Name: sc_at
Value: v2|H4sIAAAAAAAAAAXBgQ0AMAQEwIkkqKcdhzamMHzv3jY+DSOOVLJgUNVKyuxr561yYEZC4AqVGP4oUBg3MgAAAA==
.icbc.com/ Name: _fbp
Value: fb.1.1715625217196.485368900
.icbc.com/ Name: _ga_7WC0SG7DZD
Value: GS1.1.1715625217.1.0.1715625217.60.0.0
icbc.com/ Name: QSI_HistorySession
Value: https%3A%2F%2Ficbc.com%2F~1715625217644

6 Console Messages

Source Level URL
Text
security error URL: https://icbc.com/
Message:
Refused to load the image 'https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7WC0SG7DZD&cid=1256787702.1715625217&gtm=45je4580v883979682z89122642718za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=813080305' because it violates the following Content Security Policy directive: "img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'".
other warning URL: https://icbc.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://connect.facebook.net/signals/config/689585411898611?v=2.9.156&r=stable&domain=icbc.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 107)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://icbc.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://icbc.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://icbc.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; img-src data: images.ctfassets.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com www.googletagmanager.com www.google.ca i.ytimg.com *.qualtrics.com www.facebook.com tr.snapchat.com data: 'self'; child-src www.googletagmanager.com 'self'; font-src use.typekit.net https://fonts.gstatic.com 'self'; form-action https://www.icbcsurveys.com 'self'; frame-src www.googletagmanager.com *.google.com bid.g.doubleclick.net td.doubleclick.net https://www.icbcsurveys.com *.snapchat.com open.spotify.com www.youtube.com e.issuu.com issuu.com 'self'; media-src 'self'; style-src *.typekit.net 'self' 'unsafe-inline' www.googletagmanager.com https://fonts.googleapis.com; script-src https://apps.icbc.com www.googletagmanager.com googleads.g.doubleclick.net www.googleadservices.com *.google.com www.googleoptimize.com https://*.gstatic.com https://*.googleapis.com www.google-analytics.com https://*.ggpht.com *.googleusercontent.com www.youtube.com form.simplesurvey.com *.qualtrics.com connect.facebook.net sc-static.net *.snapchat.com blob: 'self' 'unsafe-inline' 'unsafe-eval'; connect-src undefined https://apps.icbc.com https://*.googleapis.com https://www.google-analytics.com *.google.com https://*.gstatic.com google.ca *.google.ca *.googlesyndication.com https://stats.g.doubleclick.net *.qualtrics.com *.snapchat.com data: blob: 'self'; worker-src blob:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
icbc.com
images.ctfassets.net
p.typekit.net
region1.analytics.google.com
sc-static.net
siteintercept.qualtrics.com
stats.g.doubleclick.net
tr.snapchat.com
tr6.snapchat.com
use.typekit.net
www.facebook.com
www.google.de
www.googletagmanager.com
zn1smtssdoz1qleha-icbc.siteintercept.qualtrics.com
www.google.de
104.17.208.240
104.17.209.240
108.138.40.243
157.240.253.1
2001:4860:4802:32::36
2600:9000:26db:e200:12:94b3:c380:93a1
2606:4700::6812:1650
2a00:1450:4001:82f::2008
2a00:1450:400c:c00::9d
2a02:26f0:3500:16::215:1484
2a02:26f0:3500:16::215:1495
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
35.190.43.134
02690e890c863fdffae6d035ce65bd1212c55d72a95a9d65efcf07f30299264d
042756f370bab8fd1f3a0747a9df91d6e687d30363110e5514d31189fc54c0a4
0b077759b7877528e67c1e40e5a8b3042cc089bfddc2217d3a94d51fdb24bf7d
0ec682605bd482308224ccbf524ed9ccb4ec100d85b023db8c64e53eaaa35601
0fa574b573159791bd49520a895fd96bc1e139d0f31cd3a155122b3f8d582a4e
13ec3e2c6c14684cb12d52f1451404e6b1d8444cd8ba67cc0ba71de17de8b3fe
16dcc203507c8177673666f52a2641f1662d41dac5c232ac6dbaa90816fca9fd
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1f8d63a58f6d4cc3c0efa1adbf8a10b3d95f7cd333dcf01753c70b06bd79676c
2a670842261a3539487f036f68c4f5b259ce572aa22c57eddb9f5db5686badd2
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
324a9077e9d0f579f57b59d383ba36843d92a121ea61bbe7c74769af13bf13f4
3e4b2ee1e8e7f1a3317572158145927de36c1e559eb8b722758f16cd2e66f7a7
402dbbaa73c4e85e4315cae01b2097feb15d45dcd5da0ace1282ee81a3a16fc9
438e9f784a259d24ff5ee6e3d4f54d7c4a9a3fdcc30e5f799d0a59fb52613734
50afd7339018fd9308d527fa6fdb3dd3bf13e7f4ace450ac23d17a4d849c75b6
590bfe60f3d3c20ca94a25d3095df6fd84312aef23970cdf2406601aded61803
5ef6d7000762e103c3a5d0451a96a8175675226cb598799db8a74738e704ad21
6015774dbe2a4cf42adaa11b70bc6d4b1f7ca48d85d65bec5b4103c830d7204a
6046e308e739d62823757333e7fd4b324e97cbc0376a8ad5ef3f6512baee1b74
6629ce1123fe7b367448af7d50d3dd4617249c41cecb7ff45f4b887b92a22bf0
6ed2760917e5c67a0cd3efa8beae7f1de4bb458bbae99cd8798a48858b24e844
6ed6c0d10a1e3acfaadc42a1803145bed34bb4afb8d23b3097e43dc8d1e2ed87
73a62a88055d3a50685aefd8efa486769cbf8061fb4ae2ef33fc1b376de45331
7ae37b1eeac77036be39d5a8bd64a0bbe7dae76a1904980fcefd31a68fb256be
7df9b718ba46abfa55c7d4c4b5740d8cf51b1610759a7c927f8af57f01ca4569
7fa7ff461f24ba9eed0c062c7d2276c2ff4cfcaba9019c50a090b2d90fc96aab
80d515b59ca9d7c3a4562c45a331fc4ad0cae24967545218cb7c584356843b1d
88a249614a097dfd513c1599b937d89c8e48bb981bb6a273165dabe58535e33b
8afc7141d633fbf7ded8bc98404edecf8d2deca9a76acf246881a45d3244f97d
8b99d6c3d7225971e351d349a3170361a9ea0a3319582e15faaca5d859e36588
932fc150fc9e41ab3b06d8be16fe8fab24c95640343ba9640420c2dcbe84f2d4
97a76a7f6a7b7921e574bc2303b94fdfcf7f4519be7caf9a8b244e5ab1e63a19
9884094c543c5cdf02872121ac35bd20cbb3ed7fa976c633bdc22612b0285d8b
9b1af4a6916bf56174213b49d78ade9d18678945a1e4184875074bbe38829d8e
9c8755ee5d44fbbad8e111632db780de370c2be2dce36a558d5aa060d534f5bf
9d062edd37fd4fe2135a3e4c1e8cf9cbda5ce0c1d7a868a152999f5fa6daa249
a0367f9a90ca0dee100260c2b3492a17c56ea8cbc60e2e5024f4cc69f1b668d5
a219a0e7e4f8bef6a73b50795121a4454a656ea323e42d15fabf2e017b033652
a2d4af62678a9fc259be8bddf1ca8a91a067568626045c28de6c363a5c727680
aa7c7c187db8069f2d7e0bdeddad26189c3133701511112ad9802f9f27026cd2
aefe18be7468a75b8554114970710a06f4bd9657236e1ebf7769e71a943e2817
b1181a71db88bd63d71a3bb89d102545774584186f1b45ecfc5df2541d72e131
b3a0d1533e51d405b8038338aa45ed272d8f7167747325854cd11683c87c07e1
b69be10a47896150abc611abd03942a770c4a0a8f0e7614dd06ced1012de1906
bacc644ebf5d5733a53213104627199cd0475a9005e0070f3ebe7f4190569395
bdc34bc59b84144c04d67a4a2fcd9381f7935ec65b20c93c2f27d23fa5b096de
c176163d632c0d53b3ef7bb39be29225698dc5432b447236c0a3a344af2f1a1c
c668bfdfc27d10a51009a5afce85d22136a7b97363e2721fc1cbe735135d9504
c75770844abf01f6b0786b4c1ff673280aec1020264b1ffa6c3659e3b73bcf20
ca77c473a35cf497d460d1703caf9f3f495360a95b2a0485a96aba7c8fa5a282
cd952120f2df7bd15ccf4114a02888d39640daa9296a2126d6db34ab0727b20b
cfdbd2a216c56339816d130598dcc64cd259d14a4be90626ac66d16843dc3b6b
d019063d563e8b24b766a55f3b9916e3f3b439d709ead92b0e3aa642a56633fb
d13c643ced5ff098830096e4076364eada5583f535a8e40b31df4456ef62d2f8
d33ab27a0d762dd77f0cddbf1c173910a2babad8e246960f296d1c142e10390a
d930532cc1526d1e49ed0752e23047abffc70dfcd530475e39d3b705a8daf2bb
dca4f60a6a5a847e7428b93faa8d0e6f3889db8f56893ff43691f55032edb067
dd56d04acd3a3d46766bc068070e0f4989b831d2aab849d22f8cd2f7eadb8997
e0ae990175769f33a8944eceeb9743f4ec5267be2fd439458f2db9d25f59550f
e354aa840d7dda3982f8812a5c844d8791bee18d36c83dcac7a5c5e9dfd6315a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6710925f633f07b29e326ecb41621f0f23aeb6120bc90c220e25164af4c5ac3
e73da9a9f9e5aced66cf9abf9d6a1a11f42ad48965dd08f40eb0076bcdec3750
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
ea50c4802f0333883410e7a6115a5c22ab2e5395efb1404215a3bd126a6efbde
eb354b0b71a6855e7348208a2981cb2012f0351ca75184db48db620d603d65e7
f06039dad4831b50960fd0e3a7ad7b70678ecd565274488f20eb267963d399bc
f3394cfc35c1165584b374e3afecb3c29823c73eb17042ac60b0cfe0aa546a30
f42236b924b38c1ebf7f4d1dd4dee7dfaed4ae3f7333e035a382c539b7a38700
f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9
f75438c28800111b1bce9d5537cd7261537b0e3a2f5ec01a1fccffe1acf24c00
f7700d5cbe9540a521d1f2d276e767026149ddd2ad2b38e016204778a15c39cc
fa44fa4856bb6e9cc841f113c6d8d13e6f56b337b70d7485b64ee2d26e764706
fa5ee7fc87fd90f5435b21faecd1f3d701e3d2583234ce7f9e9ee85a59d75448
fb19499b62f8820f08c8754a6d3448f235256da35db81937c58c204fbb28ccb2
fbe7f912a9cab6a32b5228e9085c7c00610cc171a7f89cef90a7c3ee84427f70