apply.nbc-insurance.ca
Open in
urlscan Pro
35.201.111.121
Public Scan
Submission Tags: @phishunt_io
Submission: On August 28 via api from ES
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on August 25th 2020. Valid for: 3 months.
This is the only time apply.nbc-insurance.ca was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN15169 (GOOGLE, US)
PTR: 121.111.201.35.bc.googleusercontent.com
apply.nbc-insurance.ca |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-103-120.fra50.r.cloudfront.net
cdn.auth0.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-191-169.eu-west-1.compute.amazonaws.com
dpm.demdex.net |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-9-100.eu-west-3.compute.amazonaws.com
nationalbankofcanada.d2.sc.omtrdc.net |
ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-149.dus51.r.cloudfront.net
cdn.segment.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-152-233.eu-west-1.compute.amazonaws.com
nationalbankofcanada.demdex.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-167-184.eu-west-1.compute.amazonaws.com
nationalbankofcanada.tt.omtrdc.net |
ASN15169 (GOOGLE, US)
PTR: fra16s13-in-f6.1e100.net
5357220.fls.doubleclick.net |
ASN15169 (GOOGLE, US)
PTR: 137.102.96.34.bc.googleusercontent.com
dev.visualwebsiteoptimizer.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-213-0-126.us-west-2.compute.amazonaws.com
api.segment.io |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-226-156-178.dus51.r.cloudfront.net
cdn.amplitude.com |
ASN15169 (GOOGLE, US)
www.googleadservices.com | |
googleads.g.doubleclick.net | |
cm.g.doubleclick.net |
ASN16625 (AKAMAI-AS, US)
PTR: a92-122-252-179.deploy.static.akamaitechnologies.com
s.adroll.com |
ASN15169 (GOOGLE, US)
PTR: fra15s22-in-f6.1e100.net
8392723.fls.doubleclick.net |
ASN15169 (GOOGLE, US)
PTR: 51.241.186.35.bc.googleusercontent.com
api-js.mixpanel.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-63-32.eu-west-1.compute.amazonaws.com
d.adroll.mgr.consensu.org | |
d.adroll.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-201-177-56.us-west-2.compute.amazonaws.com
api.amplitude.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-154-177.eu-west-3.compute.amazonaws.com
ingcanada.112.2o7.net |
Domain | Requested by | |
---|---|---|
14 | apply.nbc-insurance.ca |
apply.nbc-insurance.ca
|
11 | assets.adobedtm.com |
apply.nbc-insurance.ca
assets.adobedtm.com |
10 | d.adroll.com |
6 redirects
apply.nbc-insurance.ca
|
5 | s.adroll.com |
1 redirects
cdn.segment.com
apply.nbc-insurance.ca s.adroll.com |
4 | www.google.de |
apply.nbc-insurance.ca
|
4 | www.google.com |
2 redirects
apply.nbc-insurance.ca
|
4 | www.google-analytics.com |
1 redirects
assets.adobedtm.com
www.google-analytics.com apply.nbc-insurance.ca |
4 | maps.googleapis.com |
apply.nbc-insurance.ca
maps.googleapis.com |
3 | www.facebook.com |
apply.nbc-insurance.ca
|
3 | googleads.g.doubleclick.net |
1 redirects
www.googleadservices.com
|
3 | connect.facebook.net |
assets.adobedtm.com
connect.facebook.net |
3 | www.googletagmanager.com |
apply.nbc-insurance.ca
assets.adobedtm.com www.googletagmanager.com |
2 | us-u.openx.net |
1 redirects
apply.nbc-insurance.ca
|
2 | ib.adnxs.com |
1 redirects
apply.nbc-insurance.ca
|
2 | x.bidswitch.net |
1 redirects
apply.nbc-insurance.ca
|
2 | ingcanada.112.2o7.net |
1 redirects
apply.nbc-insurance.ca
|
2 | api-js.mixpanel.com |
apply.nbc-insurance.ca
|
2 | px.ads.linkedin.com |
1 redirects
apply.nbc-insurance.ca
|
2 | script.crazyegg.com |
apply.nbc-insurance.ca
script.crazyegg.com |
2 | 8392723.fls.doubleclick.net |
1 redirects
www.googletagmanager.com
|
2 | bat.bing.com |
cdn.segment.com
apply.nbc-insurance.ca |
2 | www.googleadservices.com |
cdn.segment.com
www.googleadservices.com |
2 | dev.visualwebsiteoptimizer.com |
cdn.segment.com
apply.nbc-insurance.ca |
2 | 5357220.fls.doubleclick.net |
1 redirects
assets.adobedtm.com
|
2 | nationalbankofcanada.d2.sc.omtrdc.net |
assets.adobedtm.com
|
2 | dpm.demdex.net |
assets.adobedtm.com
apply.nbc-insurance.ca |
1 | cm.g.doubleclick.net | 1 redirects |
1 | ads.yahoo.com | 1 redirects |
1 | api.amplitude.com |
apply.nbc-insurance.ca
|
1 | d.adroll.mgr.consensu.org | 1 redirects |
1 | www.linkedin.com | 1 redirects |
1 | snap.licdn.com |
cdn.segment.com
|
1 | cdn.amplitude.com |
cdn.segment.com
|
1 | cdn.mxpnl.com |
cdn.segment.com
|
1 | stats.g.doubleclick.net | 1 redirects |
1 | api.segment.io |
apply.nbc-insurance.ca
|
1 | nationalbankofcanada.tt.omtrdc.net |
apply.nbc-insurance.ca
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | nationalbankofcanada.demdex.net |
assets.adobedtm.com
|
1 | cdn.segment.com |
apply.nbc-insurance.ca
|
1 | fonts.googleapis.com |
apply.nbc-insurance.ca
|
1 | cm.everesttech.net | 1 redirects |
1 | cdn.auth0.com |
apply.nbc-insurance.ca
|
89 | 43 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.nbc-insurance.ca |
Subject Issuer | Validity | Valid | |
---|---|---|---|
bnc.prod.direct.getbreathe.life Let's Encrypt Authority X3 |
2020-08-25 - 2020-11-23 |
3 months | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-08-11 - 2020-11-03 |
3 months | crt.sh |
*.auth0.com Amazon |
2020-05-23 - 2021-06-23 |
a year | crt.sh |
assets.adobedtm.com DigiCert SHA2 High Assurance Server CA |
2019-10-22 - 2021-10-01 |
2 years | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-08-11 - 2020-11-03 |
3 months | crt.sh |
*.demdex.net DigiCert SHA2 High Assurance Server CA |
2018-01-09 - 2021-02-12 |
3 years | crt.sh |
*.d2.sc.omtrdc.net DigiCert SHA2 High Assurance Server CA |
2020-02-28 - 2022-03-04 |
2 years | crt.sh |
*.segment.com DigiCert SHA2 Secure Server CA |
2020-06-12 - 2021-07-27 |
a year | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-08-11 - 2020-11-03 |
3 months | crt.sh |
*.tt.omtrdc.net DigiCert SHA2 High Assurance Server CA |
2017-10-19 - 2020-11-25 |
3 years | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-07-21 - 2020-10-12 |
3 months | crt.sh |
*.doubleclick.net GTS CA 1O1 |
2020-08-11 - 2020-11-03 |
3 months | crt.sh |
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2 |
2020-06-19 - 2022-07-06 |
2 years | crt.sh |
*.google.de GTS CA 1O1 |
2020-08-11 - 2020-11-03 |
3 months | crt.sh |
*.mxpnl.com RapidSSL RSA CA 2018 |
2019-07-29 - 2021-07-28 |
2 years | crt.sh |
cdn.amplitude.com Amazon |
2019-12-16 - 2021-01-16 |
a year | crt.sh |
*.googleadservices.com GTS CA 1O1 |
2020-08-11 - 2020-11-03 |
3 months | crt.sh |
*.adroll.com DigiCert SHA2 Secure Server CA |
2020-01-29 - 2021-04-29 |
a year | crt.sh |
*.licdn.com DigiCert SHA2 Secure Server CA |
2019-04-01 - 2021-05-07 |
2 years | crt.sh |
www.bing.com Microsoft IT TLS CA 2 |
2019-04-30 - 2021-04-30 |
2 years | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-06-09 - 2021-06-09 |
a year | crt.sh |
px.ads.linkedin.com DigiCert SHA2 Secure Server CA |
2020-08-05 - 2021-02-05 |
6 months | crt.sh |
*.mixpanel.com GeoTrust RSA CA 2018 |
2020-04-20 - 2022-04-21 |
2 years | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2020-08-11 - 2020-11-03 |
3 months | crt.sh |
adroll.mgr.consensu.org Amazon |
2019-11-06 - 2020-12-06 |
a year | crt.sh |
*.amplitude.com COMODO RSA Domain Validation Secure Server CA |
2020-02-18 - 2022-02-13 |
2 years | crt.sh |
*.google.com GTS CA 1O1 |
2020-08-11 - 2020-11-03 |
3 months | crt.sh |
*.112.2o7.net DigiCert SHA2 High Assurance Server CA |
2019-04-23 - 2021-04-27 |
2 years | crt.sh |
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA |
2020-04-23 - 2022-05-04 |
2 years | crt.sh |
*.adnxs.com DigiCert ECC Secure Server CA |
2019-01-23 - 2021-03-08 |
2 years | crt.sh |
*.openx.net GeoTrust RSA CA 2018 |
2020-06-18 - 2021-08-17 |
a year | crt.sh |
This page contains 5 frames:
Primary Page:
https://apply.nbc-insurance.ca/
Frame ID: D092BFD2967B7CD9F010F7AACA4644EF
Requests: 92 HTTP requests in this frame
Frame:
https://assets.adobedtm.com/58a1d39ae7dbd9ad6d68fd7a2e33a92917d9261c/scripts/satellite-58f7c0ca64746d6b6b0031b4.html
Frame ID: C1A5E4024F1CD08F6CA1EE7CCB1F3B58
Requests: 1 HTTP requests in this frame
Frame:
https://nationalbankofcanada.demdex.net/dest5.html?d_nsid=0
Frame ID: 3F660F070B92A3AF0EA31A059632BF0A
Requests: 1 HTTP requests in this frame
Frame:
https://5357220.fls.doubleclick.net/activityi;dc_pre=CPuKyoHjvesCFUzauwgdC2kDCA;src=5357220;type=bnc-d0;cat=bnc-d0;u1=;u2=;u3=85039221674099351231794605523542816182;u4=en;u5=bna;u6=site;u7=personal;u8=;u9=nbc-insurance:landing-page;u10=;u11=;u12=;u13=;u14=;u19=nbc-insurance:landing-page;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1
Frame ID: 99F43B6CC8F325313981A94FA9AC87B5
Requests: 1 HTTP requests in this frame
Frame:
https://8392723.fls.doubleclick.net/activityi;dc_pre=CIeB0IHjvesCFenluwgdt0QOBg;src=8392723;type=pagev0;cat=pagev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=[SessionID]
Frame ID: 3D25CB02E84AE1DAE63619A2A779A231
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
Google Cloud (CDN) ExpandDetected patterns
- headers via /^1\.1 google$/i
Page Statistics
8 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Legal Note
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Terms of Use
Search URL Search Domain Scan URL
Title: Your opinion is important
Search URL Search Domain Scan URL
Title: Security
Search URL Search Domain Scan URL
Title: Cookies
Search URL Search Domain Scan URL
Title: Legal Conditions of our promotions
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 15- https://cm.everesttech.net/cm/dd?d_uuid=92145390337993141671225865849440009298 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=X0jnnQAABtLfjhTJ
- https://5357220.fls.doubleclick.net/activityi;src=5357220;type=bnc-d0;cat=bnc-d0;u1=;u2=;u3=85039221674099351231794605523542816182;u4=en;u5=bna;u6=site;u7=personal;u8=;u9=nbc-insurance:landing-page;u10=;u11=;u12=;u13=;u14=;u19=nbc-insurance:landing-page;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 HTTP 302
- https://5357220.fls.doubleclick.net/activityi;dc_pre=CPuKyoHjvesCFUzauwgdC2kDCA;src=5357220;type=bnc-d0;cat=bnc-d0;u1=;u2=;u3=85039221674099351231794605523542816182;u4=en;u5=bna;u6=site;u7=personal;u8=;u9=nbc-insurance:landing-page;u10=;u11=;u12=;u13=;u14=;u19=nbc-insurance:landing-page;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1
- https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1630330569&t=pageview&_s=1&dl=https%3A%2F%2Fapply.nbc-insurance.ca%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Term%20Life%20Insurance%20%7C%20National%20Bank%20Insurance&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEAjB~&jid=810952604&gjid=1059182044&cid=533992833.1598613406&tid=UA-2595397-1&_gid=469617084.1598613406&_r=1&z=216618045 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2595397-1&cid=533992833.1598613406&jid=810952604&_gid=469617084.1598613406&gjid=1059182044&_v=j83&z=216618045 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2595397-1&cid=533992833.1598613406&jid=810952604&_v=j83&z=216618045 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2595397-1&cid=533992833.1598613406&jid=810952604&_v=j83&z=216618045&slf_rd=1&random=731884598
- https://8392723.fls.doubleclick.net/activityi;src=8392723;type=pagev0;cat=pagev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=[SessionID] HTTP 302
- https://8392723.fls.doubleclick.net/activityi;dc_pre=CIeB0IHjvesCFenluwgdt0QOBg;src=8392723;type=pagev0;cat=pagev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=[SessionID]
- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=226409&url=https%3A%2F%2Fapply.nbc-insurance.ca%2F&time=1598613406048 HTTP 302
- https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D226409%26url%3Dhttps%253A%252F%252Fapply.nbc-insurance.ca%252F%26time%3D1598613406048%26liSync%3Dtrue HTTP 302
- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=226409&url=https%3A%2F%2Fapply.nbc-insurance.ca%2F&time=1598613406048&liSync=true
- https://s.adroll.com/j/exp/EX76L7I6JVDGRDLV4P2AMG/index.js HTTP 302
- https://s.adroll.com/j/exp/index.js
- https://d.adroll.mgr.consensu.org/consent/iabcheck/EX76L7I6JVDGRDLV4P2AMG?_s=12b3e71d5e1b9f66167dedf914ba22f5&_b=2 HTTP 302
- https://d.adroll.com/consent/check/EX76L7I6JVDGRDLV4P2AMG/?_s=12b3e71d5e1b9f66167dedf914ba22f5&_b=2
- https://googleads.g.doubleclick.net/pagead/viewthroughconversion/819651208/?random=1346799496&cv=9&fst=*&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https://apply.nbc-insurance.ca/&tiba=Term%20Life%20Insurance%20%7C%20National%20Bank%20Insurance&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=nudIX9W1Bo6K7_UP1cOluAk&sscte=1&crd= HTTP 302
- https://www.google.com/pagead/1p-conversion/819651208/?random=1346799496&cv=9&fst=*&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https://apply.nbc-insurance.ca/&tiba=Term%20Life%20Insurance%20%7C%20National%20Bank%20Insurance&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=nudIX9W1Bo6K7_UP1cOluAk&cid=CAQSKQCNIrLMDTnUYtzDxjnNbxhTq4LtnerNbRxN_Irw78vxvBgPbAmad6rD&random=1587028308&resp=GooglemKTybQhCsO HTTP 302
- https://www.google.de/pagead/1p-conversion/819651208/?random=1346799496&cv=9&fst=*&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https://apply.nbc-insurance.ca/&tiba=Term%20Life%20Insurance%20%7C%20National%20Bank%20Insurance&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=nudIX9W1Bo6K7_UP1cOluAk&cid=CAQSKQCNIrLMDTnUYtzDxjnNbxhTq4LtnerNbRxN_Irw78vxvBgPbAmad6rD&random=1587028308&resp=GooglemKTybQhCsO&ipr=y
- https://d.adroll.com/pixel/EX76L7I6JVDGRDLV4P2AMG/J3B2Y3Y6LVGEHJM2VNGBFL?adroll_fpc=998d9269c597863754275a808f34b21a-1598613406281&arrfrr=https%3A%2F%2Fapply.nbc-insurance.ca%2F&xid_ch=f&pv=1946099553.0410364&cookie=&adroll_s_ref=&keyw= HTTP 302
- https://s.adroll.com/pixel/EX76L7I6JVDGRDLV4P2AMG/J3B2Y3Y6LVGEHJM2VNGBFL/NFXO64YS4VGX7ISTODZOX2.js
- https://ingcanada.112.2o7.net/b/ss/intactbnagprod/1/JS-1.5.3/s98060000542568?AQB=1&ndh=1&pf=1&t=28%2F7%2F2020%2013%3A16%3A46%205%20-120&fid=3F3A54A10E05C32F-073DC2E326B8605C&ce=UTF-8&ns=ingcanada&cdp=2&pageName=nb%3A&g=https%3A%2F%2Fapply.nbc-insurance.ca%2F&cc=CAD&server=apply.nbc-insurance.ca&events=event7&h1=D%3DpageName&c7=no%20province%20specified&v7=D%3Dc7&c8=friday-7%3A16am&v8=D%3Dc8&v9=D%3Dc13&c13=no%20language%20specified&c31=new%7Cfirst%20visit%7C1&c34=anonymous%7Canonymous&c39=D%3Dg&c40=D%3DpageName%2B%22%28%22%2Bc13%2B%22%29%22&v40=D%3Dg&c41=D%3DpageName%2B%22%28%22%2Bc7%2B%22%29%22&v41=D%3Dc31&v44=D%3Dc34&c50=ATM%2F_bda%5B2.25%3AND%3A2015-05-05%5D%2Fmap%5B1.7%3AWY%3A2017-02-21%5D&v50=D%3DpageName&v51=D%3DpageName&v55=D%3Dc55&v61=typed%2Fbookmarked&v63=typed%2Fbookmarked&v65=D%3Dv64&v67=typed%2Fbookmarked&v68=D%3Dv67&v69=typed%2Fbookmarked&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1 HTTP 302
- https://ingcanada.112.2o7.net/b/ss/intactbnagprod/1/JS-1.5.3/s98060000542568?AQB=1&pccr=true&vidn=2FA473CF0515BD79-4000074F18C37163&ndh=1&pf=1&t=28%2F7%2F2020%2013%3A16%3A46%205%20-120&fid=3F3A54A10E05C32F-073DC2E326B8605C&ce=UTF-8&ns=ingcanada&cdp=2&pageName=nb%3A&g=https%3A%2F%2Fapply.nbc-insurance.ca%2F&cc=CAD&server=apply.nbc-insurance.ca&events=event7&h1=D%3DpageName&c7=no%20province%20specified&v7=D%3Dc7&c8=friday-7%3A16am&v8=D%3Dc8&v9=D%3Dc13&c13=no%20language%20specified&c31=new%7Cfirst%20visit%7C1&c34=anonymous%7Canonymous&c39=D%3Dg&c40=D%3DpageName%2B%22%28%22%2Bc13%2B%22%29%22&v40=D%3Dg&c41=D%3DpageName%2B%22%28%22%2Bc7%2B%22%29%22&v41=D%3Dc31&v44=D%3Dc34&c50=ATM%2F_bda%5B2.25%3AND%3A2015-05-05%5D%2Fmap%5B1.7%3AWY%3A2017-02-21%5D&v50=D%3DpageName&v51=D%3DpageName&v55=D%3Dc55&v61=typed%2Fbookmarked&v63=typed%2Fbookmarked&v65=D%3Dv64&v67=typed%2Fbookmarked&v68=D%3Dv67&v69=typed%2Fbookmarked&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
- https://d.adroll.com/cm/r/out?adroll_fpc=998d9269c597863754275a808f34b21a-1598613406281&arrfrr=https%3A%2F%2Fapply.nbc-insurance.ca%2F&xid_ch=f&advertisable=EX76L7I6JVDGRDLV4P2AMG HTTP 302
- https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
- https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
- https://d.adroll.com/cm/b/out?adroll_fpc=998d9269c597863754275a808f34b21a-1598613406281&arrfrr=https%3A%2F%2Fapply.nbc-insurance.ca%2F&xid_ch=f&advertisable=EX76L7I6JVDGRDLV4P2AMG HTTP 302
- https://x.bidswitch.net/sync?dsp_id=44&user_id=NjIxYWNmNGJiNmQzMmY4MGViZjcwOTlmZWEwZjQyMjA HTTP 302
- https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NjIxYWNmNGJiNmQzMmY4MGViZjcwOTlmZWEwZjQyMjA
- https://d.adroll.com/cm/x/out?adroll_fpc=998d9269c597863754275a808f34b21a-1598613406281&arrfrr=https%3A%2F%2Fapply.nbc-insurance.ca%2F&xid_ch=f&advertisable=EX76L7I6JVDGRDLV4P2AMG HTTP 302
- https://ib.adnxs.com/setuid?entity=172&code=NjIxYWNmNGJiNmQzMmY4MGViZjcwOTlmZWEwZjQyMjA HTTP 307
- https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNjIxYWNmNGJiNmQzMmY4MGViZjcwOTlmZWEwZjQyMjA
- https://d.adroll.com/cm/o/out?adroll_fpc=998d9269c597863754275a808f34b21a-1598613406281&arrfrr=https%3A%2F%2Fapply.nbc-insurance.ca%2F&xid_ch=f&advertisable=EX76L7I6JVDGRDLV4P2AMG HTTP 302
- https://us-u.openx.net/w/1.0/sd?id=537103138&val=621acf4bb6d32f80ebf7099fea0f4220 HTTP 302
- https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=621acf4bb6d32f80ebf7099fea0f4220
- https://d.adroll.com/cm/g/out?adroll_fpc=998d9269c597863754275a808f34b21a-1598613406281&arrfrr=https%3A%2F%2Fapply.nbc-insurance.ca%2F&xid_ch=f&advertisable=EX76L7I6JVDGRDLV4P2AMG&google_nid=adroll5 HTTP 302
- https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=YhrPS7bTL4Dr9wmf6g9CIA HTTP 302
- https://d.adroll.com/cm/g/in
89 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
apply.nbc-insurance.ca/ |
4 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
config.js
apply.nbc-insurance.ca/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
maps.googleapis.com/maps/api/ |
127 KB 42 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
auth0.min.js
cdn.auth0.com/js/auth0/9.6.1/ |
110 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
satelliteLib-23f9eeb04eeb4bd02e31d36e3ed3825c4d8105ae.js
assets.adobedtm.com/58a1d39ae7dbd9ad6d68fd7a2e33a92917d9261c/ |
147 KB 42 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2.461cb393.chunk.css
apply.nbc-insurance.ca/static/css/ |
569 KB 98 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.8d810515.chunk.css
apply.nbc-insurance.ca/static/css/ |
33 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2.e27a8fe4.chunk.js
apply.nbc-insurance.ca/static/js/ |
3 MB 782 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.6c970c91.chunk.js
apply.nbc-insurance.ca/static/js/ |
928 KB 254 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
65 KB 26 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
id
dpm.demdex.net/ |
5 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mbox-contents-6fc75f117925574cc1441b1f0b00cce81c10924e.js
assets.adobedtm.com/58a1d39ae7dbd9ad6d68fd7a2e33a92917d9261c/ |
108 KB 35 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
satellite-5670672064746d5bd30011d4.js
assets.adobedtm.com/58a1d39ae7dbd9ad6d68fd7a2e33a92917d9261c/scripts/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
satellite-5cc0c85f64746d47f1000450.js
assets.adobedtm.com/58a1d39ae7dbd9ad6d68fd7a2e33a92917d9261c/scripts/ |
50 B 338 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
45 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
id
nationalbankofcanada.d2.sc.omtrdc.net/ |
2 B 323 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=411&dpuuid=X0jnnQAABtLfjhTJ
dpm.demdex.net/ Redirect Chain
|
42 B 915 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
3 KB 632 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.min.js
cdn.segment.com/analytics.js/v1/pQBvzP5jquzXPzh2OlVbEmNGRtNKSlEm/ |
419 KB 84 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
satellite-58f7c0ca64746d6b6b0031b4.html
assets.adobedtm.com/58a1d39ae7dbd9ad6d68fd7a2e33a92917d9261c/scripts/ Frame C1A5 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
satellite-5a72127364746d11b9000059.js
assets.adobedtm.com/58a1d39ae7dbd9ad6d68fd7a2e33a92917d9261c/scripts/ |
511 B 644 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
satellite-5a8c5e3f64746d1db00030d5.js
assets.adobedtm.com/58a1d39ae7dbd9ad6d68fd7a2e33a92917d9261c/scripts/ |
1 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
satellite-5ddedd5764746d6b9600aad8.js
assets.adobedtm.com/58a1d39ae7dbd9ad6d68fd7a2e33a92917d9261c/scripts/ |
100 B 377 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s-code-contents-39790b10fad536a5c349627f2f41dc67e22759ac.js
assets.adobedtm.com/58a1d39ae7dbd9ad6d68fd7a2e33a92917d9261c/ |
208 KB 55 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s-code-contents-52841e203e41014e54e2bc77566c405e9d87d237.js
assets.adobedtm.com/58a1d39ae7dbd9ad6d68fd7a2e33a92917d9261c/ |
76 KB 27 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
dest5.html
nationalbankofcanada.demdex.net/ Frame 3F66 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
home-company-logo_en.505a84c3.png
apply.nbc-insurance.ca/static/media/ |
61 KB 61 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
headphones-customer-support.3105ab31.svg
apply.nbc-insurance.ca/static/media/ |
949 B 555 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
arrow-right.6045641f.svg
apply.nbc-insurance.ca/static/media/ |
1 KB 667 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
911 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
arrow.1e44e570.svg
apply.nbc-insurance.ca/static/media/ |
388 B 355 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
famille-heros.76d4d5d5.jpg
apply.nbc-insurance.ca/static/media/ |
167 KB 167 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
902 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
home-background-desktop.4abdfd74.jpg
apply.nbc-insurance.ca/static/media/ |
202 KB 203 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Korolev-Bold.f4e70f52.woff2
apply.nbc-insurance.ca/static/media/ |
17 KB 17 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 1 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Korolev-Medium.7908c08c.woff2
apply.nbc-insurance.ca/static/media/ |
17 KB 17 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
json
nationalbankofcanada.tt.omtrdc.net/m2/nationalbankofcanada/mbox/ |
788 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
134 KB 34 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
activityi;dc_pre=CPuKyoHjvesCFUzauwgdC2kDCA;src=5357220;type=bnc-d0;cat=bnc-d0;u1=;u2=;u3=85039221674099351231794605523542816182;u4=en;u5=bna;u6=site;u7=personal;u8=;u9=nbc-insurance:landing-page;u...
5357220.fls.doubleclick.net/ Frame 99F4 Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
j.php
dev.visualwebsiteoptimizer.com/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
p
api.segment.io/v1/ |
21 B 146 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
js
www.googletagmanager.com/gtag/ |
89 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
linkid.js
www.google-analytics.com/plugins/ua/ |
2 KB 887 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 491 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s97257175031835
nationalbankofcanada.d2.sc.omtrdc.net/b/ss/nbcabnaproduction/10/JS-2.6.0-D7QN/ |
5 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mixpanel-2-latest.min.js
cdn.mxpnl.com/libs/ |
79 KB 27 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
amplitude-5.2.2-min.gz.js
cdn.amplitude.com/libs/ |
54 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
conversion_async.js
www.googleadservices.com/pagead/ |
29 KB 12 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
roundtrip.js
s.adroll.com/j/ |
38 KB 12 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
insight.min.js
snap.licdn.com/li.lms-analytics/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bat.js
bat.bing.com/ |
26 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
activityi;dc_pre=CIeB0IHjvesCFenluwgdt0QOBg;src=8392723;type=pagev0;cat=pagev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=[SessionID]
8392723.fls.doubleclick.net/ Frame 3D25 Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
collect
www.google-analytics.com/ |
35 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
315469978858251
connect.facebook.net/signals/config/ |
151 KB 38 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0890.js
script.crazyegg.com/pages/scripts/0057/ |
23 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
v.gif
dev.visualwebsiteoptimizer.com/ |
35 B 301 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
px.ads.linkedin.com/ Redirect Chain
|
0 40 B |
Image
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
api-js.mixpanel.com/decide/ |
65 B 140 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
api-js.mixpanel.com/track/ |
1 B 325 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
js
www.googletagmanager.com/gtag/ |
89 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
/
www.googleadservices.com/pagead/conversion/819651208/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/819651208/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0
bat.bing.com/action/ |
0 149 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.js
s.adroll.com/j/exp/ Redirect Chain
|
28 B 747 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.js
s.adroll.com/j/pre/EX76L7I6JVDGRDLV4P2AMG/J3B2Y3Y6LVGEHJM2VNGBFL/ |
0 773 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
d.adroll.com/consent/check/EX76L7I6JVDGRDLV4P2AMG/ Redirect Chain
|
392 B 859 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
11.1.68.js
script.crazyegg.com/pages/versioned/common-scripts/ |
70 KB 23 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
api.amplitude.com/ |
7 B 167 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
/
www.google.de/pagead/1p-conversion/819651208/ Redirect Chain
|
42 B 65 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
/
www.google.com/pagead/1p-user-list/819651208/ |
42 B 122 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
/
www.google.de/pagead/1p-user-list/819651208/ |
42 B 111 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/870131889/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 146 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
/
www.google.com/pagead/1p-user-list/870131889/ |
42 B 65 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
/
www.google.de/pagead/1p-user-list/870131889/ |
42 B 65 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
NFXO64YS4VGX7ISTODZOX2.js
s.adroll.com/pixel/EX76L7I6JVDGRDLV4P2AMG/J3B2Y3Y6LVGEHJM2VNGBFL/ Redirect Chain
|
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s98060000542568
ingcanada.112.2o7.net/b/ss/intactbnagprod/1/JS-1.5.3/ Redirect Chain
|
43 B 338 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
163945267582337
connect.facebook.net/signals/config/ |
524 KB 132 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
in
d.adroll.com/cm/r/ Redirect Chain
|
42 B 519 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync
x.bidswitch.net/ul_cb/ Redirect Chain
|
43 B 410 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bounce
ib.adnxs.com/ Redirect Chain
|
43 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
out
d.adroll.com/cm/l/ |
42 B 180 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sd
us-u.openx.net/w/1.0/ Redirect Chain
|
43 B 180 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
in
d.adroll.com/cm/g/ Redirect Chain
|
42 B 536 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 146 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 100 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
satellite-566999dd64746d571e005567.js
assets.adobedtm.com/58a1d39ae7dbd9ad6d68fd7a2e33a92917d9261c/scripts/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common.js
maps.googleapis.com/maps-api-v3/api/js/42/2/ |
78 KB 29 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
util.js
maps.googleapis.com/maps-api-v3/api/js/42/2/ |
145 KB 53 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
AuthenticationService.Authenticate
maps.googleapis.com/maps/api/js/ |
62 B 447 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
135 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| trustedTypes object| breatheLifeConfig object| auth0 object| dataLayer function| Visitor object| _satellite object| s_c_il number| s_c_in function| targetPageParams object| google object| module$contents$MapsEvent_MapsEvent object| module$contents$mapsapi$overlay$OverlayView_OverlayView object| adobe object| _AT function| mboxCreate function| mboxDefine function| mboxUpdate string| GoogleAnalyticsObject function| ga number| adrum-start-time object| analytics object| webpackJsonpbnc-frontend object| SENTRY_RELEASE function| setImmediate function| clearImmediate object| regeneratorRuntime function| _ number| 2f1acc6c3a606b082e5eef5e54414ffb object| __SENTRY__ function| fbq function| _fbq object| mixpanel object| amplitude string| adroll_adv_id string| adroll_pix_id boolean| __adroll_loaded string| _linkedin_data_partner_id boolean| f object| d object| _vwo_code number| settings_timer number| _vwo_settings_timer object| _vis_opt_queue object| uetq function| normalize object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| AppMeasurement_Module_AudienceManagement function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq function| DIL number| s_objectID number| s_giq string| day string| trackingCode object| s_i_nbcabnaproduction object| google_tag_manager function| AppMeasurement_Module_Integrate object| _bda function| s_track function| s_trackPageview function| s_trackHelpText function| s_trackLightbox function| s_trackFormErrors function| s_trackDisqualification function| s_trackSaveQuote function| s_trackVehicle function| s_trackButton function| s_trackDriver function| s_quoteRecalculated function| s_trackRaCB function| s_clickRetrieveQuote function| s_clickPasswordSent function| s_trackCall function| s_trackSavingEstimator function| s_trackSocial function| s_startMovie function| s_playMovie function| s_stopMovie function| s_endMovie function| s_TVPV function| s_trackPageView function| s_sendBeacon function| s_trackInteraction function| s_optOut undefined| b number| _vwo_j_e string| _vwo_mt string| _vwo_tm object| vwo_iehack_queue function| lintrk boolean| _already_called_lintrk object| cmPixel function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| UET string| adroll_sid object| __adroll boolean| adroll_optout object| adroll_ext_network object| adroll_callbacks undefined| adroll_tpc_callback object| CE2 object| placeholder object| s function| __bda_ga string| f0 number| p object| s_Integrate_ClickTale string| r function| w string| j function| _bda_trackListener function| _bda_trackExitLink object| elm function| _bda_trackDownloadLink object| CE2BH boolean| __adroll_consent boolean| __adroll_consent_is_gdpr object| __adroll_consent_data string| __adroll_consent_user_country number| adroll_xavier_called number| __adroll_xid_ch object| adroll_currency object| adroll_conversion_value object| adroll_conversion_value_in_dollars object| adroll_exp_list object| s_i_intactbnagprod function| mobilecheck object| _xdc_41 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.demdex.net/ | Name: dextp Value: 771-1-1598613405905|1083-1-1598613406007|1085-1-1598613406108|1086-1-1598613406208|1087-1-1598613406309|1088-1-1598613406410|19913-1-1598613406511|30064-1-1598613406612|575-1-1598613406712|73426-1-1598613406813|66757-1-1598613406914|121998-1-1598613407014|144230-1-1598613407115 |
|
.apply.nbc-insurance.ca/ | Name: __ar_v4 Value: %7CEX76L7I6JVDGRDLV4P2AMG%3A20200827%3A1%7CJ3B2Y3Y6LVGEHJM2VNGBFL%3A20200827%3A1%7CNFXO64YS4VGX7ISTODZOX2%3A20200827%3A1 |
|
apply.nbc-insurance.ca/ | Name: _sdsat_referrerType Value: default |
|
.nbc-insurance.ca/ | Name: _fbp Value: fb.1.1598613406198.1283155291 |
|
.nbc-insurance.ca/ | Name: __bda_ga_gid Value: GA1.2.2060729599.1598613406 |
|
.nbc-insurance.ca/ | Name: amplitude_idundefinednbc-insurance.ca Value: eyJvcHRPdXQiOmZhbHNlLCJzZXNzaW9uSWQiOm51bGwsImxhc3RFdmVudFRpbWUiOm51bGwsImV2ZW50SWQiOjAsImlkZW50aWZ5SWQiOjAsInNlcXVlbmNlTnVtYmVyIjowfQ== |
|
.nbc-insurance.ca/ | Name: __bda_bdpv Value: 1 |
|
.demdex.net/ | Name: demdex Value: 92145390337993141671225865849440009298 |
|
.nbc-insurance.ca/ | Name: __bda_bdcvtc Value: typed/bookmarked |
|
.nbc-insurance.ca/ | Name: __bda_bdtkcd Value: ch%3Atyped/bookmarked-%7C-tc%3Atyped/bookmarked-%7C-kw%3Aundefined |
|
.nbc-insurance.ca/ | Name: __bda_bdprev_prevuserid Value: anonymous%7Canonymous |
|
.nbc-insurance.ca/ | Name: s_fid Value: 3F3A54A10E05C32F-073DC2E326B8605C |
|
.nbc-insurance.ca/ | Name: __bda_ga Value: GA1.2.533992833.1598613406 |
|
.nbc-insurance.ca/ | Name: s_vnum Value: 1601205406137%26vn%3D1 |
|
.nbc-insurance.ca/ | Name: __bda_bdprst_language Value: no%20language%20specified |
|
.nbc-insurance.ca/ | Name: s_invisit Value: true |
|
.nbc-insurance.ca/ | Name: s_lv_s Value: First%20Visit |
|
.nbc-insurance.ca/ | Name: _gat Value: 1 |
|
.nbc-insurance.ca/ | Name: s_lv Value: 1598613406137 |
|
.nbc-insurance.ca/ | Name: s_nr Value: 1598613406136 |
|
.nbc-insurance.ca/ | Name: __bda_bdprev_previouspagename Value: nb%3A |
|
.nbc-insurance.ca/ | Name: _uetvid Value: 7d26c352284dda31824d7c37154f5679 |
|
.nbc-insurance.ca/ | Name: mbox Value: session#37c3c41594374559b1a0ba1927e0a87e#1598615267|PC#37c3c41594374559b1a0ba1927e0a87e.37_0#1661858207 |
|
.apply.nbc-insurance.ca/ | Name: aam_uuid Value: 92145390337993141671225865849440009298 |
|
.nbc-insurance.ca/ | Name: check Value: true |
|
.nbc-insurance.ca/ | Name: mp_9823107540d70016d7c179d4d51f065c_mixpanel Value: %7B%22distinct_id%22%3A%20%2217434c8c1673fb-063d3394c77193-1b396256-1d4c00-17434c8c168897%22%2C%22%24device_id%22%3A%20%2217434c8c1673fb-063d3394c77193-1b396256-1d4c00-17434c8c168897%22%2C%22mp_lib%22%3A%20%22Segment%3A%20web%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D |
|
.nbc-insurance.ca/ | Name: __bda_bdcvch Value: typed/bookmarked |
|
.nbc-insurance.ca/ | Name: ajs_anonymous_id Value: %2211bf02f2-5a7f-423e-9ef8-2ba4b909061d%22 |
|
.nbc-insurance.ca/ | Name: _uetsid Value: 1e009a45e3af60d5e58dc418d786589c |
|
.nbc-insurance.ca/ | Name: _vwo_uuid_v2 Value: D64BB27B4CBFBA42220A7C7A6DB61444E|51e62c2b6d5d220ae8470f297a3b38ad |
|
.nbc-insurance.ca/ | Name: s_cc Value: true |
|
.apply.nbc-insurance.ca/ | Name: __adroll_fpc Value: 998d9269c597863754275a808f34b21a-1598613406281 |
|
.nbc-insurance.ca/ | Name: _gcl_au Value: 1.1.1168994285.1598613406 |
|
.nbc-insurance.ca/ | Name: _gid Value: GA1.2.469617084.1598613406 |
|
.nbc-insurance.ca/ | Name: __bda_bdprst_province Value: no%20province%20specified |
|
.nbc-insurance.ca/ | Name: _ga Value: GA1.2.533992833.1598613406 |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUl7OytQde9aY-MGKcOXzxivplSnOafD-Qzes-XKMJd23UFvsQX60nrEt_-0 |
|
.nbc-insurance.ca/ | Name: amplitude_id_688160c71ae64c28f7a0435653decd50nbc-insurance.ca Value: eyJkZXZpY2VJZCI6Ijk3YjEzZDVmLTZiOWUtNDE4Yy05OWYwLTA4ZWQ5OGFjNjE0YlIiLCJ1c2VySWQiOm51bGwsIm9wdE91dCI6ZmFsc2UsInNlc3Npb25JZCI6MTU5ODYxMzQwNjE3NCwibGFzdEV2ZW50VGltZSI6MTU5ODYxMzQwNjE3NiwiZXZlbnRJZCI6MSwiaWRlbnRpZnlJZCI6MCwic2VxdWVuY2VOdW1iZXIiOjF9 |
|
.nbc-insurance.ca/ | Name: AMCV_1E24776A524450D90A490D44%40AdobeOrg Value: -330454231%7CMCIDTS%7C18503%7CMCMID%7C85039221674099351231794605523542816182%7CMCAAMLH-1599218205%7C6%7CMCAAMB-1599218205%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1598620605s%7CNONE%7CMCSYNCSOP%7C411-18510%7CMCAID%7CNONE%7CvVersion%7C3.1.2 |
|
.nbc-insurance.ca/ | Name: __bda_bdlib Value: 1 |
|
.nbc-insurance.ca/ | Name: AMCVS_1E24776A524450D90A490D44%40AdobeOrg Value: 1 |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
5357220.fls.doubleclick.net
8392723.fls.doubleclick.net
ads.yahoo.com
api-js.mixpanel.com
api.amplitude.com
api.segment.io
apply.nbc-insurance.ca
assets.adobedtm.com
bat.bing.com
cdn.amplitude.com
cdn.auth0.com
cdn.mxpnl.com
cdn.segment.com
cm.everesttech.net
cm.g.doubleclick.net
connect.facebook.net
d.adroll.com
d.adroll.mgr.consensu.org
dev.visualwebsiteoptimizer.com
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
ingcanada.112.2o7.net
maps.googleapis.com
nationalbankofcanada.d2.sc.omtrdc.net
nationalbankofcanada.demdex.net
nationalbankofcanada.tt.omtrdc.net
px.ads.linkedin.com
s.adroll.com
script.crazyegg.com
snap.licdn.com
stats.g.doubleclick.net
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
x.bidswitch.net
13.226.145.149
13.226.156.178
143.204.103.120
15.188.154.177
15.236.9.100
172.217.21.230
172.217.23.166
18.194.49.124
185.33.221.88
2600:1901:0:498c::
2606:4700::6813:9408
2620:1ec:21::14
2620:1ec:c11::200
2a00:1288:f03d:1fa::4000
2a00:1450:4001:801::200e
2a00:1450:4001:802::2008
2a00:1450:4001:802::200e
2a00:1450:4001:806::200a
2a00:1450:4001:80b::200a
2a00:1450:4001:819::200a
2a00:1450:4001:81a::2003
2a00:1450:4001:820::2008
2a00:1450:4001:821::2002
2a00:1450:4001:824::2003
2a00:1450:4001:824::2004
2a00:1450:400c:c06::9b
2a02:26f0:10c:398::1e80
2a02:26f0:10c:39e::25ea
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:f500:10:101::b93f:9105
34.254.167.184
34.96.102.137
35.186.241.51
35.201.111.121
35.244.159.8
52.30.191.169
54.201.177.56
54.213.0.126
63.32.152.233
63.32.63.32
66.117.28.86
92.122.252.179
015d63be0a62159f91ad794d514986e37d14f6ffb7da259c09feabfd783be836
020dea12f80ab0775627e8b7914721f9b8cb22ad34543b0362315b7370fa6d51
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
096e5e851e565b906fc78e3733dccc5ff840b752c7f0be7a72558f4021acb2f4
0cc94202c494a1539d39f75685f9ad92c9f9314749f3e84c45ce96e0b301da2b
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
17da90b4538f92626a5f272f845b1a644826aa4afdb4acc446caf1c335455b6a
1f51630e51f58b889a673a54329a6aa21a6b77dcab1fc341ee15d2b00251292a
2173f130ca59dc5554498343432f02f92ecce45c4f9381ea12b203a2978f33d4
2c22e38f72eed1584568a697d154421e104fd00f1ad7a4db663acd5cdd90db4f
2e329de0e0475a62506af99f796396397856330408813ca270bdfaf9d18fa5f2
305fa731fa32f18696c2ad8e1f4b6c2fb9ba61795bd84787b861477d127e3e61
30b67ecd63ade1d00a733ed5cf5bdc1c3134c37c148cb95b811907e3d05d8342
352186aa86e0c1bed04942766f981790e6dc46f05658e97833c784d643e00a28
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
4232e3c12b3860ed86f62ab38ee1a711ba7393218593d61cefa8100c28afdd6f
43e2d78cb6e2e34abb67fdfd860109fdbeb249607943c5d0cb4d22cac779f14c
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
449fe094b2c8f40f9300c363ec802b4cd931f82d8b56bd3da3d64e4fea92ee8d
45f47d840784ee940ee178f02f52c831563939a53dd0fe1df6541a5d8fab0f68
48d02d1758575a3ee0e7ba8a0a1c29666b4f55a00d1bf15fd1703897febf4cdb
4ad1cda120d1db4ca0d6ef6dab15cc99cc881254ccb0c04657396c5f667cb714
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
509bc86c3091dae312dbaa4d1f3aa0d23d1e36658c4c740f133979e943467f87
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5c622f5433cbb6ea1df5c0dd8671e55ef7d1464366074730473c453de50a579b
5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6eb5fa7a6083e8a69b947ac0c6c6104d538a7ef1cd4515011374548e6e55074d
72566b9f6e7b6d542137c25ba2709a29b7fb7a5519a8f8d0e487e94f62bd5b0d
78035fd67d63e43b7bf49318ba850553b0ddfe0bdb10e9010c0602cf571b0957
7a980774c763c67b8dfa96f1bf3e7c4f6896c2393b6964e973e5c9a0b88cd51f
7bb2bdb8399925961cca0a432a1a247d76b35b055c7f2276805cdd49c2e6b750
7be9e5639e1c75d9b40459403c2d7fa43852a666ad315ef41fd70b705b6a53ca
7cfc4cec708b3ef2763009b293e7b21286f9e8e3e833486c9346653f3c64b4d1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
893df2b9ceb653f94333139d561d363bf4c365e651a0a3ade839d96200942e37
8c87da2ffec8125653fb9c8a53ad128133f458998b13936cf876f45b7e7747f2
8dfe101a40e4be969e11a603773794ba2ce11fc3641db9958abce83dfcff191a
90bedfa7bbd2bb58b7f47611a77feaf852c117ed7e344885cdb34f7df940658f
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
abcfba06f845a74d9f7d76db8254d742846ac25fd6d2df27661ea71d4fcbba81
adaf34c13d2096235a9ce5e84a9df0ae087691860672e9c0f3dd8121e947f730
ade2ec276fa69222e97fc4b08f7e331cd51386377b31960fb36a5b29dc026a5d
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b00617a429c67e6596891bb8c2cdbabe83233d820bba0df8837d1a9aeab8032f
b1a2a0e3cb37d74be0e4197bc9d806d253e82a3aafa7cb41cb81af7450b4cfe1
b30e4cd801709025bacae989e805015d0760f5b49b18d44fc291a30eed0301bb
b3b484b1063f1190386f02e11b16177c275bc77cc2b0afdeed6136458b1b4b13
b5c6b775d3d6d9e96de3053e2fca3f9fd12544fe462e6079b78d5be073f49c5b
b79e154fe926a54bd6c28fef3085e5bbe012500dccf4725838ece9673f69b824
b7e7b9c8edd9913f4a98b98fbff4682dd449ef00bd3a86dcc0927d72adc186b7
b8de8ac639fedbe6298c907ee5baceca9b0b271668d221391a4dc8aa889dce66
badf404688753b4ac17ef40a86b28efacbe58f20c1207b2933c567e92b1fc656
bf8e0035b788caf36dc30be8938660c68f4d996cec79152ea97ceccc20cc83f5
c182e3eb7819ba1418974b63c4ea656c1fb619cb2ae13fa99453dea7fc1682ef
c598f02b17d8faa93291d329176625fa7a4e7c1900c44d5b9d45941b752433f5
c5ea39a359f0884f86c2557e1a8f71d0fc084bc9b67cfcc9568f34b301f1ecd7
ca3c7cf45658dcfd7ebacbd84884424ff7952193b9f774c7a51e6975ee7a8b53
cd9352d87b16eb03bdae17d778fbbe40e39270a7fef65fe307277427396e73fa
d2531b005307d09fe82446cb4d19aaef078fe9ad2dfbee79dfc140c0dc193b02
e057636e683a54eb804483da9290e4021fcfa064bda5be975569e3168a0b8ba7
e3707edca98715fc3fe7ea36b15c506641b4c380e7e6c4d8ebb9e288f1438ff8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5c32217615dd2e7b4e23b6a3dfbeefaea1c08b84bfb3afbdd8ff3b5d0989ea5
eb388818ee57656a557473387cf791e4fdf3071f25061e8c1dec589011e2931b
ecdd3344822ac46f106751826997daac2cef139405685ee1d3436639efa8a92e
edf9b4b6f7554d1b096a4897af6a242ef4352a6e06bbc27e79ecf26e8bb7a057
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f01e3c93331ea038a82e34fa410b1dfb1d6c041543635c80d740f5547fab15ec
f2d590bfdaf6540fdd178f696f15970f63da7f9b049a5f05ea5337a225189bb6
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
fdcdd530c7e24ed6731d66798319b8c8c4538d0eb4c7db59e5f8c2ca2561fb58
fe761a3a8f8b6ff12fb3b6945047f24358f158d74b20f001ba8ada6d83b08bf0