apps.nbc-insurance.ca Open in urlscan Pro
199.243.65.82 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://nbc-insurance.app.link/
Effective URL:
https://apps.nbc-insurance.ca/waa/WAA/webseal.do?TAM_OP=login&ERROR_CODE=0x00000000&URL=%2Fcc%2F
Submission: On May 14 via manual (May 14th 2021, 1:50:49 am UTC) from CA

Summary HTTP 57 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 18 IPs in 6 countries across 17 domains to perform 57 HTTP transactions. The main IP is 199.243.65.82, located in Canada and belongs to INTACT-FINANCIAL-CORPORATION, CA. The main domain is apps.nbc-insurance.ca.
TLS certificate: Issued by Entrust Certification Authority - L1K on March 24th 2021. Valid for: a year.

This is the only time apps.nbc-insurance.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	2600:9000:20e... 2600:9000:20eb:f600:19:9934:6a80:93a1	16509 (AMAZON-02) (AMAZON-02)
1 22	199.243.65.82 199.243.65.82	32564 (INTACT-FI...) (INTACT-FINANCIAL-CORPORATION)
8	2a02:26f0:6c0... 2a02:26f0:6c00:28a::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	34.250.160.147 34.250.160.147	16509 (AMAZON-02) (AMAZON-02)
1	185.59.220.197 185.59.220.197	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
1	34.243.47.58 34.243.47.58	16509 (AMAZON-02) (AMAZON-02)
1 1	54.194.191.134 54.194.191.134	16509 (AMAZON-02) (AMAZON-02)
1	2a00:f48:2000... 2a00:f48:2000:1023::3	47447 (TTM) (TTM)
3	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
2	52.18.150.20 52.18.150.20	16509 (AMAZON-02) (AMAZON-02)
1 1	54.158.125.140 54.158.125.140	14618 (AMAZON-AES) (AMAZON-AES)
1	52.217.77.94 52.217.77.94	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	15.237.136.106 15.237.136.106	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE)
57	18

2 2600:9000:20eb:f600:19:9934:6a80:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

nbc-insurance.app.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 199.243.65.82 (Canada) 1 redirects

ASN32564 (INTACT-FINANCIAL-CORPORATION, CA)

apps.nbc-insurance.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:26f0:6c00:28a::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.250.160.147 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.59.220.197 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)

cl.qualaroo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.243.47.58 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-47-58.eu-west-1.compute.amazonaws.com

intact.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.191.134 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-191-134.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:f48:2000:1023::3 (Germany)

ASN47447 (TTM, DE)

dntcl.qualaroo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.18.150.20 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-150-20.eu-west-1.compute.amazonaws.com

intactfinancialcorpo.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.158.125.140 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

www.glancecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.77.94 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.237.136.106 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-237-136-106.eu-west-3.compute.amazonaws.com

intactglobal.112.2o7.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	nbc-insurance.ca 1 redirects apps.nbc-insurance.ca	1 MB
8	adobedtm.com assets.adobedtm.com	110 KB
4	google.de www.google.de	831 B
4	google.com www.google.com	670 B
4	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	4 KB
3	googletagmanager.com www.googletagmanager.com	101 KB
3	demdex.net dpm.demdex.net intact.demdex.net	6 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	omtrdc.net intactfinancialcorpo.tt.omtrdc.net	727 B
2	qualaroo.com cl.qualaroo.com dntcl.qualaroo.com	56 KB
2	app.link 2 redirects nbc-insurance.app.link	1 KB
1	2o7.net intactglobal.112.2o7.net	394 B
1	googleadservices.com www.googleadservices.com	14 KB
1	facebook.net connect.facebook.net	24 KB
1	amazonaws.com s3.amazonaws.com	9 KB
1	glancecdn.net 1 redirects www.glancecdn.net	209 B
1	everesttech.net 1 redirects cm.everesttech.net	517 B
57	17

	Domain	Requested by
22	apps.nbc-insurance.ca	1 redirects apps.nbc-insurance.ca
8	assets.adobedtm.com	apps.nbc-insurance.ca assets.adobedtm.com
4	www.google.de
4	www.google.com
3	googleads.g.doubleclick.net	www.googleadservices.com
3	www.googletagmanager.com	assets.adobedtm.com www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com apps.nbc-insurance.ca
2	intactfinancialcorpo.tt.omtrdc.net	apps.nbc-insurance.ca assets.adobedtm.com
2	dpm.demdex.net	apps.nbc-insurance.ca
2	nbc-insurance.app.link	2 redirects
1	stats.g.doubleclick.net	apps.nbc-insurance.ca
1	intactglobal.112.2o7.net
1	www.googleadservices.com	www.googletagmanager.com
1	connect.facebook.net	apps.nbc-insurance.ca
1	s3.amazonaws.com
1	www.glancecdn.net	1 redirects
1	dntcl.qualaroo.com	cl.qualaroo.com
1	cm.everesttech.net	1 redirects
1	intact.demdex.net	assets.adobedtm.com
1	cl.qualaroo.com	apps.nbc-insurance.ca
57	20

This site contains links to these domains. Also see Links.

Domain
www.nbc-insurance.ca
itunes.apple.com
play.google.com
www.entrust.net

Subject Issuer	Validity	Valid
api.assurances-bnc.ca Entrust Certification Authority - L1K	`2021-03-24` - `2022-03-24`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-08` - `2021-09-30`	9 months	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
cl.qualaroo.com R3	`2021-05-04` - `2021-08-02`	3 months	crt.sh
dntcl.qualaroo.com R3	`2021-04-17` - `2021-07-16`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.tt.omtrdc.net DigiCert SHA2 Secure Server CA	`2020-11-02` - `2021-11-09`	a year	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-08-04` - `2021-08-09`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.112.2o7.net DigiCert TLS RSA SHA256 2020 CA1	`2021-04-14` - `2022-04-20`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://apps.nbc-insurance.ca/waa/WAA/webseal.do?TAM_OP=login&ERROR_CODE=0x00000000&URL=%2Fcc%2F
Frame ID: 4BA4F2F7B46FF9B10FCE61E24106C656
Requests: 59 HTTP requests in this frame

Frame: https://intact.demdex.net/dest5.html?d_nsid=0
Frame ID: 08389F3FE1744FF159F16055EBAEEA03
Requests: 1 HTTP requests in this frame

Frame: https://dntcl.qualaroo.com/frame.html
Frame ID: 52D70A50ADF0E5DB1E9C13A9FBBF8FC5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://nbc-insurance.app.link/ HTTP 307
https://nbc-insurance.app.link/ HTTP 307
https://apps.nbc-insurance.ca/cc/ HTTP 302
https://apps.nbc-insurance.ca/waa/WAA/webseal.do?TAM_OP=login&ERROR_CODE=0x00000000&URL=%2Fcc%2F Page URL

Page Statistics

57
Requests

100 %
HTTPS

50 %
IPv6

17
Domains

20
Subdomains

18
IPs

6
Countries

1801 kB
Transfer

3586 kB
Size

18
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.nbc-insurance.ca/

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/ca/app/insurance-national-bank/id1427620141?ls=1&mt=8%20&ct=0000-cc-RegistrationFooter

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=ca.nbc_insurance&hl=en_CA&referrer=utm_source%3D0000-cc-RegistrationFooter

Search URL Search Domain Scan URL

URL: https://www.entrust.net/customer/profile.cfm?domain=apps.nbc-insurance.ca&english=1

Search URL Search Domain Scan URL

URL: https://www.nbc-insurance.ca/on/confidentiality.html?region=ONEN
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.nbc-insurance.ca/on/terms-of-use.html?region=ONEN
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://www.nbc-insurance.ca/on/security.html?region=ONEN
Title: Online security

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://nbc-insurance.app.link/ HTTP 307
https://nbc-insurance.app.link/ HTTP 307
https://apps.nbc-insurance.ca/cc/ HTTP 302
https://apps.nbc-insurance.ca/waa/WAA/webseal.do?TAM_OP=login&ERROR_CODE=0x00000000&URL=%2Fcc%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://cm.everesttech.net/cm/dd?d_uuid=73033768493864241272363148069949730049 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YJ3XZwAAAHBS9ykN

Request Chain 36

https://www.glancecdn.net/cobrowse/CobrowseJS.ashx?group=21243&site=staging HTTP 302
https://s3.amazonaws.com/glancecdn/cobrowse/js/GlanceCobrowseLoader_4.10.1M.js

57 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set webseal.do Show response
apps.nbc-insurance.ca/waa/WAA/
Redirect Chain

http://nbc-insurance.app.link/
https://nbc-insurance.app.link/
https://apps.nbc-insurance.ca/cc/
https://apps.nbc-insurance.ca/waa/WAA/webseal.do?TAM_OP=login&ERROR_CODE=0x00000000&URL=%2Fcc%2F

3 KB
2 KB

122ms
122ms

Document
text/html

199.243.65.82
INTACT-FINANCIAL-...

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.nbc-insurance.ca/waa/WAA/webseal.do?TAM_OP=login&ERROR_CODE=0x00000000&URL=%2Fcc%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.243.65.82 , Canada, ASN32564 (INTACT-FINANCIAL-CORPORATION, CA),

Reverse DNS

Software

Resource Hash

a0ad36a64b0a55adcb3679d9730484a487566ee15d7e64b9bdc82b7969fa2dc7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Host: apps.nbc-insurance.ca
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: BNI_persistence-apps-bnc=rfyFnxANmPtOkG2sZBK_o-fv4IKgxIQGDwqQO6nuJTBnPjoY63ZWykXM9lr4PaAaPeXchaIAOXmlKJ3zBWMhxQ==; PD-S-SESSION-ID=1_2_0_RP3G0D0tW+8-n9D2c94NiAgDb1vN-uvKgwIGJzC0GZUr9mxQ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

accept-ranges: bytes
content-type: text/html; charset=UTF-8
date: Fri, 14 May 2021 01:50:30 GMT
etag: "96a-5beac1fef92c0:dtagent101912005180823286hRu"
last-modified: Mon, 29 Mar 2021 12:36:02 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
transfer-encoding: chunked
x-frame-options: SAMEORIGIN
x-ruxit-js-agent: true
cache-control: private
x-oneagent-js-injection: true
isam-session-timeouts: 1800
content-security-policy: frame-ancestors 'self'
strict-transport-security: max-age=31536000; includeSubDomains
server-timing: dtRpid;desc="-1116313358"
Set-Cookie: BNI_persistence-apps-bnc=rfyFnxANmPtOkG2sZBK_o-fv4IKgxIQGDwqQO6nuJTBnPjoY63ZWykXM9lr4PaAaPeXchaIAOXmlKJ3zBWMhxQ==; Path=/ dtCookie=v_4_srv_3_sn_500DE22E4AB4ACE4443116708C2ACB45_perc_100000_ol_0_mul_1; Path=/; Secure; HttpOnly AMWEBJCT!%2Fwaa!4232dcf7477ba2ab3538415707a233be=0a1fa4cc2e848d01f7a4f19cbf543e41; Path=/; SameSite=None; Secure; HttpOnly
Content-Encoding: gzip
Vary: Accept-Encoding

Redirect headers

content-type: text/html
date: Fri, 14 May 2021 01:50:30 GMT
location: https://apps.nbc-insurance.ca/waa/WAA/webseal.do?TAM_OP=login&ERROR_CODE=0x00000000&URL=%2Fcc%2F
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-frame-options: SAMEORIGIN
isam-op: login
cache-control: no-store
isam-session-timeouts: 1800
content-security-policy: frame-ancestors 'self'
strict-transport-security: max-age=31536000; includeSubDomains
pragma: no-cache
Set-Cookie: BNI_persistence-apps-bnc=rfyFnxANmPtOkG2sZBK_o-fv4IKgxIQGDwqQO6nuJTBnPjoY63ZWykXM9lr4PaAaPeXchaIAOXmlKJ3zBWMhxQ==; Path=/ PD-S-SESSION-ID=1_2_0_RP3G0D0tW+8-n9D2c94NiAgDb1vN-uvKgwIGJzC0GZUr9mxQ; Path=/; Secure; HttpOnly
Transfer-Encoding: chunked

GET
H/1.1 200
OK ruxitagentjs_ICA27SVfhqrux_10191200518082328.js Show response
apps.nbc-insurance.ca/waa/ 169 KB
169 KB 115ms
114ms Script
text/javascript 199.243.65.82
INTACT-FINANCIAL-...

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.nbc-insurance.ca/waa/ruxitagentjs_ICA27SVfhqrux_10191200518082328.js

Requested by

Host: apps.nbc-insurance.ca
URL: https://apps.nbc-insurance.ca/waa/WAA/webseal.do?TAM_OP=login&ERROR_CODE=0x00000000&URL=%2Fcc%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.243.65.82 , Canada, ASN32564 (INTACT-FINANCIAL-CORPORATION, CA),

Reverse DNS

Software

Resource Hash

a8b110bf499abab2b4a4af123aa9432672a1d0b3b65ca06c7d914d841143b56f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: apps.nbc-insurance.ca
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://apps.nbc-insurance.ca/waa/WAA/webseal.do?TAM_OP=login&ERROR_CODE=0x00000000&URL=%2Fcc%2F
Cookie: BNI_persistence-apps-bnc=rfyFnxANmPtOkG2sZBK_o-fv4IKgxIQGDwqQO6nuJTBnPjoY63ZWykXM9lr4PaAaPeXchaIAOXmlKJ3zBWMhxQ==; PD-S-SESSION-ID=1_2_0_RP3G0D0tW+8-n9D2c94NiAgDb1vN-uvKgwIGJzC0GZUr9mxQ; dtCookie=v_4_srv_3_sn_500DE22E4AB4ACE4443116708C2ACB45_perc_100000_ol_0_mul_1; AMWEBJCT!%2Fwaa!4232dcf7477ba2ab3538415707a233be=0a1fa4cc2e848d01f7a4f19cbf543e41
Connection: keep-alive
Referer: https://apps.nbc-insurance.ca/waa/WAA/webseal.do?TAM_OP=login&ERROR_CODE=0x00000000&URL=%2Fcc%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 01:50:31 GMT
last-modified: Wed, 03 Mar 2010 07:01:40 GMT
x-frame-options: SAMEORIGIN
isam-session-timeouts: 1800
p3p: CP="NON CUR OTPi OUR NOR UNI"
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
content-security-policy: frame-ancestors 'self'
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 172831
expires: Sat, 14 May 2022 01:50:31 GMT

GET
H2 200 launch-EN63be08d751e44592b3f3237e8f10cd42.min.js Show response
assets.adobedtm.com/ 313 KB
92 KB 35ms
18ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/launch-EN63be08d751e44592b3f3237e8f10cd42.min.js
Requested by: Host: apps.nbc-insurance.ca
URL: https://apps.nbc-insurance.ca/waa/WAA/webseal.do?TAM_OP=login&ERROR_CODE=0x00000000&URL=%2Fcc%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: deaf4742c850a9a831baa5065d029ed9885df26651104738d9a3ef0d72e28582

Request headers

Referer: https://apps.nbc-insurance.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 01:50:31 GMT
content-encoding: gzip
last-modified: Tue, 27 Apr 2021 13:16:11 GMT
server: AkamaiNetStorage
etag: "5fc3660531b780bb604df48d7f2f8960:1619529371.206575"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://apps.nbc-insurance.ca
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 93888
expires: Fri, 14 May 2021 02:50:31 GMT

GET
H/1.1 200
OK Cookie set main.css
apps.nbc-insurance.ca/waa/ 479 KB
182 KB 119ms
118ms Stylesheet
text/css 199.243.65.82
INTACT-FINANCIAL-...

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.nbc-insurance.ca/waa/main.css

Requested by

Host: apps.nbc-insurance.ca
URL: https://apps.nbc-insurance.ca/waa/WAA/webseal.do?TAM_OP=login&ERROR_CODE=0x00000000&URL=%2Fcc%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.243.65.82 , Canada, ASN32564 (INTACT-FINANCIAL-CORPORATION, CA),

Reverse DNS

Software

Resource Hash

bd5c833ac75a2fe66aa361d66f08f997a20ccdec8f5800d77245963b00af5cba

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: apps.nbc-insurance.ca
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://apps.nbc-insurance.ca/waa/WAA/webseal.do?TAM_OP=login&ERROR_CODE=0x00000000&URL=%2Fcc%2F
Cookie: BNI_persistence-apps-bnc=rfyFnxANmPtOkG2sZBK_o-fv4IKgxIQGDwqQO6nuJTBnPjoY63ZWykXM9lr4PaAaPeXchaIAOXmlKJ3zBWMhxQ==; PD-S-SESSION-ID=1_2_0_RP3G0D0tW+8-n9D2c94NiAgDb1vN-uvKgwIGJzC0GZUr9mxQ; dtCookie=v_4_srv_3_sn_500DE22E4AB4ACE4443116708C2ACB45_perc_100000_ol_0_mul_1; AMWEBJCT!%2Fwaa!4232dcf7477ba2ab3538415707a233be=0a1fa4cc2e848d01f7a4f19cbf543e41; dtCookie=-6$UG970S1T94NAEVS5FLDP8H5A6EEVIUBB; rxVisitor=16209570314533BJ3696EBG1IEAN94NB1JQCOTMD4MJ2E; dtSa=-; dtLatC=525; rxvt=1620958831468|1620957031455; dtPC=-6$357031448_131h1vAIPDCNHFTAPPGSHAULDKGFHHRCPGEPBW-0e1
Connection: keep-alive
Referer: https://apps.nbc-insurance.ca/waa/WAA/webseal.do?TAM_OP=login&ERROR_CODE=0x00000000&URL=%2Fcc%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 01:50:31 GMT
Content-Encoding: gzip
last-modified: Mon, 29 Mar 2021 12:36:03 GMT
x-frame-options: SAMEORIGIN
etag: "77b40-5beac1fef92c0"
Vary: Accept-Encoding
isam-session-timeouts: 1800
p3p: CP="NON CUR OTPi OUR NOR UNI"
Transfer-Encoding: chunked
server-timing: dtRpid;desc="792427847"
content-security-policy: frame-ancestors 'self'
Set-Cookie: BNI_persistence-apps-bnc=rfyFnxANmPtOkG2sZBK_o-fv4IKgxIQGDwqQO6nuJTBnPjoY63ZWykXM9lr4PaAaPeXchaIAOXmlKJ3zBWMhxQ==; Path=/ dtCookie=v_4_srv_5_sn_500DE22E4AB4ACE4443116708C2ACB45_perc_100000_ol_0_mul_1; Path=/; Secure; HttpOnly
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
accept-ranges: bytes

GET
H/1.1 200
OK Cookie set vendors.bundle.js Show response
apps.nbc-insurance.ca/waa/ 851 KB
288 KB 335ms
128ms Script
application/javascript 199.243.65.82
INTACT-FINANCIAL-...

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.nbc-insurance.ca/waa/vendors.bundle.js

Requested by

Host: apps.nbc-insurance.ca
URL: https://apps.nbc-insurance.ca/waa/WAA/webseal.do?TAM_OP=login&ERROR_CODE=0x00000000&URL=%2Fcc%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.243.65.82 , Canada, ASN32564 (INTACT-FINANCIAL-CORPORATION, CA),

Reverse DNS

Software

Resource Hash

fc3bdf08b736cad8676590fe70bed6f3c64efe3964590b4b4805798148b93b95

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: apps.nbc-insurance.ca
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://apps.nbc-insurance.ca/waa/WAA/webseal.do?TAM_OP=login&ERROR_CODE=0x00000000&URL=%2Fcc%2F
Cookie: BNI_persistence-apps-bnc=rfyFnxANmPtOkG2sZBK_o-fv4IKgxIQGDwqQO6nuJTBnPjoY63ZWykXM9lr4PaAaPeXchaIAOXmlKJ3zBWMhxQ==; PD-S-SESSION-ID=1_2_0_RP3G0D0tW+8-n9D2c94NiAgDb1vN-uvKgwIGJzC0GZUr9mxQ; dtCookie=v_4_srv_3_sn_500DE22E4AB4ACE4443116708C2ACB45_perc_100000_ol_0_mul_1; AMWEBJCT!%2Fwaa!4232dcf7477ba2ab3538415707a233be=0a1fa4cc2e848d01f7a4f19cbf543e41; dtCookie=-6$UG970S1T94NAEVS5FLDP8H5A6EEVIUBB; rxVisitor=16209570314533BJ3696EBG1IEAN94NB1JQCOTMD4MJ2E; dtSa=-; dtLatC=525; rxvt=1620958831468|1620957031455; dtPC=-6$357031448_131h1vAIPDCNHFTAPPGSHAULDKGFHHRCPGEPBW-0e1
Connection: keep-alive
Referer: https://apps.nbc-insurance.ca/waa/WAA/webseal.do?TAM_OP=login&ERROR_CODE=0x00000000&URL=%2Fcc%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 01:50:31 GMT
Content-Encoding: gzip
last-modified: Mon, 29 Mar 2021 12:36:03 GMT
x-frame-options: SAMEORIGIN
etag: "d4b7e-5beac1fef92c0"
Vary: Accept-Encoding
isam-session-timeouts: 1800
p3p: CP="NON CUR OTPi OUR NOR UNI"
Transfer-Encoding: chunked
server-timing: dtRpid;desc="617963567"
content-security-policy: frame-ancestors 'self'
Set-Cookie: BNI_persistence-apps-bnc=rfyFnxANmPtOkG2sZBK_o-fv4IKgxIQGDwqQO6nuJTBnPjoY63ZWykXM9lr4PaAaPeXchaIAOXmlKJ3zBWMhxQ==; Path=/ dtCookie=v_4_srv_5_sn_500DE22E4AB4ACE4443116708C2ACB45_perc_100000_ol_0_mul_1; Path=/; Secure; HttpOnly
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
accept-ranges: bytes

GET
H/1.1 200
OK Cookie set main.bundle.js Show response
apps.nbc-insurance.ca/waa/ 283 KB
71 KB 430ms
223ms Script
application/javascript 199.243.65.82
INTACT-FINANCIAL-...

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.nbc-insurance.ca/waa/main.bundle.js

Requested by

Host: apps.nbc-insurance.ca
URL: https://apps.nbc-insurance.ca/waa/WAA/webseal.do?TAM_OP=login&ERROR_CODE=0x00000000&URL=%2Fcc%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.243.65.82 , Canada, ASN32564 (INTACT-FINANCIAL-CORPORATION, CA),

Reverse DNS

Software

Resource Hash

702428aaf2b30b0a4886c9252ad364809605bc3ad41fa2c51dd1215b4dc32321

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: apps.nbc-insurance.ca
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://apps.nbc-insurance.ca/waa/WAA/webseal.do?TAM_OP=login&ERROR_CODE=0x00000000&URL=%2Fcc%2F
Cookie: BNI_persistence-apps-bnc=rfyFnxANmPtOkG2sZBK_o-fv4IKgxIQGDwqQO6nuJTBnPjoY63ZWykXM9lr4PaAaPeXchaIAOXmlKJ3zBWMhxQ==; PD-S-SESSION-ID=1_2_0_RP3G0D0tW+8-n9D2c94NiAgDb1vN-uvKgwIGJzC0GZUr9mxQ; dtCookie=v_4_srv_3_sn_500DE22E4AB4ACE4443116708C2ACB45_perc_100000_ol_0_mul_1; AMWEBJCT!%2Fwaa!4232dcf7477ba2ab3538415707a233be=0a1fa4cc2e848d01f7a4f19cbf543e41; dtCookie=-6$UG970S1T94NAEVS5FLDP8H5A6EEVIUBB; rxVisitor=16209570314533BJ3696EBG1IEAN94NB1JQCOTMD4MJ2E; dtSa=-; dtLatC=525; rxvt=1620958831468|1620957031455; dtPC=-6$357031448_131h1vAIPDCNHFTAPPGSHAULDKGFHHRCPGEPBW-0e1
Connection: keep-alive
Referer: https://apps.nbc-insurance.ca/waa/WAA/webseal.do?TAM_OP=login&ERROR_CODE=0x00000000&URL=%2Fcc%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 01:50:31 GMT
Content-Encoding: gzip
last-modified: Mon, 29 Mar 2021 12:36:03 GMT
x-frame-options: SAMEORIGIN
etag: "46b24-5beac1fef92c0"
Vary: Accept-Encoding
isam-session-timeouts: 1800
p3p: CP="NON CUR OTPi OUR NOR UNI"
Transfer-Encoding: chunked
server-timing: dtRpid;desc="-1866799041"
content-security-policy: frame-ancestors 'self'
Set-Cookie: BNI_persistence-apps-bnc=rfyFnxANmPtOkG2sZBK_o-fv4IKgxIQGDwqQO6nuJTBnPjoY63ZWykXM9lr4PaAaPeXchaIAOXmlKJ3zBWMhxQ==; Path=/ dtCookie=v_4_srv_5_sn_500DE22E4AB4ACE4443116708C2ACB45_perc_100000_ol_0_mul_1; Path=/; Secure; HttpOnly
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
accept-ranges: bytes

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 365 B
1 KB 136ms
34ms XHR
application/json 34.250.160.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=8879806A585197B50A495EE9%40AdobeOrg&d_nsid=0&ts=1620957031526

Requested by

Host: apps.nbc-insurance.ca
URL: https://apps.nbc-insurance.ca/waa/ruxitagentjs_ICA27SVfhqrux_10191200518082328.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.250.160.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

649ea4c52141d660750f9ec0a9293e6c0a1de1ba809c3c76bc450dab73844fbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://apps.nbc-insurance.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-2-v006-0a365d8bd.edge-irl1.demdex.com 6.2.1.20210507120117-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: J5Jb0HnkR44=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://apps.nbc-insurance.ca
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 307
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 33 KB
12 KB 7ms
6ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN63be08d751e44592b3f3237e8f10cd42.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32

Request headers

Referer: https://apps.nbc-insurance.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 01:50:31 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:52 GMT
server: AkamaiNetStorage
etag: "f259ee6445c19c2ce3c64a1b117a4f35:1597270192.577101"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://apps.nbc-insurance.ca
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12184
expires: Fri, 14 May 2021 02:50:31 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 3 KB
2 KB 7ms
7ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN63be08d751e44592b3f3237e8f10cd42.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2

Request headers

Referer: https://apps.nbc-insurance.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 01:50:31 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:52 GMT
server: AkamaiNetStorage
etag: "5dedcda2c8a6c3a51fd419d306427010:1597270192.857753"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://apps.nbc-insurance.ca
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1594
expires: Fri, 14 May 2021 02:50:31 GMT

GET
H2 200 g3l.js Show response
cl.qualaroo.com/ki.js/67544/ 231 KB
55 KB 447ms
385ms Script
application/ecmascript 185.59.220.197
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://cl.qualaroo.com/ki.js/67544/g3l.js
Requested by: Host: apps.nbc-insurance.ca
URL: https://apps.nbc-insurance.ca/waa/WAA/webseal.do?TAM_OP=login&ERROR_CODE=0x00000000&URL=%2Fcc%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.197 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: BunnyCDN-DE1-487 /
Resource Hash: 0ca33d65af042989144ef1400c863fd5531d22df7deeb4ae4daf033f96abb238

Request headers

Referer: https://apps.nbc-insurance.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 01:50:32 GMT
content-encoding: gzip
cdn-edgestorageid: 487
x-amz-request-id: EV5KD94E4ZYM2RGW
cdn-cachedat: 2021-05-07 17:58:45
cdn-pullzone: 92714
content-length: 55910
x-amz-id-2: /lVRy4swNqiF/wCQypfmE+moiWgD3rCss0dTda576fLAHogC7HNXG0F2PO+qIoMYfoq2S7szkjc=
last-modified: Thu, 06 May 2021 17:48:38 GMT
server: BunnyCDN-DE1-487
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
content-type: application/ecmascript
cdn-cache: REVALIDATED
cdn-uid: 50c043fb-dcd1-4574-9faf-b60384f66f78
cache-control: s-maxage=3600, max-age=0
cdn-requestid: be5c2c213f0aea11ab3234a9965af75b
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H/1.1 200
OK dest5.html Show response
intact.demdex.net/ Frame 0838 7 KB
3 KB 134ms
32ms Document
text/html 34.243.47.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://intact.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN63be08d751e44592b3f3237e8f10cd42.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.243.47.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-243-47-58.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: intact.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://apps.nbc-insurance.ca/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: demdex=73033768493864241272363148069949730049
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://apps.nbc-insurance.ca/

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Fri, 14 May 2021 01:50:31 GMT
DCS: dcs-prod-irl1-2-v006-056d01fc5.edge-irl1.demdex.com 6.2.1.20210507120117-PR_1432-SNAPSHOT
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Tue, 11 May 2021 11:18:05 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: tYO9MyKeS3k=
transfer-encoding: chunked
Connection: keep-alive

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YJ3XZwAAAHBS9ykN
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=73033768493864241272363148069949730049
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YJ3XZwAAAHBS9ykN

42 B
975 B

35ms
34ms

Image
image/gif

34.250.160.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YJ3XZwAAAHBS9ykN

Requested by

Host: apps.nbc-insurance.ca
URL: https://apps.nbc-insurance.ca/waa/WAA/webseal.do?TAM_OP=login&ERROR_CODE=0x00000000&URL=%2Fcc%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.250.160.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://apps.nbc-insurance.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v006-06779a99f.edge-irl1.demdex.com 6.2.1.20210507120117-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: VeWgWPBkTNs=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YJ3XZwAAAHBS9ykN
Date: Fri, 14 May 2021 01:50:31 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 frame.html Show response
dntcl.qualaroo.com/ Frame 52D7 323 B
652 B 43ms
12ms Document
text/html 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://dntcl.qualaroo.com/frame.html
Requested by: Host: cl.qualaroo.com
URL: https://cl.qualaroo.com/ki.js/67544/g3l.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: 2e8900ba4a5768754de4fc21bcdde72bdcafa25c6c766a7f3bc44bf6c21fc412

Request headers

:method: GET
:authority: dntcl.qualaroo.com
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://apps.nbc-insurance.ca/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://apps.nbc-insurance.ca/

Response headers

date: Fri, 14 May 2021 01:50:32 GMT
content-type: text/html
vary: Accept-Encoding
server: BunnyCDN-DE1-481
cdn-pullzone: 99568
cdn-uid: 50c043fb-dcd1-4574-9faf-b60384f66f78
cdn-requestcountrycode: DE
cdn-edgestorageid: 481
cdn-storageserver: DE-51
cache-control: public, max-age=604800
last-modified: Fri, 06 Dec 2019 12:46:59 GMT
cdn-cachedat: 2021-05-14 00:49:44
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-requestid: d545104f38c8920d93fd76ba7019c76d
cdn-cache: HIT
content-encoding: gzip

GET
H/1.1 200
OK Cookie set config.json Show response
apps.nbc-insurance.ca/waa/ 2 KB
2 KB 113ms
112ms XHR
text/plain 199.243.65.82
INTACT-FINANCIAL-...

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.nbc-insurance.ca/waa/config.json

Requested by

Host: apps.nbc-insurance.ca
URL: https://apps.nbc-insurance.ca/waa/ruxitagentjs_ICA27SVfhqrux_10191200518082328.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.243.65.82 , Canada, ASN32564 (INTACT-FINANCIAL-CORPORATION, CA),

Reverse DNS

Software

Resource Hash

02952d3ea0abfae10cdd79d462687bee5a2eb764d67a3e352580341ec9640cf6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: cors
language: en
Accept-Language: en-US
Sec-Fetch-Dest: empty
Accept-Encoding: gzip, deflate, br
Cookie: BNI_persistence-apps-bnc=rfyFnxANmPtOkG2sZBK_o-fv4IKgxIQGDwqQO6nuJTBnPjoY63ZWykXM9lr4PaAaPeXchaIAOXmlKJ3zBWMhxQ==; PD-S-SESSION-ID=1_2_0_RP3G0D0tW+8-n9D2c94NiAgDb1vN-uvKgwIGJzC0GZUr9mxQ; AMWEBJCT!%2Fwaa!4232dcf7477ba2ab3538415707a233be=0a1fa4cc2e848d01f7a4f19cbf543e41; dtCookie=-6$UG970S1T94NAEVS5FLDP8H5A6EEVIUBB; rxVisitor=16209570314533BJ3696EBG1IEAN94NB1JQCOTMD4MJ2E; dtSa=-; dtLatC=525; mbox=session#bec999dec95c4727b8e1e1717060ae06#1620958892; dtCookie=v_4_srv_5_sn_500DE22E4AB4ACE4443116708C2ACB45_perc_100000_ol_0_mul_1; AMCVS_8879806A585197B50A495EE9%40AdobeOrg=1; AMCV_8879806A585197B50A495EE9%40AdobeOrg=-1124106680%7CMCIDTS%7C18762%7CMCMID%7C73254844129117623942321607156014092772%7CMCAAMLH-1621561831%7C6%7CMCAAMB-1621561831%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1620964231s%7CNONE%7CMCSYNCSOP%7C411-18769%7CvVersion%7C5.2.0; ki_t=1620957032394%3B1620957032394%3B1620957032394%3B1%3B1; ki_r=; dtPC=-6$357031448_131h4vAIPDCNHFTAPPGSHAULDKGFHHRCPGEPBW-0e1; rxvt=1620958832433|1620957031455
Connection: keep-alive
Pragma: no-cache
Host: apps.nbc-insurance.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
x-dtpc: -6$357031448_131h4vAIPDCNHFTAPPGSHAULDKGFHHRCPGEPBW-0e1
x-dtreferer: https://apps.nbc-insurance.ca/waa/WAA/webseal.do?TAM_OP=login&ERROR_CODE=0x00000000&URL=%2Fcc%2F
Accept: application/json, text/plain, */*
Cache-Control: no-cache
Referer: https://apps.nbc-insurance.ca/waa/webseal.do?TAM_OP=login&ERROR_CODE=0x00000000&URL=%2Fcc%2F
Sec-Fetch-Site: same-origin
province: on
X-API-KEY: x6jTmCfVliZROjJwXtlKkdcILbMgbVrv
language: en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
x-dtpc: -6$357031448_131h4vAIPDCNHFTAPPGSHAULDKGFHHRCPGEPBW-0e1
Accept: application/json, text/plain, */*
x-dtreferer: https://apps.nbc-insurance.ca/waa/WAA/webseal.do?TAM_OP=login&ERROR_CODE=0x00000000&URL=%2Fcc%2F
Referer: https://apps.nbc-insurance.ca/waa/webseal.do?TAM_OP=login&ERROR_CODE=0x00000000&URL=%2Fcc%2F
province: on
X-API-KEY: x6jTmCfVliZROjJwXtlKkdcILbMgbVrv

Response headers

date: Fri, 14 May 2021 01:50:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 16 Apr 2021 01:02:09 GMT
etag: "64e-5c00c879c3891:dtagent101912005180823286hRu"
x-frame-options: SAMEORIGIN
isam-session-timeouts: 1800
p3p: CP="NON CUR OTPi OUR NOR UNI"
Transfer-Encoding: chunked
server-timing: dtRpid;desc="-547018060"
content-security-policy: frame-ancestors 'self'
Set-Cookie: BNI_persistence-apps-bnc=rfyFnxANmPtOkG2sZBK_o-fv4IKgxIQGDwqQO6nuJTBnPjoY63ZWykXM9lr4PaAaPeXchaIAOXmlKJ3zBWMhxQ==; Path=/ dtCookie=v_4_srv_5_sn_UG970S1T94NAEVS5FLDP8H5A6EEVIUBB_perc_100000_ol_0_mul_1; Path=/; Secure; HttpOnly
accept-ranges: bytes

GET
H2 200 RCc7d38cf037904a618431b788ece5a3eb-source.min.js Show response
assets.adobedtm.com/6e1d227ae226/a2d57a4bc6a8/77fb116a0721/ 499 B
545 B 11ms
10ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/6e1d227ae226/a2d57a4bc6a8/77fb116a0721/RCc7d38cf037904a618431b788ece5a3eb-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN63be08d751e44592b3f3237e8f10cd42.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 8d1fa4950611e780b17abc83e53dcd4e10b90544e2a1b7a715d95fabf1e5b68a

Request headers

Referer: https://apps.nbc-insurance.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 01:50:32 GMT
content-encoding: gzip
last-modified: Tue, 27 Apr 2021 13:16:12 GMT
server: AkamaiNetStorage
etag: "80fc93cd7112138e84c3b36b7b50d01f:1619529372.604315"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://apps.nbc-insurance.ca
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 276
expires: Fri, 14 May 2021 02:50:32 GMT

GET
H2 200 RC528dfdaabe604af7ac6d1808c292c6c5-source.min.js Show response
assets.adobedtm.com/6e1d227ae226/a2d57a4bc6a8/77fb116a0721/ 1 KB
686 B 9ms
9ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/6e1d227ae226/a2d57a4bc6a8/77fb116a0721/RC528dfdaabe604af7ac6d1808c292c6c5-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN63be08d751e44592b3f3237e8f10cd42.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 9a640a4d0bf918126fed095202427876cd3c8fc44d6be3d991b7f23ab1dd0439

Request headers

Referer: https://apps.nbc-insurance.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 01:50:32 GMT
content-encoding: gzip
last-modified: Tue, 27 Apr 2021 13:16:12 GMT
server: AkamaiNetStorage
etag: "80fc93cd7112138e84c3b36b7b50d01f:1619529372.604315"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://apps.nbc-insurance.ca
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 417
expires: Fri, 14 May 2021 02:50:32 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 85 KB
34 KB 72ms
33ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-860711890&l=gtagDataLayer

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN63be08d751e44592b3f3237e8f10cd42.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

95c3a50d1c8994849683514f30962741bf600820281a97486a4f5caf2e37a7e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://apps.nbc-insurance.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 01:50:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34223
x-xss-protection: 0
last-modified: Fri, 14 May 2021 00:44:27 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 14 May 2021 01:50:32 GMT

GET
H2 200 RC0636f1ac7dd94322848fe7ce099a02f1-source.min.js Show response
assets.adobedtm.com/6e1d227ae226/a2d57a4bc6a8/77fb116a0721/ 2 KB
1 KB 26ms
14ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/6e1d227ae226/a2d57a4bc6a8/77fb116a0721/RC0636f1ac7dd94322848fe7ce099a02f1-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN63be08d751e44592b3f3237e8f10cd42.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: a64f68f988d52fa69627ecf91096976b5a88d2d148e7be2718853152fe7ca59a

Request headers

Referer: https://apps.nbc-insurance.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 01:50:32 GMT
content-encoding: gzip
last-modified: Tue, 27 Apr 2021 13:16:12 GMT
server: AkamaiNetStorage
etag: "80fc93cd7112138e84c3b36b7b50d01f:1619529372.604315"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://apps.nbc-insurance.ca
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 783
expires: Fri, 14 May 2021 02:50:32 GMT

GET
H2 200 RC125aa9f6ab4a4b9bbc96041ec8f4591a-source.min.js Show response
assets.adobedtm.com/6e1d227ae226/a2d57a4bc6a8/77fb116a0721/ 1 KB
793 B 21ms
10ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/6e1d227ae226/a2d57a4bc6a8/77fb116a0721/RC125aa9f6ab4a4b9bbc96041ec8f4591a-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN63be08d751e44592b3f3237e8f10cd42.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: eff17de9c1f36530fba331c1f24a828003fa467d518ebdeec1bfb351c712515d

Request headers

Referer: https://apps.nbc-insurance.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 01:50:32 GMT
content-encoding: gzip
last-modified: Tue, 27 Apr 2021 13:16:12 GMT
server: AkamaiNetStorage
etag: "80fc93cd7112138e84c3b36b7b50d01f:1619529372.604315"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://apps.nbc-insurance.ca
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 524
expires: Fri, 14 May 2021 02:50:32 GMT

GET
H2 200 RC610cc9f296a9425fb987cf421db8da1e-source.min.js Show response
assets.adobedtm.com/6e1d227ae226/a2d57a4bc6a8/77fb116a0721/ 1 KB
722 B 12ms
10ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/6e1d227ae226/a2d57a4bc6a8/77fb116a0721/RC610cc9f296a9425fb987cf421db8da1e-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN63be08d751e44592b3f3237e8f10cd42.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: a3c7e218e7a1b6edf05af703a7243b0b81441e4f6c7037d8c40f86c05cb1a285

Request headers

Referer: https://apps.nbc-insurance.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 01:50:32 GMT
content-encoding: gzip
last-modified: Tue, 27 Apr 2021 13:16:12 GMT
server: AkamaiNetStorage
etag: "80fc93cd7112138e84c3b36b7b50d01f:1619529372.604315"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://apps.nbc-insurance.ca
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 453
expires: Fri, 14 May 2021 02:50:32 GMT

GET
H/1.1 200
OK Cookie set 29cad169822b5b1e1d89a21438ae6986.svg
apps.nbc-insurance.ca/waa/ 13 KB
6 KB 132ms
129ms Image
image/svg+xml 199.243.65.82
INTACT-FINANCIAL-...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://apps.nbc-insurance.ca/waa/29cad169822b5b1e1d89a21438ae6986.svg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.243.65.82 , Canada, ASN32564 (INTACT-FINANCIAL-CORPORATION, CA),

Reverse DNS

Software

Resource Hash

09d3abb0bb35e39bae0f9284ab32061a47fd8e54b116183f738eb736c62cf07e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: apps.nbc-insurance.ca
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://apps.nbc-insurance.ca/waa/
Cookie: BNI_persistence-apps-bnc=rfyFnxANmPtOkG2sZBK_o-fv4IKgxIQGDwqQO6nuJTBnPjoY63ZWykXM9lr4PaAaPeXchaIAOXmlKJ3zBWMhxQ==; PD-S-SESSION-ID=1_2_0_RP3G0D0tW+8-n9D2c94NiAgDb1vN-uvKgwIGJzC0GZUr9mxQ; AMWEBJCT!%2Fwaa!4232dcf7477ba2ab3538415707a233be=0a1fa4cc2e848d01f7a4f19cbf543e41; dtCookie=-6$UG970S1T94NAEVS5FLDP8H5A6EEVIUBB; rxVisitor=16209570314533BJ3696EBG1IEAN94NB1JQCOTMD4MJ2E; dtSa=-; dtLatC=525; mbox=session#bec999dec95c4727b8e1e1717060ae06#1620958892; AMCVS_8879806A585197B50A495EE9%40AdobeOrg=1; AMCV_8879806A585197B50A495EE9%40AdobeOrg=-1124106680%7CMCIDTS%7C18762%7CMCMID%7C73254844129117623942321607156014092772%7CMCAAMLH-1621561831%7C6%7CMCAAMB-1621561831%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1620964231s%7CNONE%7CMCSYNCSOP%7C411-18769%7CvVersion%7C5.2.0; ki_t=1620957032394%3B1620957032394%3B1620957032394%3B1%3B1; ki_r=; ki_s=; at_check=true; rxvt=1620958832538|1620957031455; dtPC=-6$357031448_131h4vAIPDCNHFTAPPGSHAULDKGFHHRCPGEPBW-0e2; dtCookie=v_4_srv_5_sn_UG970S1T94NAEVS5FLDP8H5A6EEVIUBB_perc_100000_ol_0_mul_1
Connection: keep-alive
Referer: https://apps.nbc-insurance.ca/waa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 01:50:32 GMT
Content-Encoding: gzip
last-modified: Mon, 29 Mar 2021 12:36:03 GMT
x-frame-options: SAMEORIGIN
etag: "329a-5beac1fef92c0"
Vary: Accept-Encoding
isam-session-timeouts: 1800
p3p: CP="NON CUR OTPi OUR NOR UNI"
Transfer-Encoding: chunked
server-timing: dtRpid;desc="-1918321073"
content-security-policy: frame-ancestors 'self'
Set-Cookie: BNI_persistence-apps-bnc=rfyFnxANmPtOkG2sZBK_o-fv4IKgxIQGDwqQO6nuJTBnPjoY63ZWykXM9lr4PaAaPeXchaIAOXmlKJ3zBWMhxQ==; Path=/ dtCookie=v_4_srv_5_sn_UG970S1T94NAEVS5FLDP8H5A6EEVIUBB_perc_100000_ol_0_mul_1; Path=/; Secure; HttpOnly
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/svg+xml
accept-ranges: bytes

GET
H/1.1 200
OK Cookie set 413635e08bbc0e7fa0b3759bcbb84d79.svg
apps.nbc-insurance.ca/waa/ 4 KB
5 KB 116ms
114ms Image
image/svg+xml 199.243.65.82
INTACT-FINANCIAL-...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://apps.nbc-insurance.ca/waa/413635e08bbc0e7fa0b3759bcbb84d79.svg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.243.65.82 , Canada, ASN32564 (INTACT-FINANCIAL-CORPORATION, CA),

Reverse DNS

Software

Resource Hash

9fb375f4fa19c40aceaf758beedba9669347ab36e9bfc1e870e57409b6aed716

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: apps.nbc-insurance.ca
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://apps.nbc-insurance.ca/waa/
Cookie: BNI_persistence-apps-bnc=rfyFnxANmPtOkG2sZBK_o-fv4IKgxIQGDwqQO6nuJTBnPjoY63ZWykXM9lr4PaAaPeXchaIAOXmlKJ3zBWMhxQ==; PD-S-SESSION-ID=1_2_0_RP3G0D0tW+8-n9D2c94NiAgDb1vN-uvKgwIGJzC0GZUr9mxQ; AMWEBJCT!%2Fwaa!4232dcf7477ba2ab3538415707a233be=0a1fa4cc2e848d01f7a4f19cbf543e41; dtCookie=-6$UG970S1T94NAEVS5FLDP8H5A6EEVIUBB; rxVisitor=16209570314533BJ3696EBG1IEAN94NB1JQCOTMD4MJ2E; dtSa=-; dtLatC=525; mbox=session#bec999dec95c4727b8e1e1717060ae06#1620958892; AMCVS_8879806A585197B50A495EE9%40AdobeOrg=1; AMCV_8879806A585197B50A495EE9%40AdobeOrg=-1124106680%7CMCIDTS%7C18762%7CMCMID%7C73254844129117623942321607156014092772%7CMCAAMLH-1621561831%7C6%7CMCAAMB-1621561831%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1620964231s%7CNONE%7CMCSYNCSOP%7C411-18769%7CvVersion%7C5.2.0; ki_t=1620957032394%3B1620957032394%3B1620957032394%3B1%3B1; ki_r=; ki_s=; at_check=true; rxvt=1620958832538|1620957031455; dtPC=-6$357031448_131h4vAIPDCNHFTAPPGSHAULDKGFHHRCPGEPBW-0e2; dtCookie=v_4_srv_5_sn_UG970S1T94NAEVS5FLDP8H5A6EEVIUBB_perc_100000_ol_0_mul_1
Connection: keep-alive
Referer: https://apps.nbc-insurance.ca/waa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 01:50:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 29 Mar 2021 12:36:03 GMT
etag: "f6b-5beac1fef92c0"
x-frame-options: SAMEORIGIN
isam-session-timeouts: 1800
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtRpid;desc="-791756585"
content-security-policy: frame-ancestors 'self'
Set-Cookie: BNI_persistence-apps-bnc=rfyFnxANmPtOkG2sZBK_o-fv4IKgxIQGDwqQO6nuJTBnPjoY63ZWykXM9lr4PaAaPeXchaIAOXmlKJ3zBWMhxQ==; Path=/ dtCookie=v_4_srv_5_sn_UG970S1T94NAEVS5FLDP8H5A6EEVIUBB_perc_100000_ol_0_mul_1; Path=/; Secure; HttpOnly
accept-ranges: bytes
content-type: image/svg+xml
content-length: 3947

GET
H/1.1 200
OK Cookie set 1c7b45c1ff07b24ad2f7d3eb21df3a6f.svg
apps.nbc-insurance.ca/waa/ 1 KB
2 KB 135ms
132ms Image
image/svg+xml 199.243.65.82
INTACT-FINANCIAL-...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://apps.nbc-insurance.ca/waa/1c7b45c1ff07b24ad2f7d3eb21df3a6f.svg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.243.65.82 , Canada, ASN32564 (INTACT-FINANCIAL-CORPORATION, CA),

Reverse DNS

Software

Resource Hash

cde1bed43f58a644bf766ff27b108c7d849ebfb2c316a9c30bc16ce7ba57d8d2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: apps.nbc-insurance.ca
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://apps.nbc-insurance.ca/waa/
Cookie: BNI_persistence-apps-bnc=rfyFnxANmPtOkG2sZBK_o-fv4IKgxIQGDwqQO6nuJTBnPjoY63ZWykXM9lr4PaAaPeXchaIAOXmlKJ3zBWMhxQ==; PD-S-SESSION-ID=1_2_0_RP3G0D0tW+8-n9D2c94NiAgDb1vN-uvKgwIGJzC0GZUr9mxQ; AMWEBJCT!%2Fwaa!4232dcf7477ba2ab3538415707a233be=0a1fa4cc2e848d01f7a4f19cbf543e41; dtCookie=-6$UG970S1T94NAEVS5FLDP8H5A6EEVIUBB; rxVisitor=16209570314533BJ3696EBG1IEAN94NB1JQCOTMD4MJ2E; dtSa=-; dtLatC=525; mbox=session#bec999dec95c4727b8e1e1717060ae06#1620958892; AMCVS_8879806A585197B50A495EE9%40AdobeOrg=1; AMCV_8879806A585197B50A495EE9%40AdobeOrg=-1124106680%7CMCIDTS%7C18762%7CMCMID%7C73254844129117623942321607156014092772%7CMCAAMLH-1621561831%7C6%7CMCAAMB-1621561831%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1620964231s%7CNONE%7CMCSYNCSOP%7C411-18769%7CvVersion%7C5.2.0; ki_t=1620957032394%3B1620957032394%3B1620957032394%3B1%3B1; ki_r=; ki_s=; at_check=true; rxvt=1620958832538|1620957031455; dtPC=-6$357031448_131h4vAIPDCNHFTAPPGSHAULDKGFHHRCPGEPBW-0e2; dtCookie=v_4_srv_5_sn_UG970S1T94NAEVS5FLDP8H5A6EEVIUBB_perc_100000_ol_0_mul_1
Connection: keep-alive
Referer: https://apps.nbc-insurance.ca/waa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 01:50:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 29 Mar 2021 12:36:03 GMT
etag: "59c-5beac1fef92c0"
x-frame-options: SAMEORIGIN
isam-session-timeouts: 1800
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtRpid;desc="252843247"
content-security-policy: frame-ancestors 'self'
Set-Cookie: BNI_persistence-apps-bnc=rfyFnxANmPtOkG2sZBK_o-fv4IKgxIQGDwqQO6nuJTBnPjoY63ZWykXM9lr4PaAaPeXchaIAOXmlKJ3zBWMhxQ==; Path=/ dtCookie=v_4_srv_5_sn_UG970S1T94NAEVS5FLDP8H5A6EEVIUBB_perc_100000_ol_0_mul_1; Path=/; Secure; HttpOnly
accept-ranges: bytes
content-type: image/svg+xml
content-length: 1436

GET
H/1.1 200
OK Cookie set 1518bc52b005c61e92a6a9c543442fd9.svg
apps.nbc-insurance.ca/waa/ 2 KB
3 KB 251ms
116ms Image
image/svg+xml 199.243.65.82
INTACT-FINANCIAL-...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://apps.nbc-insurance.ca/waa/1518bc52b005c61e92a6a9c543442fd9.svg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.243.65.82 , Canada, ASN32564 (INTACT-FINANCIAL-CORPORATION, CA),

Reverse DNS

Software

Resource Hash

85946b33a7e03006d7e6fc17b337ef9f376c65e1f01fb496b262296884fe41dc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: apps.nbc-insurance.ca
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://apps.nbc-insurance.ca/waa/
Cookie: BNI_persistence-apps-bnc=rfyFnxANmPtOkG2sZBK_o-fv4IKgxIQGDwqQO6nuJTBnPjoY63ZWykXM9lr4PaAaPeXchaIAOXmlKJ3zBWMhxQ==; PD-S-SESSION-ID=1_2_0_RP3G0D0tW+8-n9D2c94NiAgDb1vN-uvKgwIGJzC0GZUr9mxQ; AMWEBJCT!%2Fwaa!4232dcf7477ba2ab3538415707a233be=0a1fa4cc2e848d01f7a4f19cbf543e41; dtCookie=-6$UG970S1T94NAEVS5FLDP8H5A6EEVIUBB; rxVisitor=16209570314533BJ3696EBG1IEAN94NB1JQCOTMD4MJ2E; dtSa=-; dtLatC=525; mbox=session#bec999dec95c4727b8e1e1717060ae06#1620958892; AMCVS_8879806A585197B50A495EE9%40AdobeOrg=1; AMCV_8879806A585197B50A495EE9%40AdobeOrg=-1124106680%7CMCIDTS%7C18762%7CMCMID%7C73254844129117623942321607156014092772%7CMCAAMLH-1621561831%7C6%7CMCAAMB-1621561831%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1620964231s%7CNONE%7CMCSYNCSOP%7C411-18769%7CvVersion%7C5.2.0; ki_t=1620957032394%3B1620957032394%3B1620957032394%3B1%3B1; ki_r=; ki_s=; at_check=true; rxvt=1620958832538|1620957031455; dtPC=-6$357031448_131h4vAIPDCNHFTAPPGSHAULDKGFHHRCPGEPBW-0e2; dtCookie=v_4_srv_5_sn_UG970S1T94NAEVS5FLDP8H5A6EEVIUBB_perc_100000_ol_0_mul_1
Connection: keep-alive
Referer: https://apps.nbc-insurance.ca/waa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 01:50:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 29 Mar 2021 12:36:03 GMT
etag: "77a-5beac1fef92c0"
x-frame-options: SAMEORIGIN
isam-session-timeouts: 1800
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtRpid;desc="-153194871"
content-security-policy: frame-ancestors 'self'
Set-Cookie: BNI_persistence-apps-bnc=rfyFnxANmPtOkG2sZBK_o-fv4IKgxIQGDwqQO6nuJTBnPjoY63ZWykXM9lr4PaAaPeXchaIAOXmlKJ3zBWMhxQ==; Path=/ dtCookie=v_4_srv_5_sn_UG970S1T94NAEVS5FLDP8H5A6EEVIUBB_perc_100000_ol_0_mul_1; Path=/; Secure; HttpOnly
accept-ranges: bytes
content-type: image/svg+xml
content-length: 1914

GET
H/1.1 200
OK Cookie set cdfeaf9b57b26c210021787f84eb9de0.svg
apps.nbc-insurance.ca/waa/ 988 B
2 KB 249ms
112ms Image
image/svg+xml 199.243.65.82
INTACT-FINANCIAL-...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://apps.nbc-insurance.ca/waa/cdfeaf9b57b26c210021787f84eb9de0.svg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.243.65.82 , Canada, ASN32564 (INTACT-FINANCIAL-CORPORATION, CA),

Reverse DNS

Software

Resource Hash

12ce200c54332166f8ffd01f2f6b9c697949024be9639c2f999e416c76d7669d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: apps.nbc-insurance.ca
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://apps.nbc-insurance.ca/waa/
Cookie: BNI_persistence-apps-bnc=rfyFnxANmPtOkG2sZBK_o-fv4IKgxIQGDwqQO6nuJTBnPjoY63ZWykXM9lr4PaAaPeXchaIAOXmlKJ3zBWMhxQ==; PD-S-SESSION-ID=1_2_0_RP3G0D0tW+8-n9D2c94NiAgDb1vN-uvKgwIGJzC0GZUr9mxQ; AMWEBJCT!%2Fwaa!4232dcf7477ba2ab3538415707a233be=0a1fa4cc2e848d01f7a4f19cbf543e41; dtCookie=-6$UG970S1T94NAEVS5FLDP8H5A6EEVIUBB; rxVisitor=16209570314533BJ3696EBG1IEAN94NB1JQCOTMD4MJ2E; dtSa=-; dtLatC=525; mbox=session#bec999dec95c4727b8e1e1717060ae06#1620958892; AMCVS_8879806A585197B50A495EE9%40AdobeOrg=1; AMCV_8879806A585197B50A495EE9%40AdobeOrg=-1124106680%7CMCIDTS%7C18762%7CMCMID%7C73254844129117623942321607156014092772%7CMCAAMLH-1621561831%7C6%7CMCAAMB-1621561831%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1620964231s%7CNONE%7CMCSYNCSOP%7C411-18769%7CvVersion%7C5.2.0; ki_t=1620957032394%3B1620957032394%3B1620957032394%3B1%3B1; ki_r=; ki_s=; at_check=true; rxvt=1620958832538|1620957031455; dtPC=-6$357031448_131h4vAIPDCNHFTAPPGSHAULDKGFHHRCPGEPBW-0e2; dtCookie=v_4_srv_5_sn_UG970S1T94NAEVS5FLDP8H5A6EEVIUBB_perc_100000_ol_0_mul_1
Connection: keep-alive
Referer: https://apps.nbc-insurance.ca/waa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 01:50:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 29 Mar 2021 12:36:03 GMT
etag: "3dc-5beac1fef92c0"
x-frame-options: SAMEORIGIN
isam-session-timeouts: 1800
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtRpid;desc="1266368890"
content-security-policy: frame-ancestors 'self'
Set-Cookie: BNI_persistence-apps-bnc=rfyFnxANmPtOkG2sZBK_o-fv4IKgxIQGDwqQO6nuJTBnPjoY63ZWykXM9lr4PaAaPeXchaIAOXmlKJ3zBWMhxQ==; Path=/ dtCookie=v_4_srv_5_sn_UG970S1T94NAEVS5FLDP8H5A6EEVIUBB_perc_100000_ol_0_mul_1; Path=/; Secure; HttpOnly
accept-ranges: bytes
content-type: image/svg+xml
content-length: 988

GET
H/1.1 200
OK Cookie set 30b1363bfa8aadceab5fd7d7dc9fddb7.png
apps.nbc-insurance.ca/waa/ 12 KB
13 KB 321ms
110ms Image
image/png 199.243.65.82
INTACT-FINANCIAL-...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://apps.nbc-insurance.ca/waa/30b1363bfa8aadceab5fd7d7dc9fddb7.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.243.65.82 , Canada, ASN32564 (INTACT-FINANCIAL-CORPORATION, CA),

Reverse DNS

Software

Resource Hash

4885fae7af14abf9228eac9faa4959248f8e217ae1ccd0e38e9ff64f07a698fc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: apps.nbc-insurance.ca
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://apps.nbc-insurance.ca/waa/
Cookie: BNI_persistence-apps-bnc=rfyFnxANmPtOkG2sZBK_o-fv4IKgxIQGDwqQO6nuJTBnPjoY63ZWykXM9lr4PaAaPeXchaIAOXmlKJ3zBWMhxQ==; PD-S-SESSION-ID=1_2_0_RP3G0D0tW+8-n9D2c94NiAgDb1vN-uvKgwIGJzC0GZUr9mxQ; AMWEBJCT!%2Fwaa!4232dcf7477ba2ab3538415707a233be=0a1fa4cc2e848d01f7a4f19cbf543e41; dtCookie=-6$UG970S1T94NAEVS5FLDP8H5A6EEVIUBB; rxVisitor=16209570314533BJ3696EBG1IEAN94NB1JQCOTMD4MJ2E; dtSa=-; dtLatC=525; mbox=session#bec999dec95c4727b8e1e1717060ae06#1620958892; AMCVS_8879806A585197B50A495EE9%40AdobeOrg=1; AMCV_8879806A585197B50A495EE9%40AdobeOrg=-1124106680%7CMCIDTS%7C18762%7CMCMID%7C73254844129117623942321607156014092772%7CMCAAMLH-1621561831%7C6%7CMCAAMB-1621561831%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1620964231s%7CNONE%7CMCSYNCSOP%7C411-18769%7CvVersion%7C5.2.0; ki_t=1620957032394%3B1620957032394%3B1620957032394%3B1%3B1; ki_r=; ki_s=; at_check=true; rxvt=1620958832538|1620957031455; dtPC=-6$357031448_131h4vAIPDCNHFTAPPGSHAULDKGFHHRCPGEPBW-0e2; dtCookie=v_4_srv_5_sn_UG970S1T94NAEVS5FLDP8H5A6EEVIUBB_perc_100000_ol_0_mul_1
Connection: keep-alive
Referer: https://apps.nbc-insurance.ca/waa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 01:50:32 GMT
Content-Encoding: gzip
last-modified: Mon, 29 Mar 2021 12:36:03 GMT
x-frame-options: SAMEORIGIN
etag: "2f4c-5beac1fef92c0"
Vary: Accept-Encoding
isam-session-timeouts: 1800
p3p: CP="NON CUR OTPi OUR NOR UNI"
Transfer-Encoding: chunked
server-timing: dtRpid;desc="1169949975"
content-security-policy: frame-ancestors 'self'
Set-Cookie: BNI_persistence-apps-bnc=rfyFnxANmPtOkG2sZBK_o-fv4IKgxIQGDwqQO6nuJTBnPjoY63ZWykXM9lr4PaAaPeXchaIAOXmlKJ3zBWMhxQ==; Path=/ dtCookie=v_4_srv_5_sn_UG970S1T94NAEVS5FLDP8H5A6EEVIUBB_perc_100000_ol_0_mul_1; Path=/; Secure; HttpOnly
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
accept-ranges: bytes

GET
H/1.1 200
OK Cookie set 13b0ca520fb54d2128b630599dc61910.png
apps.nbc-insurance.ca/waa/ 18 KB
19 KB 197ms
119ms Image
image/png 199.243.65.82
INTACT-FINANCIAL-...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://apps.nbc-insurance.ca/waa/13b0ca520fb54d2128b630599dc61910.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.243.65.82 , Canada, ASN32564 (INTACT-FINANCIAL-CORPORATION, CA),

Reverse DNS

Software

Resource Hash

d12fd544cf1c74565385e3e00f87baae65a158108b750d55cada1117fe5a8e71

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: apps.nbc-insurance.ca
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://apps.nbc-insurance.ca/waa/
Cookie: BNI_persistence-apps-bnc=rfyFnxANmPtOkG2sZBK_o-fv4IKgxIQGDwqQO6nuJTBnPjoY63ZWykXM9lr4PaAaPeXchaIAOXmlKJ3zBWMhxQ==; PD-S-SESSION-ID=1_2_0_RP3G0D0tW+8-n9D2c94NiAgDb1vN-uvKgwIGJzC0GZUr9mxQ; AMWEBJCT!%2Fwaa!4232dcf7477ba2ab3538415707a233be=0a1fa4cc2e848d01f7a4f19cbf543e41; dtCookie=-6$UG970S1T94NAEVS5FLDP8H5A6EEVIUBB; rxVisitor=16209570314533BJ3696EBG1IEAN94NB1JQCOTMD4MJ2E; dtSa=-; dtLatC=525; mbox=session#bec999dec95c4727b8e1e1717060ae06#1620958892; AMCVS_8879806A585197B50A495EE9%40AdobeOrg=1; AMCV_8879806A585197B50A495EE9%40AdobeOrg=-1124106680%7CMCIDTS%7C18762%7CMCMID%7C73254844129117623942321607156014092772%7CMCAAMLH-1621561831%7C6%7CMCAAMB-1621561831%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1620964231s%7CNONE%7CMCSYNCSOP%7C411-18769%7CvVersion%7C5.2.0; ki_t=1620957032394%3B1620957032394%3B1620957032394%3B1%3B1; ki_r=; ki_s=; at_check=true; dtCookie=v_4_srv_5_sn_UG970S1T94NAEVS5FLDP8H5A6EEVIUBB_perc_100000_ol_0_mul_1; rxvt=1620958832675|1620957031455; dtPC=-6$357031448_131h14vAIPDCNHFTAPPGSHAULDKGFHHRCPGEPBW-0e2
Connection: keep-alive
Referer: https://apps.nbc-insurance.ca/waa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 01:50:32 GMT
Content-Encoding: gzip
last-modified: Mon, 29 Mar 2021 12:36:03 GMT
x-frame-options: SAMEORIGIN
etag: "48f5-5beac1fef92c0"
Vary: Accept-Encoding
isam-session-timeouts: 1800
p3p: CP="NON CUR OTPi OUR NOR UNI"
Transfer-Encoding: chunked
server-timing: dtRpid;desc="-928207593"
content-security-policy: frame-ancestors 'self'
Set-Cookie: BNI_persistence-apps-bnc=rfyFnxANmPtOkG2sZBK_o-fv4IKgxIQGDwqQO6nuJTBnPjoY63ZWykXM9lr4PaAaPeXchaIAOXmlKJ3zBWMhxQ==; Path=/ dtCookie=v_4_srv_5_sn_UG970S1T94NAEVS5FLDP8H5A6EEVIUBB_perc_100000_ol_0_mul_1; Path=/; Secure; HttpOnly
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
accept-ranges: bytes

GET
H/1.1 200
OK Cookie set 0b3c39299fb3e52ab598cc4e58174c98.svg
apps.nbc-insurance.ca/waa/ 20 KB
9 KB 203ms
109ms Image
image/svg+xml 199.243.65.82
INTACT-FINANCIAL-...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://apps.nbc-insurance.ca/waa/0b3c39299fb3e52ab598cc4e58174c98.svg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.243.65.82 , Canada, ASN32564 (INTACT-FINANCIAL-CORPORATION, CA),

Reverse DNS

Software

Resource Hash

84a57a64b1be3d00b3508792c95d75d7818ab19695e4cbeb5f310621cbe5700e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: apps.nbc-insurance.ca
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://apps.nbc-insurance.ca/waa/
Cookie: BNI_persistence-apps-bnc=rfyFnxANmPtOkG2sZBK_o-fv4IKgxIQGDwqQO6nuJTBnPjoY63ZWykXM9lr4PaAaPeXchaIAOXmlKJ3zBWMhxQ==; PD-S-SESSION-ID=1_2_0_RP3G0D0tW+8-n9D2c94NiAgDb1vN-uvKgwIGJzC0GZUr9mxQ; AMWEBJCT!%2Fwaa!4232dcf7477ba2ab3538415707a233be=0a1fa4cc2e848d01f7a4f19cbf543e41; dtCookie=-6$UG970S1T94NAEVS5FLDP8H5A6EEVIUBB; rxVisitor=16209570314533BJ3696EBG1IEAN94NB1JQCOTMD4MJ2E; dtSa=-; dtLatC=525; mbox=session#bec999dec95c4727b8e1e1717060ae06#1620958892; AMCVS_8879806A585197B50A495EE9%40AdobeOrg=1; AMCV_8879806A585197B50A495EE9%40AdobeOrg=-1124106680%7CMCIDTS%7C18762%7CMCMID%7C73254844129117623942321607156014092772%7CMCAAMLH-1621561831%7C6%7CMCAAMB-1621561831%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1620964231s%7CNONE%7CMCSYNCSOP%7C411-18769%7CvVersion%7C5.2.0; ki_t=1620957032394%3B1620957032394%3B1620957032394%3B1%3B1; ki_r=; ki_s=; at_check=true; dtCookie=v_4_srv_5_sn_UG970S1T94NAEVS5FLDP8H5A6EEVIUBB_perc_100000_ol_0_mul_1; rxvt=1620958832675|1620957031455; dtPC=-6$357031448_131h14vAIPDCNHFTAPPGSHAULDKGFHHRCPGEPBW-0e2
Connection: keep-alive
Referer: https://apps.nbc-insurance.ca/waa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 01:50:32 GMT
Content-Encoding: gzip
last-modified: Mon, 29 Mar 2021 12:36:03 GMT
x-frame-options: SAMEORIGIN
etag: "513f-5beac1fef92c0"
Vary: Accept-Encoding
isam-session-timeouts: 1800
p3p: CP="NON CUR OTPi OUR NOR UNI"
Transfer-Encoding: chunked
server-timing: dtRpid;desc="-532793065"
content-security-policy: frame-ancestors 'self'
Set-Cookie: BNI_persistence-apps-bnc=rfyFnxANmPtOkG2sZBK_o-fv4IKgxIQGDwqQO6nuJTBnPjoY63ZWykXM9lr4PaAaPeXchaIAOXmlKJ3zBWMhxQ==; Path=/ dtCookie=v_4_srv_5_sn_UG970S1T94NAEVS5FLDP8H5A6EEVIUBB_perc_100000_ol_0_mul_1; Path=/; Secure; HttpOnly
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/svg+xml
accept-ranges: bytes

GET
H/1.1 200
OK Cookie set d9bdec460dec27ebed4545cb615dbc85.svg
apps.nbc-insurance.ca/waa/ 23 KB
18 KB 127ms
127ms Image
image/svg+xml 199.243.65.82
INTACT-FINANCIAL-...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://apps.nbc-insurance.ca/waa/d9bdec460dec27ebed4545cb615dbc85.svg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.243.65.82 , Canada, ASN32564 (INTACT-FINANCIAL-CORPORATION, CA),

Reverse DNS

Software

Resource Hash

8841776e1e53f0be30ecdde1dc7038364e6bce0ebe5afbd3347ce78e1b711a08

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: apps.nbc-insurance.ca
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://apps.nbc-insurance.ca/waa/
Cookie: BNI_persistence-apps-bnc=rfyFnxANmPtOkG2sZBK_o-fv4IKgxIQGDwqQO6nuJTBnPjoY63ZWykXM9lr4PaAaPeXchaIAOXmlKJ3zBWMhxQ==; PD-S-SESSION-ID=1_2_0_RP3G0D0tW+8-n9D2c94NiAgDb1vN-uvKgwIGJzC0GZUr9mxQ; AMWEBJCT!%2Fwaa!4232dcf7477ba2ab3538415707a233be=0a1fa4cc2e848d01f7a4f19cbf543e41; dtCookie=-6$UG970S1T94NAEVS5FLDP8H5A6EEVIUBB; rxVisitor=16209570314533BJ3696EBG1IEAN94NB1JQCOTMD4MJ2E; dtSa=-; dtLatC=525; AMCVS_8879806A585197B50A495EE9%40AdobeOrg=1; AMCV_8879806A585197B50A495EE9%40AdobeOrg=-1124106680%7CMCIDTS%7C18762%7CMCMID%7C73254844129117623942321607156014092772%7CMCAAMLH-1621561831%7C6%7CMCAAMB-1621561831%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1620964231s%7CNONE%7CMCSYNCSOP%7C411-18769%7CvVersion%7C5.2.0; ki_t=1620957032394%3B1620957032394%3B1620957032394%3B1%3B1; ki_r=; ki_s=; at_check=true; dtCookie=v_4_srv_5_sn_UG970S1T94NAEVS5FLDP8H5A6EEVIUBB_perc_100000_ol_0_mul_1; dtPC=-6$357031448_131h15vAIPDCNHFTAPPGSHAULDKGFHHRCPGEPBW-0e2; rxvt=1620958832726|1620957031455; mbox=session#bec999dec95c4727b8e1e1717060ae06#1620958892|PC#bec999dec95c4727b8e1e1717060ae06.37_0#1684201833
Connection: keep-alive
Referer: https://apps.nbc-insurance.ca/waa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 01:50:32 GMT
Content-Encoding: gzip
last-modified: Mon, 29 Mar 2021 12:36:03 GMT
x-frame-options: SAMEORIGIN
etag: "5d7c-5beac1fef92c0"
Vary: Accept-Encoding
isam-session-timeouts: 1800
p3p: CP="NON CUR OTPi OUR NOR UNI"
Transfer-Encoding: chunked
server-timing: dtRpid;desc="-509282229"
content-security-policy: frame-ancestors 'self'
Set-Cookie: BNI_persistence-apps-bnc=rfyFnxANmPtOkG2sZBK_o-fv4IKgxIQGDwqQO6nuJTBnPjoY63ZWykXM9lr4PaAaPeXchaIAOXmlKJ3zBWMhxQ==; Path=/ dtCookie=v_4_srv_5_sn_UG970S1T94NAEVS5FLDP8H5A6EEVIUBB_perc_100000_ol_0_mul_1; Path=/; Secure; HttpOnly
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/svg+xml
accept-ranges: bytes

GET
H/1.1 200
OK Cookie set 78cfafee942c1831a84b063bb747606f.png
apps.nbc-insurance.ca/waa/ 557 KB
552 KB 113ms
112ms Image
image/png 199.243.65.82
INTACT-FINANCIAL-...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://apps.nbc-insurance.ca/waa/78cfafee942c1831a84b063bb747606f.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.243.65.82 , Canada, ASN32564 (INTACT-FINANCIAL-CORPORATION, CA),

Reverse DNS

Software

Resource Hash

d8285ff99e5a5337b698ae623283c90a0c0571ced1a4fabdc3006720e263039f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: apps.nbc-insurance.ca
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://apps.nbc-insurance.ca/waa/
Cookie: BNI_persistence-apps-bnc=rfyFnxANmPtOkG2sZBK_o-fv4IKgxIQGDwqQO6nuJTBnPjoY63ZWykXM9lr4PaAaPeXchaIAOXmlKJ3zBWMhxQ==; PD-S-SESSION-ID=1_2_0_RP3G0D0tW+8-n9D2c94NiAgDb1vN-uvKgwIGJzC0GZUr9mxQ; AMWEBJCT!%2Fwaa!4232dcf7477ba2ab3538415707a233be=0a1fa4cc2e848d01f7a4f19cbf543e41; dtCookie=-6$UG970S1T94NAEVS5FLDP8H5A6EEVIUBB; rxVisitor=16209570314533BJ3696EBG1IEAN94NB1JQCOTMD4MJ2E; dtSa=-; dtLatC=525; AMCVS_8879806A585197B50A495EE9%40AdobeOrg=1; AMCV_8879806A585197B50A495EE9%40AdobeOrg=-1124106680%7CMCIDTS%7C18762%7CMCMID%7C73254844129117623942321607156014092772%7CMCAAMLH-1621561831%7C6%7CMCAAMB-1621561831%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1620964231s%7CNONE%7CMCSYNCSOP%7C411-18769%7CvVersion%7C5.2.0; ki_t=1620957032394%3B1620957032394%3B1620957032394%3B1%3B1; ki_r=; ki_s=; at_check=true; dtCookie=v_4_srv_5_sn_UG970S1T94NAEVS5FLDP8H5A6EEVIUBB_perc_100000_ol_0_mul_1; dtPC=-6$357031448_131h15vAIPDCNHFTAPPGSHAULDKGFHHRCPGEPBW-0e2; rxvt=1620958832726|1620957031455; mbox=session#bec999dec95c4727b8e1e1717060ae06#1620958892|PC#bec999dec95c4727b8e1e1717060ae06.37_0#1684201833
Connection: keep-alive
Referer: https://apps.nbc-insurance.ca/waa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 01:50:32 GMT
Content-Encoding: gzip
last-modified: Mon, 29 Mar 2021 12:36:03 GMT
x-frame-options: SAMEORIGIN
etag: "8b364-5beac1fef92c0"
Vary: Accept-Encoding
isam-session-timeouts: 1800
p3p: CP="NON CUR OTPi OUR NOR UNI"
Transfer-Encoding: chunked
server-timing: dtRpid;desc="76932249"
content-security-policy: frame-ancestors 'self'
Set-Cookie: BNI_persistence-apps-bnc=rfyFnxANmPtOkG2sZBK_o-fv4IKgxIQGDwqQO6nuJTBnPjoY63ZWykXM9lr4PaAaPeXchaIAOXmlKJ3zBWMhxQ==; Path=/ dtCookie=v_4_srv_5_sn_UG970S1T94NAEVS5FLDP8H5A6EEVIUBB_perc_100000_ol_0_mul_1; Path=/; Secure; HttpOnly
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
accept-ranges: bytes

GET
H/1.1 200
OK Cookie set 5b3b4ac0a6a8dee0b259dbeed86e5b74.png
apps.nbc-insurance.ca/waa/ 2 KB
2 KB 134ms
112ms Image
image/png 199.243.65.82
INTACT-FINANCIAL-...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://apps.nbc-insurance.ca/waa/5b3b4ac0a6a8dee0b259dbeed86e5b74.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.243.65.82 , Canada, ASN32564 (INTACT-FINANCIAL-CORPORATION, CA),

Reverse DNS

Software

Resource Hash

d41189bf1c039a94d7253a243b172d97452634373a126deb5eef8357144e3a2e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: apps.nbc-insurance.ca
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://apps.nbc-insurance.ca/waa/
Cookie: BNI_persistence-apps-bnc=rfyFnxANmPtOkG2sZBK_o-fv4IKgxIQGDwqQO6nuJTBnPjoY63ZWykXM9lr4PaAaPeXchaIAOXmlKJ3zBWMhxQ==; PD-S-SESSION-ID=1_2_0_RP3G0D0tW+8-n9D2c94NiAgDb1vN-uvKgwIGJzC0GZUr9mxQ; AMWEBJCT!%2Fwaa!4232dcf7477ba2ab3538415707a233be=0a1fa4cc2e848d01f7a4f19cbf543e41; dtCookie=-6$UG970S1T94NAEVS5FLDP8H5A6EEVIUBB; rxVisitor=16209570314533BJ3696EBG1IEAN94NB1JQCOTMD4MJ2E; dtSa=-; dtLatC=525; mbox=session#bec999dec95c4727b8e1e1717060ae06#1620958892; AMCVS_8879806A585197B50A495EE9%40AdobeOrg=1; AMCV_8879806A585197B50A495EE9%40AdobeOrg=-1124106680%7CMCIDTS%7C18762%7CMCMID%7C73254844129117623942321607156014092772%7CMCAAMLH-1621561831%7C6%7CMCAAMB-1621561831%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1620964231s%7CNONE%7CMCSYNCSOP%7C411-18769%7CvVersion%7C5.2.0; ki_t=1620957032394%3B1620957032394%3B1620957032394%3B1%3B1; ki_r=; ki_s=; at_check=true; rxvt=1620958832538|1620957031455; dtPC=-6$357031448_131h4vAIPDCNHFTAPPGSHAULDKGFHHRCPGEPBW-0e2; dtCookie=v_4_srv_5_sn_UG970S1T94NAEVS5FLDP8H5A6EEVIUBB_perc_100000_ol_0_mul_1
Connection: keep-alive
Referer: https://apps.nbc-insurance.ca/waa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 01:50:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 29 Mar 2021 12:36:03 GMT
etag: "60c-5beac1fef92c0"
x-frame-options: SAMEORIGIN
isam-session-timeouts: 1800
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtRpid;desc="1641749117"
content-security-policy: frame-ancestors 'self'
Set-Cookie: BNI_persistence-apps-bnc=rfyFnxANmPtOkG2sZBK_o-fv4IKgxIQGDwqQO6nuJTBnPjoY63ZWykXM9lr4PaAaPeXchaIAOXmlKJ3zBWMhxQ==; Path=/ dtCookie=v_4_srv_5_sn_UG970S1T94NAEVS5FLDP8H5A6EEVIUBB_perc_100000_ol_0_mul_1; Path=/; Secure; HttpOnly
accept-ranges: bytes
content-type: image/png
content-length: 1548

GET
DATA 200
OK truncated
/ 26 KB
26 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d1bbd121b50adadbc96c8b032ee98cd38c3ce90e357dd3288f09d90dec9f7e1b

Request headers

Origin: https://apps.nbc-insurance.ca
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: font/woff

GET
DATA 200
OK truncated
/ 28 KB
28 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 456ac4a6336287089d9fd26c114f3da6451321b3d6813c2b9d52e2996f74bf5c

Request headers

Origin: https://apps.nbc-insurance.ca
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: font/woff

GET
DATA 200
OK truncated
/ 27 KB
27 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95ddf5737055b8d953f9a95ee3aeab2fe443c458993a470c11ce16d4f8c34d6c

Request headers

Origin: https://apps.nbc-insurance.ca
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: font/woff

GET
DATA 200
OK truncated
/ 27 KB
27 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99895f394ccdfd41346ca5f9e4c3948c0f57a53cd1dcdfb6e606346048b10529

Request headers

Origin: https://apps.nbc-insurance.ca
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: font/woff

POST
H2 200 delivery Show response
intactfinancialcorpo.tt.omtrdc.net/rest/v1/ 293 B
519 B 117ms
45ms XHR
application/json 52.18.150.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://intactfinancialcorpo.tt.omtrdc.net/rest/v1/delivery?client=intactfinancialcorpo&sessionId=bec999dec95c4727b8e1e1717060ae06&version=2.4.1
Requested by: Host: apps.nbc-insurance.ca
URL: https://apps.nbc-insurance.ca/waa/ruxitagentjs_ICA27SVfhqrux_10191200518082328.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.150.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-150-20.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 76f3af5f6343732fe0306fa83d39704ac9124375d48c4eaa3462530cbef0c78b

Request headers

Referer: https://apps.nbc-insurance.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://apps.nbc-insurance.ca
date: Fri, 14 May 2021 01:50:32 GMT
content-encoding: gzip
access-control-allow-credentials: true
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
x-request-id: c46edbbed96c52de35ef7378ba689f67
content-type: application/json;charset=UTF-8

POST
H2 204 delivery
intactfinancialcorpo.tt.omtrdc.net/rest/v1/ 0
208 B 113ms
47ms Ping
text/plain 52.18.150.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://intactfinancialcorpo.tt.omtrdc.net/rest/v1/delivery?client=intactfinancialcorpo&sessionId=bec999dec95c4727b8e1e1717060ae06&version=2.4.1
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN63be08d751e44592b3f3237e8f10cd42.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.150.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-150-20.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://apps.nbc-insurance.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://apps.nbc-insurance.ca
date: Fri, 14 May 2021 01:50:32 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-request-id: aaa9cadda487c928977601197a8bbaca

GET
H/1.1

200
OK

GlanceCobrowseLoader_4.10.1M.js Show response
s3.amazonaws.com/glancecdn/cobrowse/js/
Redirect Chain

https://www.glancecdn.net/cobrowse/CobrowseJS.ashx?group=21243&site=staging
https://s3.amazonaws.com/glancecdn/cobrowse/js/GlanceCobrowseLoader_4.10.1M.js

9 KB
9 KB

433ms
130ms

Script
text/javascript

52.217.77.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/glancecdn/cobrowse/js/GlanceCobrowseLoader_4.10.1M.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.77.94 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b8266878a8f8cb0e0773577e27ee7f93541b6753d8fac082d5265758c4f06ed7

Request headers

Referer: https://apps.nbc-insurance.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 14 May 2021 01:50:34 GMT
Last-Modified: Tue, 10 Mar 2020 13:30:24 GMT
Server: AmazonS3
x-amz-request-id: RDMY82ZQRFX1NV75
ETag: "2b7edf9a2e08fac529789ade51e214ad"
x-amz-version-id: 11JWTUiUPWK4O3ZaLzQ5CWV8l7L3Ok4K
Cache-Control: public, max-age=31556926
x-amz-replication-status: COMPLETED
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 9104
x-amz-id-2: Cw1FhDPtH2hYTSs6aAY0lGY7eWtKTo5xR0YWMtjV6aWLYORHEO0LG8duQCDh125Q/Y6hqXk3JA8=

Redirect headers

date: Fri, 14 May 2021 01:50:33 GMT
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
location: https://s3.amazonaws.com/glancecdn/cobrowse/js/GlanceCobrowseLoader_4.10.1M.js
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 195

GET
H/1.1 200 Cookie set welcome Show response
apps.nbc-insurance.ca/waa/api/v1/ 0
789 B 204ms
157ms XHR
text/plain 199.243.65.82
INTACT-FINANCIAL-...

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.nbc-insurance.ca/waa/api/v1/welcome

Requested by

Host: apps.nbc-insurance.ca
URL: https://apps.nbc-insurance.ca/waa/ruxitagentjs_ICA27SVfhqrux_10191200518082328.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.243.65.82 , Canada, ASN32564 (INTACT-FINANCIAL-CORPORATION, CA),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: cors
language: en
Accept-Language: en-US
Sec-Fetch-Dest: empty
Accept-Encoding: gzip, deflate, br
Cookie: BNI_persistence-apps-bnc=rfyFnxANmPtOkG2sZBK_o-fv4IKgxIQGDwqQO6nuJTBnPjoY63ZWykXM9lr4PaAaPeXchaIAOXmlKJ3zBWMhxQ==; PD-S-SESSION-ID=1_2_0_RP3G0D0tW+8-n9D2c94NiAgDb1vN-uvKgwIGJzC0GZUr9mxQ; AMWEBJCT!%2Fwaa!4232dcf7477ba2ab3538415707a233be=0a1fa4cc2e848d01f7a4f19cbf543e41; dtCookie=-6$UG970S1T94NAEVS5FLDP8H5A6EEVIUBB; rxVisitor=16209570314533BJ3696EBG1IEAN94NB1JQCOTMD4MJ2E; dtSa=-; dtLatC=525; mbox=session#bec999dec95c4727b8e1e1717060ae06#1620958892; AMCVS_8879806A585197B50A495EE9%40AdobeOrg=1; AMCV_8879806A585197B50A495EE9%40AdobeOrg=-1124106680%7CMCIDTS%7C18762%7CMCMID%7C73254844129117623942321607156014092772%7CMCAAMLH-1621561831%7C6%7CMCAAMB-1621561831%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1620964231s%7CNONE%7CMCSYNCSOP%7C411-18769%7CvVersion%7C5.2.0; ki_t=1620957032394%3B1620957032394%3B1620957032394%3B1%3B1; ki_r=; ki_s=; at_check=true; dtCookie=v_4_srv_5_sn_UG970S1T94NAEVS5FLDP8H5A6EEVIUBB_perc_100000_ol_0_mul_1; dtPC=-6$357031448_131h15vAIPDCNHFTAPPGSHAULDKGFHHRCPGEPBW-0e2; rxvt=1620958832726|1620957031455
Connection: keep-alive
Pragma: no-cache
Host: apps.nbc-insurance.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
x-dtpc: -6$357031448_131h15vAIPDCNHFTAPPGSHAULDKGFHHRCPGEPBW-0e2
x-dtreferer: https://apps.nbc-insurance.ca/waa/WAA/webseal.do?TAM_OP=login&ERROR_CODE=0x00000000&URL=%2Fcc%2F
Accept: application/json, text/plain, */*
Cache-Control: no-cache
Referer: https://apps.nbc-insurance.ca/waa/
Sec-Fetch-Site: same-origin
province: on
X-API-KEY: x6jTmCfVliZROjJwXtlKkdcILbMgbVrv
language: en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
x-dtpc: -6$357031448_131h15vAIPDCNHFTAPPGSHAULDKGFHHRCPGEPBW-0e2
Accept: application/json, text/plain, */*
x-dtreferer: https://apps.nbc-insurance.ca/waa/WAA/webseal.do?TAM_OP=login&ERROR_CODE=0x00000000&URL=%2Fcc%2F
Referer: https://apps.nbc-insurance.ca/waa/
province: on
X-API-KEY: x6jTmCfVliZROjJwXtlKkdcILbMgbVrv

Response headers

date: Fri, 14 May 2021 01:50:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
isam-session-timeouts: 1800
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-oneagent-js-injection: true
cache-control: private
server-timing: dtRpid;desc="1087402111"
content-security-policy: frame-ancestors 'self'
Set-Cookie: BNI_persistence-apps-bnc=rfyFnxANmPtOkG2sZBK_o-fv4IKgxIQGDwqQO6nuJTBnPjoY63ZWykXM9lr4PaAaPeXchaIAOXmlKJ3zBWMhxQ==; Path=/ dtCookie=v_4_srv_5_sn_UG970S1T94NAEVS5FLDP8H5A6EEVIUBB_perc_100000_ol_0_mul_1_app-3Afdb85f10875c0f7a_1; Path=/; Secure; HttpOnly AMWEBJCT!%2Fwaa!4a39a22791677cfa0947dfb41b88754f=a36956dd944ba31e55b4244e94ccdcdc; Path=/; SameSite=None; Secure; HttpOnly
content-length: 0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 92 KB
24 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: apps.nbc-insurance.ca
URL: https://apps.nbc-insurance.ca/waa/WAA/webseal.do?TAM_OP=login&ERROR_CODE=0x00000000&URL=%2Fcc%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://apps.nbc-insurance.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23959
x-fb-rlafr: 0
pragma: public
x-fb-debug: bhbuL6LuNdSyV9jhN0gEzI+cB8DAHHSTpumVXZ7Zw0ZVMQKMTU6F27h4KH/KKsRX7c14S91/uljtNGClLye2QA==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Fri, 14 May 2021 01:50:32 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 39ms
17ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-860711890&l=gtagDataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

997f5bfb9f0c74974ec265633b71dd76c5f0224611dd26775db3cc823ec24947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apps.nbc-insurance.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 01:50:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14057
x-xss-protection: 0
server: cafe
etag: 15306424688967737279
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 14 May 2021 01:50:32 GMT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 88 KB
35 KB 52ms
38ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-2595397-1&l=gtagDataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-860711890&l=gtagDataLayer

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

44b19e13f52c6ce77e2f0036d884bd86d49d9741cc32dc56b71294bdd833efe6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://apps.nbc-insurance.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 01:50:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35717
x-xss-protection: 0
last-modified: Fri, 14 May 2021 00:44:27 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 14 May 2021 01:50:32 GMT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 81 KB
32 KB 47ms
33ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-9892763&l=gtagDataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-860711890&l=gtagDataLayer

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

18fd9b9a089a41197b99205191e17243446996e3fbe01b0e93246433720bf71f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://apps.nbc-insurance.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 01:50:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33181
x-xss-protection: 0
last-modified: Fri, 14 May 2021 00:44:27 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 14 May 2021 01:50:32 GMT

POST
H/1.1 200
OK Cookie set rb_fda5820b-8067-4308-831a-eeaf2294ce3a Show response
apps.nbc-insurance.ca/waa/ 124 B
744 B 115ms
115ms XHR
text/plain 199.243.65.82
INTACT-FINANCIAL-...

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.nbc-insurance.ca/waa/rb_fda5820b-8067-4308-831a-eeaf2294ce3a?type=js&session=-6%24UG970S1T94NAEVS5FLDP8H5A6EEVIUBB&svrid=-6&flavor=post&visitID=AIPDCNHFTAPPGSHAULDKGFHHRCPGEPBW-0&modifiedSince=1620784670698&referer=https%3A%2F%2Fapps.nbc-insurance.ca%2Fwaa%2F&app=fdb85f10875c0f7a&end=1

Requested by

Host: apps.nbc-insurance.ca
URL: https://apps.nbc-insurance.ca/waa/ruxitagentjs_ICA27SVfhqrux_10191200518082328.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.243.65.82 , Canada, ASN32564 (INTACT-FINANCIAL-CORPORATION, CA),

Reverse DNS

Software

Resource Hash

eacb90f6d411c5a5a4e96989b86b205d2ab1e5e8e34de93c6712a0b2f6fbf732

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: cors
Origin: https://apps.nbc-insurance.ca
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Sec-Fetch-Dest: empty
Cookie: BNI_persistence-apps-bnc=rfyFnxANmPtOkG2sZBK_o-fv4IKgxIQGDwqQO6nuJTBnPjoY63ZWykXM9lr4PaAaPeXchaIAOXmlKJ3zBWMhxQ==; PD-S-SESSION-ID=1_2_0_RP3G0D0tW+8-n9D2c94NiAgDb1vN-uvKgwIGJzC0GZUr9mxQ; AMWEBJCT!%2Fwaa!4232dcf7477ba2ab3538415707a233be=0a1fa4cc2e848d01f7a4f19cbf543e41; dtCookie=-6$UG970S1T94NAEVS5FLDP8H5A6EEVIUBB; rxVisitor=16209570314533BJ3696EBG1IEAN94NB1JQCOTMD4MJ2E; dtSa=-; dtLatC=525; AMCVS_8879806A585197B50A495EE9%40AdobeOrg=1; AMCV_8879806A585197B50A495EE9%40AdobeOrg=-1124106680%7CMCIDTS%7C18762%7CMCMID%7C73254844129117623942321607156014092772%7CMCAAMLH-1621561831%7C6%7CMCAAMB-1621561831%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1620964231s%7CNONE%7CMCSYNCSOP%7C411-18769%7CvVersion%7C5.2.0; ki_t=1620957032394%3B1620957032394%3B1620957032394%3B1%3B1; ki_r=; ki_s=; at_check=true; dtCookie=v_4_srv_5_sn_UG970S1T94NAEVS5FLDP8H5A6EEVIUBB_perc_100000_ol_0_mul_1; dtPC=-6$357031448_131h15vAIPDCNHFTAPPGSHAULDKGFHHRCPGEPBW-0e2; mbox=session#bec999dec95c4727b8e1e1717060ae06#1620958892|PC#bec999dec95c4727b8e1e1717060ae06.37_0#1684201833; rxvt=1620958832918|1620957031455
Connection: keep-alive
Content-Length: 1369
Pragma: no-cache
Host: apps.nbc-insurance.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: */*
Cache-Control: no-cache
Referer: https://apps.nbc-insurance.ca/waa/
Sec-Fetch-Site: same-origin
Referer: https://apps.nbc-insurance.ca/waa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 14 May 2021 01:50:32 GMT
x-frame-options: SAMEORIGIN
isam-session-timeouts: 1800
p3p: CP="NON CUR OTPi OUR NOR UNI"
Set-Cookie: BNI_persistence-apps-bnc=rfyFnxANmPtOkG2sZBK_o-fv4IKgxIQGDwqQO6nuJTBnPjoY63ZWykXM9lr4PaAaPeXchaIAOXmlKJ3zBWMhxQ==; Path=/ dtCookie=v_4_srv_5_sn_UG970S1T94NAEVS5FLDP8H5A6EEVIUBB_perc_100000_ol_0_mul_1_app-3Afdb85f10875c0f7a_1; Path=/; Secure; HttpOnly
Transfer-Encoding: chunked
content-security-policy: frame-ancestors 'self'
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain; charset=utf-8

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 27ms
7ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-2595397-1&l=gtagDataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://apps.nbc-insurance.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 5020
date: Fri, 14 May 2021 00:26:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Fri, 14 May 2021 02:26:52 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/860711890/ 2 KB
1 KB 39ms
17ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/860711890/?random=1620957032944&cv=9&fst=1620957032944&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5c1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fapps.nbc-insurance.ca%2Fwaa%2F&tiba=Client%20Centre%20%7C%20National%20Bank%20Insurance&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7de69d99cab13e722815ace5aa058ad7867476bfc1c817ae456f85f18d13ae14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apps.nbc-insurance.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 01:50:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1055
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/860711890/ 2 KB
1 KB 35ms
17ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/860711890/?random=1620957032951&cv=9&fst=1620957032951&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5c1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fapps.nbc-insurance.ca%2Fwaa%2F&tiba=Client%20Centre%20%7C%20National%20Bank%20Insurance&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e8eed467790ea2d3d50fbaf8993be21b6f8a885cbc8857f4e13b1c30c3304897

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apps.nbc-insurance.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 01:50:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1051
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/860711890/ 2 KB
2 KB 33ms
16ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/860711890/?random=1620957032952&cv=9&fst=1620957032952&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5c1&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fapps.nbc-insurance.ca%2Fwaa%2F&tiba=Client%20Centre%20%7C%20National%20Bank%20Insurance&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f41b0cf7fc8d319c89ccc9ef8a71846d5ed2476b21def697d9e573d0abdf3263

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apps.nbc-insurance.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 01:50:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1051
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 s89652680154986
intactglobal.112.2o7.net/b/ss/intactglobal/1/JS-2.22.0-LBRU/ 43 B
394 B 61ms
16ms Image
image/gif 15.237.136.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://intactglobal.112.2o7.net/b/ss/intactglobal/1/JS-2.22.0-LBRU/s89652680154986?AQB=1&ndh=1&pf=1&t=14%2F4%2F2021%203%3A50%3A32%205%20-120&sdid=728E53D5D88CB3B7-64C13DBA7EE1FCE1&ts=2021-05-14T01%3A50%3A32.818Z&mid=73254844129117623942321607156014092772&aamlh=6&ce=UTF-8&pageName=Login&g=https%3A%2F%2Fapps.nbc-insurance.ca%2Fwaa%2F&cc=CAD&server=apps.nbc-insurance.ca&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=Login&c4=Responsive&c5=Login&c11=Personal&c12=18553822525&c17=0&v17=English&v18=Ontario&c21=2021-05-14%2001%3A50%3A32&c26=https%3A%2F%2Fapps.nbc-insurance.ca%2Fwaa%2F&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=8879806A585197B50A495EE9%40AdobeOrg&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.237.136.106 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-237-136-106.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://apps.nbc-insurance.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 01:50:33 GMT
x-content-type-options: nosniff
x-c: main-1471.Ib5710b.M0-493
p3p: CP="This is not a P3P policy"
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 15 May 2021 01:50:33 GMT
server: jag
xserver: anedge-5cf7d864b8-q857r
etag: 3480978723158687744-4621950135606109637
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Thu, 13 May 2021 01:50:33 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 28ms
13ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1335713888&t=pageview&_s=1&dl=https%3A%2F%2Fapps.nbc-insurance.ca%2Fwaa%2F&ul=en-us&de=UTF-8&dt=Client%20Centre%20%7C%20National%20Bank%20Insurance&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1375481579&gjid=1577160320&cid=506008203.1620957033&tid=UA-2595397-1&_gid=1638247850.1620957033&_r=1&gtm=2ou5c1&z=1689319649

Requested by

Host: apps.nbc-insurance.ca
URL: https://apps.nbc-insurance.ca/waa/ruxitagentjs_ICA27SVfhqrux_10191200518082328.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://apps.nbc-insurance.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 14 May 2021 01:50:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://apps.nbc-insurance.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/860711890/ 42 B
391 B 19ms
19ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/860711890/?random=1620957032952&cv=9&fst=1620954000000&num=1&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5c1&sendb=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fapps.nbc-insurance.ca%2Fwaa%2F&tiba=Client%20Centre%20%7C%20National%20Bank%20Insurance&async=1&fmt=3&is_vtc=1&random=1948295829&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apps.nbc-insurance.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 01:50:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/860711890/ 42 B
108 B 44ms
20ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/860711890/?random=1620957032952&cv=9&fst=1620954000000&num=1&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5c1&sendb=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fapps.nbc-insurance.ca%2Fwaa%2F&tiba=Client%20Centre%20%7C%20National%20Bank%20Insurance&async=1&fmt=3&is_vtc=1&random=1948295829&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apps.nbc-insurance.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 01:50:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/860711890/ 42 B
108 B 19ms
19ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/860711890/?random=1620957032951&cv=9&fst=1620954000000&num=1&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5c1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fapps.nbc-insurance.ca%2Fwaa%2F&tiba=Client%20Centre%20%7C%20National%20Bank%20Insurance&async=1&fmt=3&is_vtc=1&random=4075000081&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apps.nbc-insurance.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 01:50:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/860711890/ 42 B
552 B 42ms
19ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/860711890/?random=1620957032951&cv=9&fst=1620954000000&num=1&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5c1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fapps.nbc-insurance.ca%2Fwaa%2F&tiba=Client%20Centre%20%7C%20National%20Bank%20Insurance&async=1&fmt=3&is_vtc=1&random=4075000081&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apps.nbc-insurance.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 01:50:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/860711890/ 42 B
108 B 20ms
19ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/860711890/?random=1620957032944&cv=9&fst=1620954000000&num=1&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5c1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fapps.nbc-insurance.ca%2Fwaa%2F&tiba=Client%20Centre%20%7C%20National%20Bank%20Insurance&async=1&fmt=3&is_vtc=1&random=435637010&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apps.nbc-insurance.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 01:50:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/860711890/ 42 B
108 B 43ms
20ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/860711890/?random=1620957032944&cv=9&fst=1620954000000&num=1&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5c1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fapps.nbc-insurance.ca%2Fwaa%2F&tiba=Client%20Centre%20%7C%20National%20Bank%20Insurance&async=1&fmt=3&is_vtc=1&random=435637010&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apps.nbc-insurance.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 01:50:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
450 B 42ms
15ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-2595397-1&cid=506008203.1620957033&jid=1375481579&gjid=1577160320&_gid=1638247850.1620957033&_u=YEBAAUAAAAAAAC~&z=526178212

Requested by

Host: apps.nbc-insurance.ca
URL: https://apps.nbc-insurance.ca/waa/ruxitagentjs_ICA27SVfhqrux_10191200518082328.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://apps.nbc-insurance.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 14 May 2021 01:50:33 GMT
content-type: text/plain
access-control-allow-origin: https://apps.nbc-insurance.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 17ms
16ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-2595397-1&cid=506008203.1620957033&jid=1375481579&_u=YEBAAUAAAAAAAC~&z=1016283410

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apps.nbc-insurance.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 01:50:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 31ms
17ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-2595397-1&cid=506008203.1620957033&jid=1375481579&_u=YEBAAUAAAAAAAC~&z=1016283410

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apps.nbc-insurance.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 May 2021 01:50:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK Cookie set rb_fda5820b-8067-4308-831a-eeaf2294ce3a Show response
apps.nbc-insurance.ca/waa/ 124 B
744 B 113ms
113ms XHR
text/plain 199.243.65.82
INTACT-FINANCIAL-...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: apps.nbc-insurance.ca
URL: https://apps.nbc-insurance.ca/waa/ruxitagentjs_ICA27SVfhqrux_10191200518082328.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.243.65.82 , Canada, ASN32564 (INTACT-FINANCIAL-CORPORATION, CA),

Reverse DNS

Software

Resource Hash

eacb90f6d411c5a5a4e96989b86b205d2ab1e5e8e34de93c6712a0b2f6fbf732

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: cors
Origin: https://apps.nbc-insurance.ca
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Sec-Fetch-Dest: empty
Cookie: BNI_persistence-apps-bnc=rfyFnxANmPtOkG2sZBK_o-fv4IKgxIQGDwqQO6nuJTBnPjoY63ZWykXM9lr4PaAaPeXchaIAOXmlKJ3zBWMhxQ==; PD-S-SESSION-ID=1_2_0_RP3G0D0tW+8-n9D2c94NiAgDb1vN-uvKgwIGJzC0GZUr9mxQ; AMWEBJCT!%2Fwaa!4232dcf7477ba2ab3538415707a233be=0a1fa4cc2e848d01f7a4f19cbf543e41; dtCookie=-6$UG970S1T94NAEVS5FLDP8H5A6EEVIUBB; rxVisitor=16209570314533BJ3696EBG1IEAN94NB1JQCOTMD4MJ2E; dtSa=-; dtLatC=525; AMCVS_8879806A585197B50A495EE9%40AdobeOrg=1; AMCV_8879806A585197B50A495EE9%40AdobeOrg=-1124106680%7CMCIDTS%7C18762%7CMCMID%7C73254844129117623942321607156014092772%7CMCAAMLH-1621561831%7C6%7CMCAAMB-1621561831%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1620964231s%7CNONE%7CMCSYNCSOP%7C411-18769%7CvVersion%7C5.2.0; ki_t=1620957032394%3B1620957032394%3B1620957032394%3B1%3B1; ki_r=; ki_s=; at_check=true; mbox=session#bec999dec95c4727b8e1e1717060ae06#1620958892|PC#bec999dec95c4727b8e1e1717060ae06.37_0#1684201833; AMWEBJCT!%2Fwaa!4a39a22791677cfa0947dfb41b88754f=a36956dd944ba31e55b4244e94ccdcdc; _gcl_au=1.1.210547222.1620957033; gpv_pn=Login; s_gpv=Login; s_cc=true; dtPC=-6$357031448_131h-vAIPDCNHFTAPPGSHAULDKGFHHRCPGEPBW-0e2; _ga=GA1.2.506008203.1620957033; _gid=GA1.2.1638247850.1620957033; _gat_gtag_UA_2595397_1=1; dtCookie=v_4_srv_5_sn_UG970S1T94NAEVS5FLDP8H5A6EEVIUBB_perc_100000_ol_0_mul_1_app-3Afdb85f10875c0f7a_1; rxvt=1620958834088|1620957031455
Connection: keep-alive
Content-Length: 2022
Pragma: no-cache
Host: apps.nbc-insurance.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8
x-dtreferer: https://apps.nbc-insurance.ca/waa/WAA/webseal.do?TAM_OP=login&ERROR_CODE=0x00000000&URL=%2Fcc%2F
Accept: */*
Cache-Control: no-cache
Referer: https://apps.nbc-insurance.ca/waa/
Sec-Fetch-Site: same-origin
x-dtreferer: https://apps.nbc-insurance.ca/waa/WAA/webseal.do?TAM_OP=login&ERROR_CODE=0x00000000&URL=%2Fcc%2F
Referer: https://apps.nbc-insurance.ca/waa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 14 May 2021 01:50:34 GMT
x-frame-options: SAMEORIGIN
isam-session-timeouts: 1800
p3p: CP="NON CUR OTPi OUR NOR UNI"
Set-Cookie: BNI_persistence-apps-bnc=rfyFnxANmPtOkG2sZBK_o-fv4IKgxIQGDwqQO6nuJTBnPjoY63ZWykXM9lr4PaAaPeXchaIAOXmlKJ3zBWMhxQ==; Path=/ dtCookie=v_4_srv_5_sn_UG970S1T94NAEVS5FLDP8H5A6EEVIUBB_perc_100000_ol_0_mul_1_app-3Afdb85f10875c0f7a_1; Path=/; Secure; HttpOnly
Transfer-Encoding: chunked
content-security-policy: frame-ancestors 'self'
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain; charset=utf-8

POST
H/1.1 200
OK Cookie set rb_fda5820b-8067-4308-831a-eeaf2294ce3a Show response
apps.nbc-insurance.ca/waa/ 124 B
744 B 110ms
109ms XHR
text/plain 199.243.65.82
INTACT-FINANCIAL-...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: apps.nbc-insurance.ca
URL: https://apps.nbc-insurance.ca/waa/ruxitagentjs_ICA27SVfhqrux_10191200518082328.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.243.65.82 , Canada, ASN32564 (INTACT-FINANCIAL-CORPORATION, CA),

Reverse DNS

Software

Resource Hash

eacb90f6d411c5a5a4e96989b86b205d2ab1e5e8e34de93c6712a0b2f6fbf732

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: cors
Origin: https://apps.nbc-insurance.ca
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Sec-Fetch-Dest: empty
Cookie: BNI_persistence-apps-bnc=rfyFnxANmPtOkG2sZBK_o-fv4IKgxIQGDwqQO6nuJTBnPjoY63ZWykXM9lr4PaAaPeXchaIAOXmlKJ3zBWMhxQ==; PD-S-SESSION-ID=1_2_0_RP3G0D0tW+8-n9D2c94NiAgDb1vN-uvKgwIGJzC0GZUr9mxQ; AMWEBJCT!%2Fwaa!4232dcf7477ba2ab3538415707a233be=0a1fa4cc2e848d01f7a4f19cbf543e41; dtCookie=-6$UG970S1T94NAEVS5FLDP8H5A6EEVIUBB; rxVisitor=16209570314533BJ3696EBG1IEAN94NB1JQCOTMD4MJ2E; dtSa=-; AMCVS_8879806A585197B50A495EE9%40AdobeOrg=1; AMCV_8879806A585197B50A495EE9%40AdobeOrg=-1124106680%7CMCIDTS%7C18762%7CMCMID%7C73254844129117623942321607156014092772%7CMCAAMLH-1621561831%7C6%7CMCAAMB-1621561831%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1620964231s%7CNONE%7CMCSYNCSOP%7C411-18769%7CvVersion%7C5.2.0; ki_t=1620957032394%3B1620957032394%3B1620957032394%3B1%3B1; ki_r=; ki_s=; at_check=true; mbox=session#bec999dec95c4727b8e1e1717060ae06#1620958892|PC#bec999dec95c4727b8e1e1717060ae06.37_0#1684201833; AMWEBJCT!%2Fwaa!4a39a22791677cfa0947dfb41b88754f=a36956dd944ba31e55b4244e94ccdcdc; _gcl_au=1.1.210547222.1620957033; gpv_pn=Login; s_gpv=Login; s_cc=true; dtPC=-6$357031448_131h-vAIPDCNHFTAPPGSHAULDKGFHHRCPGEPBW-0e2; _ga=GA1.2.506008203.1620957033; _gid=GA1.2.1638247850.1620957033; _gat_gtag_UA_2595397_1=1; dtCookie=v_4_srv_5_sn_UG970S1T94NAEVS5FLDP8H5A6EEVIUBB_perc_100000_ol_0_mul_1_app-3Afdb85f10875c0f7a_1; dtLatC=1; rxvt=1620958838121|1620957031455
Connection: keep-alive
Content-Length: 9246
Pragma: no-cache
Host: apps.nbc-insurance.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: */*
Cache-Control: no-cache
Referer: https://apps.nbc-insurance.ca/waa/
Sec-Fetch-Site: same-origin
Referer: https://apps.nbc-insurance.ca/waa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 14 May 2021 01:50:38 GMT
x-frame-options: SAMEORIGIN
isam-session-timeouts: 1800
p3p: CP="NON CUR OTPi OUR NOR UNI"
Set-Cookie: BNI_persistence-apps-bnc=rfyFnxANmPtOkG2sZBK_o-fv4IKgxIQGDwqQO6nuJTBnPjoY63ZWykXM9lr4PaAaPeXchaIAOXmlKJ3zBWMhxQ==; Path=/ dtCookie=v_4_srv_5_sn_UG970S1T94NAEVS5FLDP8H5A6EEVIUBB_perc_100000_ol_0_mul_1_app-3Afdb85f10875c0f7a_1; Path=/; Secure; HttpOnly
Transfer-Encoding: chunked
content-security-policy: frame-ancestors 'self'
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain; charset=utf-8

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nbc-insurance.ca/	1969-12-31 23:59:59	Name: rxvt Value: 1620958832538\|1620957031455
.demdex.net/	1970-01-19 22:35:09	Name: demdex Value: 73033768493864241272363148069949730049
.nbc-insurance.ca/	1969-12-31 23:59:59	Name: at_check Value: true
apps.nbc-insurance.ca/	1970-01-21 14:05:23	Name: ki_s Value:
apps.nbc-insurance.ca/	1970-01-21 14:05:23	Name: ki_r Value:
apps.nbc-insurance.ca/	1969-12-31 23:59:59	Name: dtCookie Value: v_4_srv_5_sn_UG970S1T94NAEVS5FLDP8H5A6EEVIUBB_perc_100000_ol_0_mul_1
.nbc-insurance.ca/	1970-01-19 18:15:58	Name: mbox Value: session#bec999dec95c4727b8e1e1717060ae06#1620958892
.nbc-insurance.ca/	1970-01-20 11:47:09	Name: AMCV_8879806A585197B50A495EE9%40AdobeOrg Value: -1124106680%7CMCIDTS%7C18762%7CMCMID%7C73254844129117623942321607156014092772%7CMCAAMLH-1621561831%7C6%7CMCAAMB-1621561831%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1620964231s%7CNONE%7CMCSYNCSOP%7C411-18769%7CvVersion%7C5.2.0
.nbc-insurance.ca/	1969-12-31 23:59:59	Name: dtLatC Value: 525
.nbc-insurance.ca/	1969-12-31 23:59:59	Name: AMCVS_8879806A585197B50A495EE9%40AdobeOrg Value: 1
.nbc-insurance.ca/	1969-12-31 23:59:59	Name: dtCookie Value: -6$UG970S1T94NAEVS5FLDP8H5A6EEVIUBB
apps.nbc-insurance.ca/	1969-12-31 23:59:59	Name: BNI_persistence-apps-bnc Value: rfyFnxANmPtOkG2sZBK_o-fv4IKgxIQGDwqQO6nuJTBnPjoY63ZWykXM9lr4PaAaPeXchaIAOXmlKJ3zBWMhxQ==
apps.nbc-insurance.ca/	1969-12-31 23:59:59	Name: AMWEBJCT!%2Fwaa!4232dcf7477ba2ab3538415707a233be Value: 0a1fa4cc2e848d01f7a4f19cbf543e41
.nbc-insurance.ca/	1969-12-31 23:59:59	Name: rxVisitor Value: 16209570314533BJ3696EBG1IEAN94NB1JQCOTMD4MJ2E
.nbc-insurance.ca/	1969-12-31 23:59:59	Name: dtSa Value: -
.nbc-insurance.ca/	1969-12-31 23:59:59	Name: dtPC Value: -6$357031448_131h4vAIPDCNHFTAPPGSHAULDKGFHHRCPGEPBW-0e2
apps.nbc-insurance.ca/	1969-12-31 23:59:59	Name: PD-S-SESSION-ID Value: 1_2_0_RP3G0D0tW+8-n9D2c94NiAgDb1vN-uvKgwIGJzC0GZUr9mxQ
apps.nbc-insurance.ca/	1970-01-21 14:05:23	Name: ki_t Value: 1620957032394%3B1620957032394%3B1620957032394%3B1%3B1

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://apps.nbc-insurance.ca/waa/vendors.bundle.js(Line 3) Message: react-i18next:: i18n.languages were undefined or empty undefined
console-api	error	URL: https://www.glancecdn.net/cobrowse/CobrowseJS.ashx?group=21243&site=staging(Line 21) Message: ERR_COBROWSE_NOT_SUPP

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apps.nbc-insurance.ca
assets.adobedtm.com
cl.qualaroo.com
cm.everesttech.net
connect.facebook.net
dntcl.qualaroo.com
dpm.demdex.net
googleads.g.doubleclick.net
intact.demdex.net
intactfinancialcorpo.tt.omtrdc.net
intactglobal.112.2o7.net
nbc-insurance.app.link
s3.amazonaws.com
stats.g.doubleclick.net
www.glancecdn.net
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
15.237.136.106
185.59.220.197
199.243.65.82
216.58.212.130
2600:9000:20eb:f600:19:9934:6a80:93a1
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:812::2008
2a00:1450:4001:829::2003
2a00:1450:4001:829::200e
2a00:1450:400c:c08::9b
2a00:f48:2000:1023::3
2a02:26f0:6c00:28a::1e80
2a03:2880:f01c:8012:face:b00c:0:3
34.243.47.58
34.250.160.147
52.18.150.20
52.217.77.94
54.158.125.140
54.194.191.134
02952d3ea0abfae10cdd79d462687bee5a2eb764d67a3e352580341ec9640cf6
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2
09d3abb0bb35e39bae0f9284ab32061a47fd8e54b116183f738eb736c62cf07e
0ca33d65af042989144ef1400c863fd5531d22df7deeb4ae4daf033f96abb238
12ce200c54332166f8ffd01f2f6b9c697949024be9639c2f999e416c76d7669d
18fd9b9a089a41197b99205191e17243446996e3fbe01b0e93246433720bf71f
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2e8900ba4a5768754de4fc21bcdde72bdcafa25c6c766a7f3bc44bf6c21fc412
44b19e13f52c6ce77e2f0036d884bd86d49d9741cc32dc56b71294bdd833efe6
456ac4a6336287089d9fd26c114f3da6451321b3d6813c2b9d52e2996f74bf5c
4885fae7af14abf9228eac9faa4959248f8e217ae1ccd0e38e9ff64f07a698fc
649ea4c52141d660750f9ec0a9293e6c0a1de1ba809c3c76bc450dab73844fbc
702428aaf2b30b0a4886c9252ad364809605bc3ad41fa2c51dd1215b4dc32321
76f3af5f6343732fe0306fa83d39704ac9124375d48c4eaa3462530cbef0c78b
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7de69d99cab13e722815ace5aa058ad7867476bfc1c817ae456f85f18d13ae14
84a57a64b1be3d00b3508792c95d75d7818ab19695e4cbeb5f310621cbe5700e
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85946b33a7e03006d7e6fc17b337ef9f376c65e1f01fb496b262296884fe41dc
8841776e1e53f0be30ecdde1dc7038364e6bce0ebe5afbd3347ce78e1b711a08
8d1fa4950611e780b17abc83e53dcd4e10b90544e2a1b7a715d95fabf1e5b68a
95c3a50d1c8994849683514f30962741bf600820281a97486a4f5caf2e37a7e6
95ddf5737055b8d953f9a95ee3aeab2fe443c458993a470c11ce16d4f8c34d6c
997f5bfb9f0c74974ec265633b71dd76c5f0224611dd26775db3cc823ec24947
99895f394ccdfd41346ca5f9e4c3948c0f57a53cd1dcdfb6e606346048b10529
9a640a4d0bf918126fed095202427876cd3c8fc44d6be3d991b7f23ab1dd0439
9fb375f4fa19c40aceaf758beedba9669347ab36e9bfc1e870e57409b6aed716
a0ad36a64b0a55adcb3679d9730484a487566ee15d7e64b9bdc82b7969fa2dc7
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a3c7e218e7a1b6edf05af703a7243b0b81441e4f6c7037d8c40f86c05cb1a285
a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05
a64f68f988d52fa69627ecf91096976b5a88d2d148e7be2718853152fe7ca59a
a8b110bf499abab2b4a4af123aa9432672a1d0b3b65ca06c7d914d841143b56f
b8266878a8f8cb0e0773577e27ee7f93541b6753d8fac082d5265758c4f06ed7
bd5c833ac75a2fe66aa361d66f08f997a20ccdec8f5800d77245963b00af5cba
cde1bed43f58a644bf766ff27b108c7d849ebfb2c316a9c30bc16ce7ba57d8d2
d12fd544cf1c74565385e3e00f87baae65a158108b750d55cada1117fe5a8e71
d1bbd121b50adadbc96c8b032ee98cd38c3ce90e357dd3288f09d90dec9f7e1b
d41189bf1c039a94d7253a243b172d97452634373a126deb5eef8357144e3a2e
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32
d8285ff99e5a5337b698ae623283c90a0c0571ced1a4fabdc3006720e263039f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
deaf4742c850a9a831baa5065d029ed9885df26651104738d9a3ef0d72e28582
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8eed467790ea2d3d50fbaf8993be21b6f8a885cbc8857f4e13b1c30c3304897
eacb90f6d411c5a5a4e96989b86b205d2ab1e5e8e34de93c6712a0b2f6fbf732
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff17de9c1f36530fba331c1f24a828003fa467d518ebdeec1bfb351c712515d
f41b0cf7fc8d319c89ccc9ef8a71846d5ed2476b21def697d9e573d0abdf3263
fc3bdf08b736cad8676590fe70bed6f3c64efe3964590b4b4805798148b93b95

apps.nbc-insurance.ca Open in urlscan Pro 199.243.65.82 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

57 Requests

100 %HTTPS

50 %IPv6

17 Domains

20 Subdomains

18 IPs

6 Countries

1801 kBTransfer

3586 kBSize

18 Cookies

7 Outgoing links

Page URL History

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

apps.nbc-insurance.ca Open in urlscan Pro
199.243.65.82 Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

100 %
HTTPS

50 %
IPv6

17
Domains

20
Subdomains

18
IPs

6
Countries

1801 kB
Transfer

3586 kB
Size

18
Cookies

57 HTTP transactions
4 data transactions