urlscan.io logo urlscan.io
SecurityTrails logo

login.icbc.com Open in urlscan Pro
198.162.234.206  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://login.icbc.com/
Effective URL: https://login.icbc.com/oamsso-bin/login.pl?resource_url=https%3A%2F%2Flogin.icbc.com%2F
Submission Tags: falconsandbox
Submission: On September 09 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 6 HTTP transactions. The main IP is 198.162.234.206, located in Kamloops, Canada and belongs to EQUINIX, NL. The main domain is login.icbc.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on September 15th 2023. Valid for: a year.
This is the only time login.icbc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 6 198.162.234.206 15830 (EQUINIX)
1 142.251.40.200 15169 (GOOGLE)
6 2
Apex Domain
Subdomains		 Transfer
6 icbc.com
login.icbc.com
21 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
66 KB
6 2
Domain Requested by
6 login.icbc.com 1 redirects login.icbc.com
1 www.googletagmanager.com login.icbc.com
6 2

This site contains links to these domains. Also see Links.

Domain
profile.icbc.com
Subject Issuer Validity Valid
login.icbc.com
Entrust Certification Authority - L1K		 2023-09-15 -
2024-10-09		 a year crt.sh
*.google-analytics.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://login.icbc.com/oamsso-bin/login.pl?resource_url=https%3A%2F%2Flogin.icbc.com%2F
Frame ID: AAEA4C73EBC87D457B08DCAE53DAE2A9
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign In

Page URL History Show full URLs

  1. http://login.icbc.com/ HTTP 307
    https://login.icbc.com/ HTTP 302
    https://login.icbc.com/oamsso-bin/login.pl?resource_url=https%3A%2F%2Flogin.icbc.com%2F Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js

Page Statistics

6
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

86 kB
Transfer

200 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://login.icbc.com/ HTTP 307
    https://login.icbc.com/ HTTP 302
    https://login.icbc.com/oamsso-bin/login.pl?resource_url=https%3A%2F%2Flogin.icbc.com%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login.pl
login.icbc.com/oamsso-bin/
Redirect Chain
  • http://login.icbc.com/
  • https://login.icbc.com/
  • https://login.icbc.com/oamsso-bin/login.pl?resource_url=https%3A%2F%2Flogin.icbc.com%2F
4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.icbc.com/oamsso-bin/login.pl?resource_url=https%3A%2F%2Flogin.icbc.com%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.162.234.206 Kamloops, Canada, ASN15830 (EQUINIX, NL),
Reverse DNS
206.234.162-198.q9.net
Software
/
Resource Hash
f1ad6d243b5d342a553885e28694751467fcdb70ce6afb172e92814f7abb39b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache, no-store
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Mon, 09 Sep 2024 17:40:28 GMT
Expires
0
Generated-By
login.pl
Keep-Alive
timeout=5, max=99
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block

Redirect headers

Connection
Keep-Alive
Content-Length
249
Content-Type
text/html; charset=iso-8859-1
Date
Mon, 09 Sep 2024 17:40:28 GMT
Keep-Alive
timeout=5, max=100
Location
/oamsso-bin/login.pl?resource_url=https%3A%2F%2Flogin.icbc.com%2F
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
icbcoam.css
login.icbc.com/dccbranding/css/ 		4 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login.icbc.com/dccbranding/css/icbcoam.css
Requested by
Host: login.icbc.com
URL: https://login.icbc.com/oamsso-bin/login.pl?resource_url=https%3A%2F%2Flogin.icbc.com%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.162.234.206 Kamloops, Canada, ASN15830 (EQUINIX, NL),
Reverse DNS
206.234.162-198.q9.net
Software
/
Resource Hash
22ab41a9c06563053174c5b107080a59d7468e5742309b1ac74ecc973c553432
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://login.icbc.com/oamsso-bin/login.pl?resource_url=https%3A%2F%2Flogin.icbc.com%2F
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Mon, 09 Sep 2024 17:40:28 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Fri, 25 Nov 2022 17:46:44 GMT
ETag
"11a7-5ee4f1adc4d49"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
4519
X-XSS-Protection
1; mode=block
config.js
login.icbc.com/oamsso/global/ 		8 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.icbc.com/oamsso/global/config.js
Requested by
Host: login.icbc.com
URL: https://login.icbc.com/oamsso-bin/login.pl?resource_url=https%3A%2F%2Flogin.icbc.com%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.162.234.206 Kamloops, Canada, ASN15830 (EQUINIX, NL),
Reverse DNS
206.234.162-198.q9.net
Software
/
Resource Hash
bd6f01d8b3b37a62bc36f116a317bea4d225eb6788f9aeaa2c359d0107f5d4c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://login.icbc.com/oamsso-bin/login.pl?resource_url=https%3A%2F%2Flogin.icbc.com%2F
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Mon, 09 Sep 2024 17:40:29 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Fri, 25 Nov 2022 17:48:17 GMT
ETag
"21ae-5ee4f206874dd"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
8622
X-XSS-Protection
1; mode=block
logo_icbc.png
login.icbc.com/dccbranding/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.icbc.com/dccbranding/images/logo_icbc.png
Requested by
Host: login.icbc.com
URL: https://login.icbc.com/oamsso-bin/login.pl?resource_url=https%3A%2F%2Flogin.icbc.com%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.162.234.206 Kamloops, Canada, ASN15830 (EQUINIX, NL),
Reverse DNS
206.234.162-198.q9.net
Software
/
Resource Hash
6554c31cfbc8a957bf7b98ef6dfe04423d49742e3a45f972e229619cfefc7935
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://login.icbc.com/oamsso-bin/login.pl?resource_url=https%3A%2F%2Flogin.icbc.com%2F
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Mon, 09 Sep 2024 17:40:29 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Fri, 25 Nov 2022 17:46:43 GMT
ETag
"66b-5ee4f1ad9d537"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1643
X-XSS-Protection
1; mode=block
gtm.js
www.googletagmanager.com/ 		181 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PBMQXGD
Requested by
Host: login.icbc.com
URL: https://login.icbc.com/oamsso-bin/login.pl?resource_url=https%3A%2F%2Flogin.icbc.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.200 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
7eb109c5a2b46416e7de344cda822121e1cca7a6b035abd4eac05dfcda0413f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://login.icbc.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 09 Sep 2024 17:40:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67098
x-xss-protection
0
last-modified
Mon, 09 Sep 2024 16:48:36 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 09 Sep 2024 17:40:29 GMT
favicon.ico
login.icbc.com/ 		196 B
510 B 		Other
General
Check archive.org
Download Go to
Full URL
https://login.icbc.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.162.234.206 Kamloops, Canada, ASN15830 (EQUINIX, NL),
Reverse DNS
206.234.162-198.q9.net
Software
/
Resource Hash
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://login.icbc.com/oamsso-bin/login.pl?resource_url=https%3A%2F%2Flogin.icbc.com%2F
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Mon, 09 Sep 2024 17:40:29 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Type
text/html; charset=iso-8859-1
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
196
X-XSS-Protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dataLayer string| currentPageLang function| postSubmit string| abtProduct string| helpLinkHREF string| privacyPolicy string| legalNote string| termsOfUse string| copyRightTEXT number| maxAllowedInputSize boolean| isNS6 boolean| showLang function| detectBrowser function| checkForEnterKey function| onBodyLoad function| autoCompleteOff function| setCustomHeaderFooter function| handleEnterKey function| handleSubmit function| checkSupportedBrowser function| getBrowserName function| getBrowserVersion function| checkBrowserType function| addCookie function| getRequestedURL function| checkCookieExists function| deleteCookie function| disableShowBrowserOptionForSavingPassword function| focusOnUserName function| changeLoginButtonStatus function| resizePage object| google_tag_manager object| google_tag_data

2 Cookies

Domain/Path Name / Value
login.icbc.com/oam/server/auth_cred_submit Name: DCCCtxCookie_login.icbc.com_443
Value: encdata%3D5H3yKEQE%2FQB7t5gYoz%2F9hLsOGOxFqBGjAjZYFNOVizkwTifXVQ5%2BxqT3Fn%2FOI%2Fsd7Dn7WwGWKnuziH%2FLOb1J%2FkV6QozxEoKFX16B1oJlk8nC81qxqbcJVSAVbV9The5%2BIxBvqK%2FfIaoEzk1ujXjg5hOPnyHDQn9AQeLYdWqgM%2BZhSiz2%2FJkvIq9liFB4ApCYwgftVGINCH3Q91tMN7NSiF%2ByTW4bnUmigaKKP7JWn2JzyzZmKMSBtuoBwAhzy7d9
.icbc.com/ Name: OAMAuthnHintCookie
Value: 0@1725903628

1 Console Messages

Source Level URL
Text
network error URL: https://login.icbc.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block