apply.nbc-insurance.ca Open in urlscan Pro
35.203.11.179  Public Scan

8 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

• https://5357220.fls.doubleclick.net/activityi;src=5357220;type=bnc-d0;cat=bnc-d0;u1=;u2=;u3=;u4=en;u5=bna;u6=site;u7=personal;u8=;u9=nbc-insurance:landing-page;u10=;u11=;u12=;u13=;u14=;u19=nbc-insurance:landing-page;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 HTTP 302
• https://5357220.fls.doubleclick.net/activityi;dc_pre=CNCMwrWV0e0CFbfIuwgdbkgBLA;src=5357220;type=bnc-d0;cat=bnc-d0;u1=;u2=;u3=;u4=en;u5=bna;u6=site;u7=personal;u8=;u9=nbc-insurance:landing-page;u10=;u11=;u12=;u13=;u14=;u19=nbc-insurance:landing-page;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1

Request Chain 26

• https://8392723.fls.doubleclick.net/activityi;src=8392723;type=pagev0;cat=pagev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=[SessionID] HTTP 302
• https://8392723.fls.doubleclick.net/activityi;dc_pre=CPmQxbWV0e0CFayFgwcdGVwJyw;src=8392723;type=pagev0;cat=pagev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=[SessionID]

Request Chain 33

• https://cm.everesttech.net/cm/dd?d_uuid=13071634246463849883572973297223667329 HTTP 302
• https://dpm.demdex.net/ibs:dpid=411&dpuuid=X9lKWAAAACDDpB_U

Request Chain 53

• https://ingcanada.112.2o7.net/b/ss/intactbnagprod/1/JS-1.5.3/s56020117939625?AQB=1&ndh=1&pf=1&t=16%2F11%2F2020%200%3A44%3A26%203%20-60&fid=5B9FE725F5397144-02958AEB701729C2&ce=UTF-8&ns=ingcanada&cdp=2&pageName=nb%3A&g=https%3A%2F%2Fapply.nbc-insurance.ca%2F&cc=CAD&server=apply.nbc-insurance.ca&events=event7&h1=D%3DpageName&c7=no%20province%20specified&v7=D%3Dc7&c8=tuesday-6%3A44pm&v8=D%3Dc8&v9=D%3Dc13&c13=no%20language%20specified&c31=new%7Cfirst%20visit%7C1&c34=anonymous%7Canonymous&c39=D%3Dg&c40=D%3DpageName%2B%22%28%22%2Bc13%2B%22%29%22&v40=D%3Dg&c41=D%3DpageName%2B%22%28%22%2Bc7%2B%22%29%22&v41=D%3Dc31&v44=D%3Dc34&c50=ATM%2F_bda%5B2.25%3AND%3A2015-05-05%5D%2Fmap%5B1.7%3AWY%3A2017-02-21%5D&v50=D%3DpageName&v51=D%3DpageName&v55=D%3Dc55&v61=typed%2Fbookmarked&v63=typed%2Fbookmarked&v65=D%3Dv64&v67=typed%2Fbookmarked&v68=D%3Dv67&v69=typed%2Fbookmarked&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1 HTTP 302
• https://ingcanada.112.2o7.net/b/ss/intactbnagprod/1/JS-1.5.3/s56020117939625?AQB=1&pccr=true&vidn=2FECA52D0515AB44-40000943B60A5514&ndh=1&pf=1&t=16%2F11%2F2020%200%3A44%3A26%203%20-60&fid=5B9FE725F5397144-02958AEB701729C2&ce=UTF-8&ns=ingcanada&cdp=2&pageName=nb%3A&g=https%3A%2F%2Fapply.nbc-insurance.ca%2F&cc=CAD&server=apply.nbc-insurance.ca&events=event7&h1=D%3DpageName&c7=no%20province%20specified&v7=D%3Dc7&c8=tuesday-6%3A44pm&v8=D%3Dc8&v9=D%3Dc13&c13=no%20language%20specified&c31=new%7Cfirst%20visit%7C1&c34=anonymous%7Canonymous&c39=D%3Dg&c40=D%3DpageName%2B%22%28%22%2Bc13%2B%22%29%22&v40=D%3Dg&c41=D%3DpageName%2B%22%28%22%2Bc7%2B%22%29%22&v41=D%3Dc31&v44=D%3Dc34&c50=ATM%2F_bda%5B2.25%3AND%3A2015-05-05%5D%2Fmap%5B1.7%3AWY%3A2017-02-21%5D&v50=D%3DpageName&v51=D%3DpageName&v55=D%3Dc55&v61=typed%2Fbookmarked&v63=typed%2Fbookmarked&v65=D%3Dv64&v67=typed%2Fbookmarked&v68=D%3Dv67&v69=typed%2Fbookmarked&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1

Request Chain 62

• https://www.facebook.com/tr/?id=1783130221942772&ev=PageView&dl=https%3A%2F%2Fapply.nbc-insurance.ca%2F&rl=&if=false&ts=1608075866809&sw=1600&sh=1200&v=2.9.30&r=stable&a=seg&ec=1&o=28&fbp=fb.1.1608075866562.1102844653&it=1608075864690&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET HTTP 302
• https://cx.atdmt.com/?c=14817184135660154719&f=AYyjPPfUJMW6mgoVSTZ42FYbVG9EoNSlbsNVmEWOLXsAs_V8G1JyIpdlvtz2kwmeAfRYkcM6-1b9aYPEVgDBN2q_&id=1783130221942772&l=3&v=0

Request Chain 67

• https://googleads.g.doubleclick.net/pagead/viewthroughconversion/819651208/?random=227185916&cv=9&fst=1608075866813&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fapply.nbc-insurance.ca%2F&tiba=Term%20Life%20Insurance%20%7C%20National%20Bank%20Insurance&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=WkrZX-TGMo2I3wOS05aACw&sscte=1&crd= HTTP 302
• https://www.google.com/pagead/1p-conversion/819651208/?random=227185916&cv=9&fst=1608075866813&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fapply.nbc-insurance.ca%2F&tiba=Term%20Life%20Insurance%20%7C%20National%20Bank%20Insurance&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=WkrZX-TGMo2I3wOS05aACw&cid=CAQSKQCNIrLMt347PVC-yn8Fn80bLoQSwEuuRLDoBY8cnWgabO7f1CWCSKNF&random=792797542&resp=GooglemKTybQhCsO HTTP 302
• https://www.google.de/pagead/1p-conversion/819651208/?random=227185916&cv=9&fst=1608075866813&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fapply.nbc-insurance.ca%2F&tiba=Term%20Life%20Insurance%20%7C%20National%20Bank%20Insurance&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=WkrZX-TGMo2I3wOS05aACw&cid=CAQSKQCNIrLMt347PVC-yn8Fn80bLoQSwEuuRLDoBY8cnWgabO7f1CWCSKNF&random=792797542&resp=GooglemKTybQhCsO&ipr=y

Request Chain 74

• https://s.adroll.com/j/exp/EX76L7I6JVDGRDLV4P2AMG/index.js HTTP 302
• https://s.adroll.com/j/exp/index.js

Request Chain 76

• https://d.adroll.mgr.consensu.org/consent/iabcheck/EX76L7I6JVDGRDLV4P2AMG?_s=13cc629129c76d758282ce7124c20d90&_b=2 HTTP 302
• https://d.adroll.com/consent/check/EX76L7I6JVDGRDLV4P2AMG/?_s=13cc629129c76d758282ce7124c20d90&_b=2

Request Chain 77

• https://d.adroll.com/pixel/EX76L7I6JVDGRDLV4P2AMG/J3B2Y3Y6LVGEHJM2VNGBFL?arrfrr=https%3A%2F%2Fapply.nbc-insurance.ca%2F&xid_ch=f&pv=2753094514.3759313&cookie=&adroll_s_ref=&keyw= HTTP 302
• https://s.adroll.com/pixel/EX76L7I6JVDGRDLV4P2AMG/J3B2Y3Y6LVGEHJM2VNGBFL/NFXO64YS4VGX7ISTODZOX2.js

Request Chain 79

• https://d.adroll.com/cm/r/out?arrfrr=https%3A%2F%2Fapply.nbc-insurance.ca%2F&xid_ch=f&advertisable=EX76L7I6JVDGRDLV4P2AMG HTTP 302
• https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
• https://d.adroll.com/cm/r/in?xid=E0&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Request Chain 80

• https://d.adroll.com/cm/b/out?arrfrr=https%3A%2F%2Fapply.nbc-insurance.ca%2F&xid_ch=f&advertisable=EX76L7I6JVDGRDLV4P2AMG HTTP 302
• https://x.bidswitch.net/sync?dsp_id=44&user_id=MDUwNDA0NDY1YTQ3YjcyZDg5NmY4NDM1ZjkwYWRlNTA HTTP 302
• https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=MDUwNDA0NDY1YTQ3YjcyZDg5NmY4NDM1ZjkwYWRlNTA

Request Chain 81

• https://d.adroll.com/cm/x/out?arrfrr=https%3A%2F%2Fapply.nbc-insurance.ca%2F&xid_ch=f&advertisable=EX76L7I6JVDGRDLV4P2AMG HTTP 302
• https://ib.adnxs.com/setuid?entity=172&code=MDUwNDA0NDY1YTQ3YjcyZDg5NmY4NDM1ZjkwYWRlNTA HTTP 307
• https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DMDUwNDA0NDY1YTQ3YjcyZDg5NmY4NDM1ZjkwYWRlNTA

Request Chain 82

• https://d.adroll.com/cm/l/out?arrfrr=https%3A%2F%2Fapply.nbc-insurance.ca%2F&xid_ch=f&advertisable=EX76L7I6JVDGRDLV4P2AMG HTTP 302
• https://idsync.rlcdn.com/377928.gif?partner_uid=050404465a47b72d896f8435f90ade50

Request Chain 83

• https://d.adroll.com/cm/o/out?arrfrr=https%3A%2F%2Fapply.nbc-insurance.ca%2F&xid_ch=f&advertisable=EX76L7I6JVDGRDLV4P2AMG HTTP 302
• https://us-u.openx.net/w/1.0/sd?id=537103138&val=050404465a47b72d896f8435f90ade50 HTTP 302
• https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=050404465a47b72d896f8435f90ade50

Request Chain 84

• https://d.adroll.com/cm/g/out?arrfrr=https%3A%2F%2Fapply.nbc-insurance.ca%2F&xid_ch=f&advertisable=EX76L7I6JVDGRDLV4P2AMG&google_nid=adroll5 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=BQQERlpHty2Jb4Q1-QreUA HTTP 302
• https://d.adroll.com/cm/g/in

83 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
7 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response apply.nbc-insurance.ca/	4 KB 2 KB	455ms 120ms	Document text/html	35.203.11.179 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apply.nbc-insurance.ca/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.203.11.179 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 179.11.203.35.bc.googleusercontent.com Software nginx/1.17.10 / Express Resource Hash b13daad5156a185d228945a92f3b8e8e8b0b7bcfd0186f2d3c4a4452c5bf8d29 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers :method GET :authority apply.nbc-insurance.ca :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers server nginx/1.17.10 date Tue, 15 Dec 2020 23:44:24 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding set-cookie route=14b9b71542a0d2c1abe7b54aeb1c578d; Expires=Wed, 16-Dec-20 23:44:24 GMT; Max-Age=86400; Path=/; Secure; HttpOnly x-powered-by Express cache-control public, max-age=0 last-modified Tue, 06 Oct 2020 14:47:36 GMT etag W/"ea9-174fe61cb40" strict-transport-security max-age=15724800; includeSubDomains content-encoding gzip
GET H2	200	config.js Show response apply.nbc-insurance.ca/	3 KB 2 KB	318ms 316ms	Script application/javascript	35.203.11.179 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apply.nbc-insurance.ca/config.js Requested by Host: apply.nbc-insurance.ca URL: https://apply.nbc-insurance.ca/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.203.11.179 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 179.11.203.35.bc.googleusercontent.com Software nginx/1.17.10 / Express Resource Hash b87f03df7d1fca384e443c949109abb215be7ada11916730b9f3006e65409577 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 15 Dec 2020 23:44:24 GMT content-encoding gzip last-modified Tue, 06 Oct 2020 14:47:36 GMT server nginx/1.17.10 x-powered-by Express etag W/"5ba-174fe61cb40" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=0 strict-transport-security max-age=15724800; includeSubDomains accept-ranges bytes content-length 1466
GET H2	200	auth0.min.js Show response cdn.auth0.com/js/auth0/9.6.1/	110 KB 34 KB	129ms 42ms	Script application/javascript	65.9.84.50 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.auth0.com/js/auth0/9.6.1/auth0.min.js Requested by Host: apply.nbc-insurance.ca URL: https://apply.nbc-insurance.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.84.50 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 45f47d840784ee940ee178f02f52c831563939a53dd0fe1df6541a5d8fab0f68 Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 15 Dec 2020 17:18:50 GMT content-encoding gzip last-modified Thu, 07 Jun 2018 20:25:58 GMT server AmazonS3 age 23135 etag W/"539f051f50f20db69b9f2c155ac99c62" vary Accept-Encoding x-cache Hit from cloudfront x-amz-version-id w2T_rI04hO7rm7ux5gzb4PjWifDOi1jq via 1.1 5e828cc6ff056cb59ec35c3467ec45f5.cloudfront.net (CloudFront) cache-control max-age=2628000,public x-amz-replication-status COMPLETED x-amz-cf-pop AMS1-C1 content-type application/javascript x-amz-cf-id oddm_xV8zYUoX7mNC0cVDomO7oppE5MJf57OfQ8qK5HulaiLAMmUaA==
GET H2	200	satelliteLib-23f9eeb04eeb4bd02e31d36e3ed3825c4d8105ae.js Show response assets.adobedtm.com/58a1d39ae7dbd9ad6d68fd7a2e33a92917d9261c/	147 KB 42 KB	22ms 7ms	Script application/x-javascript	2a02:26f0:6c00:28a::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/58a1d39ae7dbd9ad6d68fd7a2e33a92917d9261c/satelliteLib-23f9eeb04eeb4bd02e31d36e3ed3825c4d8105ae.js Requested by Host: apply.nbc-insurance.ca URL: https://apply.nbc-insurance.ca/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:28a::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS Software AkamaiNetStorage / Resource Hash fe761a3a8f8b6ff12fb3b6945047f24358f158d74b20f001ba8ada6d83b08bf0 Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 15 Dec 2020 23:44:24 GMT content-encoding gzip last-modified Tue, 26 May 2020 21:27:47 GMT server AkamaiNetStorage etag "dcd2bec08375a88ead5e839871f85113:1590528467.265606" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://apply.nbc-insurance.ca cache-control max-age=3600 accept-ranges bytes timing-allow-origin * content-length 42972 expires Wed, 16 Dec 2020 00:44:24 GMT
GET H2	200	2.461cb393.chunk.css apply.nbc-insurance.ca/static/css/	569 KB 98 KB	120ms 118ms	Stylesheet text/css	35.203.11.179 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apply.nbc-insurance.ca/static/css/2.461cb393.chunk.css Requested by Host: apply.nbc-insurance.ca URL: https://apply.nbc-insurance.ca/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.203.11.179 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 179.11.203.35.bc.googleusercontent.com Software nginx/1.17.10 / Express Resource Hash bf8e0035b788caf36dc30be8938660c68f4d996cec79152ea97ceccc20cc83f5 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 15 Dec 2020 23:44:24 GMT content-encoding gzip last-modified Tue, 06 Oct 2020 14:47:36 GMT server nginx/1.17.10 x-powered-by Express etag W/"1858e-174fe61cb40" vary Accept-Encoding content-type text/css; charset=UTF-8 cache-control public, max-age=0 strict-transport-security max-age=15724800; includeSubDomains accept-ranges bytes content-length 99726
GET H2	200	main.8d810515.chunk.css apply.nbc-insurance.ca/static/css/	33 KB 5 KB	317ms 316ms	Stylesheet text/css	35.203.11.179 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apply.nbc-insurance.ca/static/css/main.8d810515.chunk.css Requested by Host: apply.nbc-insurance.ca URL: https://apply.nbc-insurance.ca/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.203.11.179 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 179.11.203.35.bc.googleusercontent.com Software nginx/1.17.10 / Express Resource Hash f01e3c93331ea038a82e34fa410b1dfb1d6c041543635c80d740f5547fab15ec Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 15 Dec 2020 23:44:24 GMT content-encoding gzip last-modified Tue, 06 Oct 2020 14:47:36 GMT server nginx/1.17.10 x-powered-by Express etag W/"1239-174fe61cb40" vary Accept-Encoding content-type text/css; charset=UTF-8 cache-control public, max-age=0 strict-transport-security max-age=15724800; includeSubDomains accept-ranges bytes content-length 4665
GET H2	200	2.07ce6a45.chunk.js Show response apply.nbc-insurance.ca/static/js/	3 MB 759 KB	318ms 316ms	Script application/javascript	35.203.11.179 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apply.nbc-insurance.ca/static/js/2.07ce6a45.chunk.js Requested by Host: apply.nbc-insurance.ca URL: https://apply.nbc-insurance.ca/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.203.11.179 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 179.11.203.35.bc.googleusercontent.com Software nginx/1.17.10 / Express Resource Hash 049655c08596cac9a6cb8480d9bae2f56239a884a588472d3fd1aeb236c97e3f Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 15 Dec 2020 23:44:24 GMT content-encoding gzip last-modified Tue, 06 Oct 2020 14:47:36 GMT server nginx/1.17.10 x-powered-by Express etag W/"bd4ed-174fe61cb40" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=0 strict-transport-security max-age=15724800; includeSubDomains accept-ranges bytes content-length 775405
GET H2	200	main.9056a60e.chunk.js Show response apply.nbc-insurance.ca/static/js/	975 KB 263 KB	318ms 317ms	Script application/javascript	35.203.11.179 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apply.nbc-insurance.ca/static/js/main.9056a60e.chunk.js Requested by Host: apply.nbc-insurance.ca URL: https://apply.nbc-insurance.ca/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.203.11.179 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 179.11.203.35.bc.googleusercontent.com Software nginx/1.17.10 / Express Resource Hash 35429556a2a7cb15cca59e053d4f64400dda9b4fd5943b652c839156ac9fa679 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 15 Dec 2020 23:44:24 GMT content-encoding gzip last-modified Tue, 06 Oct 2020 14:47:36 GMT server nginx/1.17.10 x-powered-by Express etag W/"4195a-174fe61cb40" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=0 strict-transport-security max-age=15724800; includeSubDomains accept-ranges bytes content-length 268634
GET H2	200	gtm.js Show response www.googletagmanager.com/	72 KB 29 KB	31ms 30ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-5Z4C66S Requested by Host: apply.nbc-insurance.ca URL: https://apply.nbc-insurance.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash c0ed88822d849c2628b0b91e5694a4490c435ea10067499d980a475c5a986e83 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 15 Dec 2020 23:44:24 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 29237 x-xss-protection 0 last-modified Tue, 15 Dec 2020 21:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 15 Dec 2020 23:44:24 GMT
GET H/1.1	200 OK	id Show response dpm.demdex.net/	5 KB 2 KB	193ms 50ms	XHR application/json	34.250.65.236 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dpm.demdex.net/id?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=1E24776A524450D90A490D44%40AdobeOrg&d_nsid=0&ts=1608075864543 Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/58a1d39ae7dbd9ad6d68fd7a2e33a92917d9261c/satelliteLib-23f9eeb04eeb4bd02e31d36e3ed3825c4d8105ae.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.250.65.236 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-250-65-236.eu-west-1.compute.amazonaws.com Software / Resource Hash c3db94f33cab64a1aa93f0c2f80fc93dbf99f75db6aa712c424938a396359044 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers DCS dcs-prod-irl1-v086-0f863e2d4.edge-irl1.demdex.com 5.80.1.20201111130852 2ms (+1ms) Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains Content-Encoding gzip X-TID LmNAZBhSSg8= Vary Origin, Accept-Encoding, User-Agent P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Access-Control-Allow-Origin https://apply.nbc-insurance.ca Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json;charset=utf-8 Content-Length 1528 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	mbox-contents-6fc75f117925574cc1441b1f0b00cce81c10924e.js Show response assets.adobedtm.com/58a1d39ae7dbd9ad6d68fd7a2e33a92917d9261c/	108 KB 35 KB	17ms 16ms	Script application/x-javascript	2a02:26f0:6c00:28a::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/58a1d39ae7dbd9ad6d68fd7a2e33a92917d9261c/mbox-contents-6fc75f117925574cc1441b1f0b00cce81c10924e.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/58a1d39ae7dbd9ad6d68fd7a2e33a92917d9261c/satelliteLib-23f9eeb04eeb4bd02e31d36e3ed3825c4d8105ae.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:28a::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS Software AkamaiNetStorage / Resource Hash 305fa731fa32f18696c2ad8e1f4b6c2fb9ba61795bd84787b861477d127e3e61 Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Tue, 15 Dec 2020 23:44:24 GMT content-encoding gzip last-modified Tue, 26 May 2020 21:27:49 GMT server AkamaiNetStorage etag "e8176db0745cd834d76a0dd1a639d228:1590528469.636062" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://apply.nbc-insurance.ca cache-control max-age=3600 accept-ranges bytes timing-allow-origin * content-length 35097 expires Wed, 16 Dec 2020 00:44:24 GMT
GET H2	200	satellite-5670672064746d5bd30011d4.js Show response assets.adobedtm.com/58a1d39ae7dbd9ad6d68fd7a2e33a92917d9261c/scripts/	3 KB 2 KB	22ms 22ms	Script application/x-javascript	2a02:26f0:6c00:28a::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/58a1d39ae7dbd9ad6d68fd7a2e33a92917d9261c/scripts/satellite-5670672064746d5bd30011d4.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/58a1d39ae7dbd9ad6d68fd7a2e33a92917d9261c/satelliteLib-23f9eeb04eeb4bd02e31d36e3ed3825c4d8105ae.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:28a::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS Software AkamaiNetStorage / Resource Hash 7a980774c763c67b8dfa96f1bf3e7c4f6896c2393b6964e973e5c9a0b88cd51f Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Tue, 15 Dec 2020 23:44:24 GMT content-encoding gzip last-modified Tue, 26 May 2020 21:27:52 GMT server AkamaiNetStorage etag "67ef353d100b48772daa5afa864d8669:1590528472.255294" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://apply.nbc-insurance.ca cache-control max-age=3600 accept-ranges bytes timing-allow-origin * content-length 1293 expires Wed, 16 Dec 2020 00:44:24 GMT
GET H2	200	satellite-5cc0c85f64746d47f1000450.js Show response assets.adobedtm.com/58a1d39ae7dbd9ad6d68fd7a2e33a92917d9261c/scripts/	50 B 338 B	28ms 28ms	Script application/x-javascript	2a02:26f0:6c00:28a::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/58a1d39ae7dbd9ad6d68fd7a2e33a92917d9261c/scripts/satellite-5cc0c85f64746d47f1000450.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/58a1d39ae7dbd9ad6d68fd7a2e33a92917d9261c/satelliteLib-23f9eeb04eeb4bd02e31d36e3ed3825c4d8105ae.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:28a::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS Software AkamaiNetStorage / Resource Hash e5c32217615dd2e7b4e23b6a3dfbeefaea1c08b84bfb3afbdd8ff3b5d0989ea5 Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Tue, 15 Dec 2020 23:44:24 GMT content-encoding gzip last-modified Tue, 26 May 2020 21:27:52 GMT server AkamaiNetStorage etag "ba2ae5fc2cc2016fdf94f83c8346b66d:1590528472.180292" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://apply.nbc-insurance.ca cache-control max-age=3600 accept-ranges bytes timing-allow-origin * content-length 69 expires Wed, 16 Dec 2020 00:44:24 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	46 KB 18 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:820::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/58a1d39ae7dbd9ad6d68fd7a2e33a92917d9261c/scripts/satellite-5670672064746d5bd30011d4.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Fri, 23 Oct 2020 03:00:57 GMT server Golfe2 age 6829 date Tue, 15 Dec 2020 21:50:35 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18817 expires Tue, 15 Dec 2020 23:50:35 GMT
GET H2	200	css fonts.googleapis.com/	3 KB 577 B	16ms 16ms	Stylesheet text/css	2a00:1450:4001:81d::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin Requested by Host: apply.nbc-insurance.ca URL: https://apply.nbc-insurance.ca/static/css/2.461cb393.chunk.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash a44bbd41a152df40ae99043e510a51da8ad97dadd3f28d1c21be248a4bd98942 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://apply.nbc-insurance.ca/static/css/2.461cb393.chunk.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 15 Dec 2020 23:32:47 GMT server ESF date Tue, 15 Dec 2020 23:44:24 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 15 Dec 2020 23:44:24 GMT
GET H2	200	analytics.min.js Show response cdn.segment.com/analytics.js/v1/pQBvzP5jquzXPzh2OlVbEmNGRtNKSlEm/	403 KB 79 KB	702ms 635ms	Script text/javascript	65.9.85.130 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/analytics.js/v1/pQBvzP5jquzXPzh2OlVbEmNGRtNKSlEm/analytics.min.js Requested by Host: apply.nbc-insurance.ca URL: https://apply.nbc-insurance.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.85.130 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 55183ca7a4bc8f87d3af3bef04164953bd335f0a1315adb6c4f9b14095e2e6a6 Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 15 Dec 2020 23:44:26 GMT content-encoding gzip x-amz-cf-pop AMS1-C1 x-cache Miss from cloudfront x-amz-replication-status COMPLETED content-length 80672 access-control-allow-origin * last-modified Tue, 15 Dec 2020 03:31:59 GMT server AmazonS3 etag "16bae381e2a13324d413374e8dbbb7e2" access-control-max-age 3000 access-control-allow-methods GET, HEAD x-amz-version-id TL8a1Ron9u_VumsXfI3WfBeMTvUEz_PI via 1.1 8da78542dac6b4328eb443200c30bbff.cloudfront.net (CloudFront) cache-control public, max-age=300 accept-ranges bytes content-type text/javascript; charset=utf-8 x-amz-cf-id Rsxvsdb6j42Ah5aX32QTwhZcsW-n7h0Vw8FYKTo-ISQ7VTwmq0mtGw==
GET H2	200	satellite-58f7c0ca64746d6b6b0031b4.html assets.adobedtm.com/58a1d39ae7dbd9ad6d68fd7a2e33a92917d9261c/scripts/ Frame ECB3	0 0	18ms 17ms	Document text/html	2a02:26f0:6c00:28a::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/58a1d39ae7dbd9ad6d68fd7a2e33a92917d9261c/scripts/satellite-58f7c0ca64746d6b6b0031b4.html Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/58a1d39ae7dbd9ad6d68fd7a2e33a92917d9261c/satelliteLib-23f9eeb04eeb4bd02e31d36e3ed3825c4d8105ae.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:28a::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS Software AkamaiNetStorage / Resource Hash Request headers :method GET :authority assets.adobedtm.com :scheme https :path /58a1d39ae7dbd9ad6d68fd7a2e33a92917d9261c/scripts/satellite-58f7c0ca64746d6b6b0031b4.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://apply.nbc-insurance.ca/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://apply.nbc-insurance.ca/ Response headers accept-ranges bytes content-type text/html etag "75924f3c22fd88327fd47aca758f06de:1590528476.876047" last-modified Tue, 26 May 2020 21:27:56 GMT server AkamaiNetStorage vary Accept-Encoding content-encoding gzip cache-control max-age=3600 expires Wed, 16 Dec 2020 00:44:24 GMT date Tue, 15 Dec 2020 23:44:24 GMT content-length 938 access-control-allow-origin https://apply.nbc-insurance.ca timing-allow-origin *
GET H2	200	satellite-5a72127364746d11b9000059.js Show response assets.adobedtm.com/58a1d39ae7dbd9ad6d68fd7a2e33a92917d9261c/scripts/	511 B 644 B	18ms 17ms	Script application/x-javascript	2a02:26f0:6c00:28a::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/58a1d39ae7dbd9ad6d68fd7a2e33a92917d9261c/scripts/satellite-5a72127364746d11b9000059.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/58a1d39ae7dbd9ad6d68fd7a2e33a92917d9261c/satelliteLib-23f9eeb04eeb4bd02e31d36e3ed3825c4d8105ae.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:28a::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS Software AkamaiNetStorage / Resource Hash 17da90b4538f92626a5f272f845b1a644826aa4afdb4acc446caf1c335455b6a Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 15 Dec 2020 23:44:24 GMT content-encoding gzip last-modified Tue, 26 May 2020 21:27:53 GMT server AkamaiNetStorage etag "109a05e6c6ef1fb901001b28e875d83c:1590528473.638693" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://apply.nbc-insurance.ca cache-control max-age=3600 accept-ranges bytes timing-allow-origin * content-length 374 expires Wed, 16 Dec 2020 00:44:24 GMT
GET H2	200	satellite-5a8c5e3f64746d1db00030d5.js Show response assets.adobedtm.com/58a1d39ae7dbd9ad6d68fd7a2e33a92917d9261c/scripts/	1 KB 1 KB	23ms 22ms	Script application/x-javascript	2a02:26f0:6c00:28a::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/58a1d39ae7dbd9ad6d68fd7a2e33a92917d9261c/scripts/satellite-5a8c5e3f64746d1db00030d5.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/58a1d39ae7dbd9ad6d68fd7a2e33a92917d9261c/satelliteLib-23f9eeb04eeb4bd02e31d36e3ed3825c4d8105ae.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:28a::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS Software AkamaiNetStorage / Resource Hash b7e7b9c8edd9913f4a98b98fbff4682dd449ef00bd3a86dcc0927d72adc186b7 Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 15 Dec 2020 23:44:24 GMT content-encoding gzip last-modified Tue, 26 May 2020 21:27:53 GMT server AkamaiNetStorage etag "c7543087ed4fdefda4a766885757e00d:1590528473.787223" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://apply.nbc-insurance.ca cache-control max-age=3600 accept-ranges bytes timing-allow-origin * content-length 803 expires Wed, 16 Dec 2020 00:44:24 GMT
GET H2	200	satellite-5ddedd5764746d6b9600aad8.js Show response assets.adobedtm.com/58a1d39ae7dbd9ad6d68fd7a2e33a92917d9261c/scripts/	100 B 377 B	24ms 23ms	Script application/x-javascript	2a02:26f0:6c00:28a::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/58a1d39ae7dbd9ad6d68fd7a2e33a92917d9261c/scripts/satellite-5ddedd5764746d6b9600aad8.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/58a1d39ae7dbd9ad6d68fd7a2e33a92917d9261c/satelliteLib-23f9eeb04eeb4bd02e31d36e3ed3825c4d8105ae.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:28a::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS Software AkamaiNetStorage / Resource Hash 2e329de0e0475a62506af99f796396397856330408813ca270bdfaf9d18fa5f2 Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 15 Dec 2020 23:44:24 GMT content-encoding gzip last-modified Tue, 26 May 2020 21:27:51 GMT server AkamaiNetStorage etag "5c8e3a813a10538c0676004dccdfc0f5:1590528471.715782" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://apply.nbc-insurance.ca cache-control max-age=3600 accept-ranges bytes timing-allow-origin * content-length 108 expires Wed, 16 Dec 2020 00:44:24 GMT
GET H2	200	s-code-contents-39790b10fad536a5c349627f2f41dc67e22759ac.js Show response assets.adobedtm.com/58a1d39ae7dbd9ad6d68fd7a2e33a92917d9261c/	208 KB 55 KB	34ms 33ms	Script application/x-javascript	2a02:26f0:6c00:28a::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/58a1d39ae7dbd9ad6d68fd7a2e33a92917d9261c/s-code-contents-39790b10fad536a5c349627f2f41dc67e22759ac.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/58a1d39ae7dbd9ad6d68fd7a2e33a92917d9261c/satelliteLib-23f9eeb04eeb4bd02e31d36e3ed3825c4d8105ae.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:28a::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS Software AkamaiNetStorage / Resource Hash abcfba06f845a74d9f7d76db8254d742846ac25fd6d2df27661ea71d4fcbba81 Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 15 Dec 2020 23:44:24 GMT content-encoding gzip last-modified Tue, 26 May 2020 21:27:47 GMT server AkamaiNetStorage etag "3d3c7bfe9d100b085085e0e0aedb1f93:1590528467.539852" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://apply.nbc-insurance.ca cache-control max-age=3600 accept-ranges bytes timing-allow-origin * expires Wed, 16 Dec 2020 00:44:24 GMT
GET H2	200	s-code-contents-52841e203e41014e54e2bc77566c405e9d87d237.js Show response assets.adobedtm.com/58a1d39ae7dbd9ad6d68fd7a2e33a92917d9261c/	76 KB 27 KB	26ms 26ms	Script application/x-javascript	2a02:26f0:6c00:28a::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/58a1d39ae7dbd9ad6d68fd7a2e33a92917d9261c/s-code-contents-52841e203e41014e54e2bc77566c405e9d87d237.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/58a1d39ae7dbd9ad6d68fd7a2e33a92917d9261c/satelliteLib-23f9eeb04eeb4bd02e31d36e3ed3825c4d8105ae.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:28a::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS Software AkamaiNetStorage / Resource Hash b8de8ac639fedbe6298c907ee5baceca9b0b271668d221391a4dc8aa889dce66 Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 15 Dec 2020 23:44:24 GMT content-encoding gzip last-modified Tue, 26 May 2020 21:27:49 GMT server AkamaiNetStorage etag "7a4d60f4aff5864d3f43df13f1637223:1590528469.364848" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://apply.nbc-insurance.ca cache-control max-age=3600 accept-ranges bytes timing-allow-origin * content-length 26913 expires Wed, 16 Dec 2020 00:44:24 GMT
POST H3-Q050	200	collect Show response www.google-analytics.com/j/	4 B 73 B	28ms 23ms	XHR text/plain	2a00:1450:4001:820::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j87&a=2014454096&t=pageview&_s=1&dl=https%3A%2F%2Fapply.nbc-insurance.ca%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Loading...&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAAC~&jid=1463138172&gjid=1880623294&cid=1329901490.1608075865&tid=UA-2595397-1&_gid=521652081.1608075865&_r=1&_slc=1&z=1012061419 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 15 Dec 2020 23:44:24 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://apply.nbc-insurance.ca cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	90 KB 24 KB	39ms 6ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/58a1d39ae7dbd9ad6d68fd7a2e33a92917d9261c/scripts/satellite-5a72127364746d11b9000059.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash d4762bbdf73408777dc886ffe61d98654a39456cc19284fcec395a56c54518e1 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c; content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 23366 x-xss-protection 0 pragma public x-fb-debug rzXVIQrhlOIU//Y8PF7LQuIE/T06wZ2/6I9suSzl5nv0fvJze4i3mtJ/gcxQ6Q/Ican3BtIM1DTilHAeMHSaxA== x-fb-trip-id 436667874 x-frame-options DENY date Tue, 15 Dec 2020 23:44:24 GMT strict-transport-security max-age=31536000; preload; includeSubDomains content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3-Q050	200	activityi;dc_pre=CNCMwrWV0e0CFbfIuwgdbkgBLA;src=5357220;type=bnc-d0;cat=bnc-d0;u1=;u2=;u3=;u4=en;u5=bna;u6=site;u7=personal;u8=;u9=nbc-insurance:landing-page;u10=;u11=;u12=;u13=;u14=;u19=nbc-insura... 5357220.fls.doubleclick.net/ Frame 3E0E Redirect Chain https://5357220.fls.doubleclick.net/activityi;src=5357220;type=bnc-d0;cat=bnc-d0;u1=;u2=;u3=;u4=en;u5=bna;u6=site;u7=personal;u8=;u9=nbc-insurance:landing-page;u10=;u11=;u12=;u13=;u14=;u19=nbc-insu... https://5357220.fls.doubleclick.net/activityi;dc_pre=CNCMwrWV0e0CFbfIuwgdbkgBLA;src=5357220;type=bnc-d0;cat=bnc-d0;u1=;u2=;u3=;u4=en;u5=bna;u6=site;u7=personal;u8=;u9=nbc-insurance:landing-page;u10...	0 0	199ms 97ms	Document text/html	172.217.23.102 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://5357220.fls.doubleclick.net/activityi;dc_pre=CNCMwrWV0e0CFbfIuwgdbkgBLA;src=5357220;type=bnc-d0;cat=bnc-d0;u1=;u2=;u3=;u4=en;u5=bna;u6=site;u7=personal;u8=;u9=nbc-insurance:landing-page;u10=;u11=;u12=;u13=;u14=;u19=nbc-insurance:landing-page;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1? Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/58a1d39ae7dbd9ad6d68fd7a2e33a92917d9261c/scripts/satellite-5a8c5e3f64746d1db00030d5.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 172.217.23.102 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil04s23-in-f6.1e100.net Software cafe / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=21600 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority 5357220.fls.doubleclick.net :scheme https :path /activityi;dc_pre=CNCMwrWV0e0CFbfIuwgdbkgBLA;src=5357220;type=bnc-d0;cat=bnc-d0;u1=;u2=;u3=;u4=en;u5=bna;u6=site;u7=personal;u8=;u9=nbc-insurance:landing-page;u10=;u11=;u12=;u13=;u14=;u19=nbc-insurance:landing-page;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1? pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://apply.nbc-insurance.ca/ accept-encoding gzip, deflate, br accept-language en-US cookie test_cookie=CheckForPermission Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://apply.nbc-insurance.ca/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin date Tue, 15 Dec 2020 23:44:24 GMT expires Tue, 15 Dec 2020 23:44:24 GMT cache-control private, max-age=0 strict-transport-security max-age=21600 content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip server cafe content-length 376 x-xss-protection 0 set-cookie IDE=AHWqTUkxrHWBUzxwabshmY8YtrcVHeJ86dwqwd67mo8V0PXyZcy5qYZ5VRqKBmJJ; expires=Thu, 15-Dec-2022 23:44:24 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" Redirect headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin date Tue, 15 Dec 2020 23:44:24 GMT pragma no-cache expires Fri, 01 Jan 1990 00:00:00 GMT cache-control no-cache, must-revalidate follow-only-when-prerender-shown 1 strict-transport-security max-age=21600 location https://5357220.fls.doubleclick.net/activityi;dc_pre=CNCMwrWV0e0CFbfIuwgdbkgBLA;src=5357220;type=bnc-d0;cat=bnc-d0;u1=;u2=;u3=;u4=en;u5=bna;u6=site;u7=personal;u8=;u9=nbc-insurance:landing-page;u10=;u11=;u12=;u13=;u14=;u19=nbc-insurance:landing-page;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1? content-type text/html; charset=UTF-8 x-content-type-options nosniff server cafe content-length 0 x-xss-protection 0 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-Q050	200	js Show response www.googletagmanager.com/gtag/	96 KB 38 KB	52ms 34ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=DC-9691230&l=cmPixel Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/58a1d39ae7dbd9ad6d68fd7a2e33a92917d9261c/satelliteLib-23f9eeb04eeb4bd02e31d36e3ed3825c4d8105ae.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 8846f66c9bb63872f1e0fecd10a9b31fe82188d18a5dc1816e7bcd3ee66a8536 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 15 Dec 2020 23:44:24 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 38968 x-xss-protection 0 last-modified Tue, 15 Dec 2020 21:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 15 Dec 2020 23:44:24 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 93 B	18ms 18ms	XHR text/plain	2a00:1450:400c:c0c::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-2595397-1&cid=1329901490.1608075865&jid=1463138172&gjid=1880623294&_gid=521652081.1608075865&_u=YGBACEAABAAAAC~&z=1706451588 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Tue, 15 Dec 2020 23:44:24 GMT content-type text/plain access-control-allow-origin https://apply.nbc-insurance.ca cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	activityi;dc_pre=CPmQxbWV0e0CFayFgwcdGVwJyw;src=8392723;type=pagev0;cat=pagev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=[SessionID] 8392723.fls.doubleclick.net/ Frame C288 Redirect Chain https://8392723.fls.doubleclick.net/activityi;src=8392723;type=pagev0;cat=pagev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=[SessionID]? https://8392723.fls.doubleclick.net/activityi;dc_pre=CPmQxbWV0e0CFayFgwcdGVwJyw;src=8392723;type=pagev0;cat=pagev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=[SessionID]?	0 0	116ms 79ms	Document text/html	216.58.208.38 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://8392723.fls.doubleclick.net/activityi;dc_pre=CPmQxbWV0e0CFayFgwcdGVwJyw;src=8392723;type=pagev0;cat=pagev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=[SessionID]? Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Z4C66S Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 216.58.208.38 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s12-in-f38.1e100.net Software cafe / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=21600 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority 8392723.fls.doubleclick.net :scheme https :path /activityi;dc_pre=CPmQxbWV0e0CFayFgwcdGVwJyw;src=8392723;type=pagev0;cat=pagev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=[SessionID]? pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://apply.nbc-insurance.ca/ accept-encoding gzip, deflate, br accept-language en-US cookie test_cookie=CheckForPermission Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://apply.nbc-insurance.ca/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin date Tue, 15 Dec 2020 23:44:24 GMT expires Tue, 15 Dec 2020 23:44:24 GMT cache-control private, max-age=0 strict-transport-security max-age=21600 content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip server cafe content-length 310 x-xss-protection 0 set-cookie IDE=AHWqTUkYT00L2w8sUK6mVE7w90HNJqPWCFYtx2d4aDkx7_pAh9HVcclMxrnenmB_; expires=Thu, 15-Dec-2022 23:44:24 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" Redirect headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin date Tue, 15 Dec 2020 23:44:24 GMT pragma no-cache expires Fri, 01 Jan 1990 00:00:00 GMT cache-control no-cache, must-revalidate follow-only-when-prerender-shown 1 strict-transport-security max-age=21600 location https://8392723.fls.doubleclick.net/activityi;dc_pre=CPmQxbWV0e0CFayFgwcdGVwJyw;src=8392723;type=pagev0;cat=pagev0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=[SessionID]? content-type text/html; charset=UTF-8 x-content-type-options nosniff server cafe content-length 0 x-xss-protection 0 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	1783130221942772 Show response connect.facebook.net/signals/config/	25 KB 8 KB	270ms 269ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1783130221942772?v=2.9.30&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash e279e2afe3b5d2326e0d14d4e9f01064a91f4d52345763d7008a4d179ccc9e62 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c; content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 x-xss-protection 0 pragma public x-fb-debug PJx8Q6AO5kpLybJjsZyWhTMyGxG1KKBvDMbclbFhBGe8Y0yYowHM8TAarN+SQIdPgbdguC5KEu6sPBbktCA1Zw== x-fb-trip-id 436667874 x-frame-options DENY cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" date Tue, 15 Dec 2020 23:44:24 GMT strict-transport-security max-age=31536000; preload; includeSubDomains report-to {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]} content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-content-id 837147450 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 107 B	17ms 16ms	Image image/gif	2a00:1450:4001:806::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-2595397-1&cid=1329901490.1608075865&jid=1463138172&_u=YGBACEAABAAAAC~&z=158234169 Requested by Host: apply.nbc-insurance.ca URL: https://apply.nbc-insurance.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Tue, 15 Dec 2020 23:44:24 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 107 B	18ms 17ms	Image image/gif	2a00:1450:4001:817::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-2595397-1&cid=1329901490.1608075865&jid=1463138172&_u=YGBACEAABAAAAC~&z=158234169 Requested by Host: apply.nbc-insurance.ca URL: https://apply.nbc-insurance.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Tue, 15 Dec 2020 23:44:24 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	js Show response www.googletagmanager.com/gtag/	96 KB 38 KB	16ms 16ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-870131889&l=cmPixel&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=DC-9691230&l=cmPixel Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash f52d0aa2c3c3dd0dfe5c1ee58a7200321e10cd7e8a93a9442ed68fc44ac340d7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 15 Dec 2020 23:44:24 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 38975 x-xss-protection 0 last-modified Tue, 15 Dec 2020 21:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 15 Dec 2020 23:44:24 GMT
GET H/1.1	200 OK	Cookie set dest5.html nationalbankofcanada.demdex.net/ Frame 63FE	0 0	245ms 43ms	Document text/html	18.202.27.117 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://nationalbankofcanada.demdex.net/dest5.html?d_nsid=0 Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/58a1d39ae7dbd9ad6d68fd7a2e33a92917d9261c/satelliteLib-23f9eeb04eeb4bd02e31d36e3ed3825c4d8105ae.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.202.27.117 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-202-27-117.eu-west-1.compute.amazonaws.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Host nationalbankofcanada.demdex.net Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://apply.nbc-insurance.ca/ Accept-Encoding gzip, deflate, br Accept-Language en-US Cookie demdex=13071634246463849883572973297223667329 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://apply.nbc-insurance.ca/ Response headers Accept-Ranges bytes Cache-Control max-age=21600 Content-Encoding gzip Content-Type text/html Expires Thu, 01 Jan 1970 00:00:00 GMT Last-Modified Wed, 25 Nov 2020 14:10:06 GMT P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Pragma no-cache Set-Cookie demdex=13071634246463849883572973297223667329;Path=/;Domain=.demdex.net;Expires=Sun, 13-Jun-2021 23:44:24 GMT;Max-Age=15552000;Secure;SameSite=None Strict-Transport-Security max-age=31536000; includeSubDomains Vary Accept-Encoding, User-Agent X-TID MstNb8IGQUY= Content-Length 2785 Connection keep-alive
GET H2	200	id Show response nationalbankofcanada.d2.sc.omtrdc.net/	2 B 323 B	197ms 66ms	XHR application/x-javascript	15.237.136.106 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://nationalbankofcanada.d2.sc.omtrdc.net/id?d_visid_ver=3.1.2&d_fieldgroup=A&mcorgid=1E24776A524450D90A490D44%40AdobeOrg&mid=20016790447713169204067135298631845733&ts=1608075864762 Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/58a1d39ae7dbd9ad6d68fd7a2e33a92917d9261c/satelliteLib-23f9eeb04eeb4bd02e31d36e3ed3825c4d8105ae.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 15.237.136.106 Paris, France, ASN16509 (AMAZON-02, US), Reverse DNS ec2-15-237-136-106.eu-west-3.compute.amazonaws.com Software jag / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Tue, 15 Dec 2020 23:44:24 GMT x-content-type-options nosniff server jag xserver anedge-f7bfdfcfd-jczbp vary Origin x-c master-1404.I1e61f9.M0-468 p3p CP="This is not a P3P policy" access-control-allow-origin https://apply.nbc-insurance.ca cache-control no-cache, no-store, max-age=0, no-transform, private access-control-allow-credentials true content-type application/x-javascript;charset=utf-8 content-length 2 x-xss-protection 1; mode=block
GET H/1.1	200 OK	ibs:dpid=411&dpuuid=X9lKWAAAACDDpB_U dpm.demdex.net/ Redirect Chain https://cm.everesttech.net/cm/dd?d_uuid=13071634246463849883572973297223667329 https://dpm.demdex.net/ibs:dpid=411&dpuuid=X9lKWAAAACDDpB_U	42 B 915 B	62ms 60ms	Image image/gif	34.250.65.236 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=411&dpuuid=X9lKWAAAACDDpB_U Requested by Host: apply.nbc-insurance.ca URL: https://apply.nbc-insurance.ca/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.250.65.236 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-250-65-236.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers DCS dcs-prod-irl1-v086-0dc4ece31.edge-irl1.demdex.com 5.80.1.20201111130852 0ms (+1ms) Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-TID 4Q5c2oGvSs0= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Type image/gif Content-Length 42 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Location https://dpm.demdex.net/ibs:dpid=411&dpuuid=X9lKWAAAACDDpB_U Date Tue, 15 Dec 2020 23:44:24 GMT Cache-Control no-cache Server AMO-cookiemap/1.1 Connection keep-alive Content-Length 0 P3P CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
GET H2	200	home-company-logo_en.505a84c3.png apply.nbc-insurance.ca/static/media/	61 KB 61 KB	127ms 125ms	Image image/png	35.203.11.179 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://apply.nbc-insurance.ca/static/media/home-company-logo_en.505a84c3.png Requested by Host: apply.nbc-insurance.ca URL: https://apply.nbc-insurance.ca/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.203.11.179 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 179.11.203.35.bc.googleusercontent.com Software nginx/1.17.10 / Express Resource Hash 6eb5fa7a6083e8a69b947ac0c6c6104d538a7ef1cd4515011374548e6e55074d Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 15 Dec 2020 23:44:25 GMT last-modified Tue, 06 Oct 2020 14:47:36 GMT server nginx/1.17.10 x-powered-by Express etag W/"f252-174fe61cb40" strict-transport-security max-age=15724800; includeSubDomains content-type image/png cache-control public, max-age=0 accept-ranges bytes content-length 62034
GET H2	200	headphones-customer-support.3105ab31.svg apply.nbc-insurance.ca/static/media/	949 B 748 B	128ms 126ms	Image image/svg+xml	35.203.11.179 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://apply.nbc-insurance.ca/static/media/headphones-customer-support.3105ab31.svg Requested by Host: apply.nbc-insurance.ca URL: https://apply.nbc-insurance.ca/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.203.11.179 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 179.11.203.35.bc.googleusercontent.com Software nginx/1.17.10 / Express Resource Hash ecdd3344822ac46f106751826997daac2cef139405685ee1d3436639efa8a92e Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 15 Dec 2020 23:44:25 GMT content-encoding gzip last-modified Tue, 06 Oct 2020 14:47:36 GMT server nginx/1.17.10 x-powered-by Express etag W/"1d7-174fe61cb40" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=0 strict-transport-security max-age=15724800; includeSubDomains accept-ranges bytes content-length 471
GET H2	200	arrow-right.6045641f.svg apply.nbc-insurance.ca/static/media/	1 KB 848 B	129ms 127ms	Image image/svg+xml	35.203.11.179 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://apply.nbc-insurance.ca/static/media/arrow-right.6045641f.svg Requested by Host: apply.nbc-insurance.ca URL: https://apply.nbc-insurance.ca/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.203.11.179 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 179.11.203.35.bc.googleusercontent.com Software nginx/1.17.10 / Express Resource Hash edf9b4b6f7554d1b096a4897af6a242ef4352a6e06bbc27e79ecf26e8bb7a057 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 15 Dec 2020 23:44:25 GMT content-encoding gzip last-modified Tue, 06 Oct 2020 14:47:36 GMT server nginx/1.17.10 x-powered-by Express etag W/"23b-174fe61cb40" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=0 strict-transport-security max-age=15724800; includeSubDomains accept-ranges bytes content-length 571
GET DATA	200 OK	truncated /	911 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d2531b005307d09fe82446cb4d19aaef078fe9ad2dfbee79dfc140c0dc193b02 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/png
GET H2	200	arrow.1e44e570.svg apply.nbc-insurance.ca/static/media/	388 B 549 B	129ms 128ms	Image image/svg+xml	35.203.11.179 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://apply.nbc-insurance.ca/static/media/arrow.1e44e570.svg Requested by Host: apply.nbc-insurance.ca URL: https://apply.nbc-insurance.ca/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.203.11.179 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 179.11.203.35.bc.googleusercontent.com Software nginx/1.17.10 / Express Resource Hash 8c87da2ffec8125653fb9c8a53ad128133f458998b13936cf876f45b7e7747f2 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 15 Dec 2020 23:44:25 GMT content-encoding gzip last-modified Tue, 06 Oct 2020 14:47:36 GMT server nginx/1.17.10 x-powered-by Express etag W/"110-174fe61cb40" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=0 strict-transport-security max-age=15724800; includeSubDomains accept-ranges bytes content-length 272
GET DATA	200 OK	truncated /	1 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c182e3eb7819ba1418974b63c4ea656c1fb619cb2ae13fa99453dea7fc1682ef Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	1 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7bb2bdb8399925961cca0a432a1a247d76b35b055c7f2276805cdd49c2e6b750 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/png
GET H2	200	famille-heros.76d4d5d5.jpg apply.nbc-insurance.ca/static/media/	167 KB 168 KB	129ms 128ms	Image image/jpeg	35.203.11.179 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://apply.nbc-insurance.ca/static/media/famille-heros.76d4d5d5.jpg Requested by Host: apply.nbc-insurance.ca URL: https://apply.nbc-insurance.ca/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.203.11.179 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 179.11.203.35.bc.googleusercontent.com Software nginx/1.17.10 / Express Resource Hash eb388818ee57656a557473387cf791e4fdf3071f25061e8c1dec589011e2931b Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 15 Dec 2020 23:44:25 GMT last-modified Tue, 06 Oct 2020 14:47:36 GMT server nginx/1.17.10 x-powered-by Express etag W/"29bba-174fe61cb40" strict-transport-security max-age=15724800; includeSubDomains content-type image/jpeg cache-control public, max-age=0 accept-ranges bytes content-length 170938
GET DATA	200 OK	truncated /	902 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e057636e683a54eb804483da9290e4021fcfa064bda5be975569e3168a0b8ba7 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	1 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 020dea12f80ab0775627e8b7914721f9b8cb22ad34543b0362315b7370fa6d51 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	2 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash badf404688753b4ac17ef40a86b28efacbe58f20c1207b2933c567e92b1fc656 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/png
GET H2	200	home-background-desktop.4abdfd74.jpg apply.nbc-insurance.ca/static/media/	202 KB 203 KB	246ms 245ms	Image image/jpeg	35.203.11.179 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://apply.nbc-insurance.ca/static/media/home-background-desktop.4abdfd74.jpg Requested by Host: apply.nbc-insurance.ca URL: https://apply.nbc-insurance.ca/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.203.11.179 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 179.11.203.35.bc.googleusercontent.com Software nginx/1.17.10 / Express Resource Hash 449fe094b2c8f40f9300c363ec802b4cd931f82d8b56bd3da3d64e4fea92ee8d Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 15 Dec 2020 23:44:25 GMT last-modified Tue, 06 Oct 2020 14:47:36 GMT server nginx/1.17.10 x-powered-by Express etag W/"3297d-174fe61cb40" strict-transport-security max-age=15724800; includeSubDomains content-type image/jpeg cache-control public, max-age=0 accept-ranges bytes content-length 207229
GET H2	200	Korolev-Bold.f4e70f52.woff2 apply.nbc-insurance.ca/static/media/	17 KB 18 KB	244ms 243ms	Font font/woff2	35.203.11.179 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apply.nbc-insurance.ca/static/media/Korolev-Bold.f4e70f52.woff2 Requested by Host: apply.nbc-insurance.ca URL: https://apply.nbc-insurance.ca/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.203.11.179 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 179.11.203.35.bc.googleusercontent.com Software nginx/1.17.10 / Express Resource Hash b79e154fe926a54bd6c28fef3085e5bbe012500dccf4725838ece9673f69b824 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Origin https://apply.nbc-insurance.ca Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 15 Dec 2020 23:44:25 GMT last-modified Tue, 06 Oct 2020 14:47:36 GMT server nginx/1.17.10 x-powered-by Express etag W/"4500-174fe61cb40" strict-transport-security max-age=15724800; includeSubDomains content-type font/woff2 cache-control public, max-age=0 accept-ranges bytes content-length 17664
GET DATA	200 OK	truncated /	1 KB 1 KB		Font application/font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7cfc4cec708b3ef2763009b293e7b21286f9e8e3e833486c9346653f3c64b4d1 Request headers Origin https://apply.nbc-insurance.ca Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type application/font-woff;charset=utf-8
GET H2	200	Korolev-Medium.7908c08c.woff2 apply.nbc-insurance.ca/static/media/	17 KB 17 KB	256ms 255ms	Font font/woff2	35.203.11.179 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apply.nbc-insurance.ca/static/media/Korolev-Medium.7908c08c.woff2 Requested by Host: apply.nbc-insurance.ca URL: https://apply.nbc-insurance.ca/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.203.11.179 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 179.11.203.35.bc.googleusercontent.com Software nginx/1.17.10 / Express Resource Hash c598f02b17d8faa93291d329176625fa7a4e7c1900c44d5b9d45941b752433f5 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Origin https://apply.nbc-insurance.ca Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 15 Dec 2020 23:44:25 GMT last-modified Tue, 06 Oct 2020 14:47:36 GMT server nginx/1.17.10 x-powered-by Express etag W/"4404-174fe61cb40" strict-transport-security max-age=15724800; includeSubDomains content-type font/woff2 cache-control public, max-age=0 accept-ranges bytes content-length 17412
GET H2	200	S6uyw4BMUTPHjx4wXiWtFCc.woff2 fonts.gstatic.com/s/lato/v17/	14 KB 14 KB	10ms 9ms	Font font/woff2	2a00:1450:4001:825::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXiWtFCc.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://apply.nbc-insurance.ca Referer https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 09 Dec 2020 18:04:14 GMT x-content-type-options nosniff last-modified Tue, 15 Sep 2020 18:12:59 GMT server sffe age 538811 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14044 x-xss-protection 0 expires Thu, 09 Dec 2021 18:04:14 GMT
GET H2	200	json Show response nationalbankofcanada.tt.omtrdc.net/m2/nationalbankofcanada/mbox/	96 B 756 B	248ms 99ms	XHR application/json	34.241.211.108 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://nationalbankofcanada.tt.omtrdc.net/m2/nationalbankofcanada/mbox/json?mbox=target-global-mbox&mboxSession=8c87bbd46aae47238938beb79ccc6bef&mboxPC=&mboxPage=0ac64384ecb046b6a9f6bfdec6bcd5ee&mboxVersion=1.2.2&mboxCount=1&mboxTime=1608079466303&mboxHost=apply.nbc-insurance.ca&mboxURL=https%3A%2F%2Fapply.nbc-insurance.ca%2F&mboxReferrer=&mboxXDomain=enabled&browserHeight=1200&browserWidth=1600&browserTimeOffset=60&screenHeight=1200&screenWidth=1600&colorDepth=24&mboxMCGVID=20016790447713169204067135298631845733&mboxAAMB=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&mboxMCAVID=&mboxMCGLH=6&vst.trk=nationalbankofcanada.d2.sc.omtrdc.net&mboxMCSDID=2F21D9D80D78E9A5-035B355F74FB20BD&at_property=ef8ddf0c-9bd7-f8ce-8cf0-609dc4a64c00 Requested by Host: apply.nbc-insurance.ca URL: https://apply.nbc-insurance.ca/static/js/2.07ce6a45.chunk.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.241.211.108 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-241-211-108.eu-west-1.compute.amazonaws.com Software / Resource Hash b4350269ed26a5fb8da17ff648e917575f48c3f641bf57a67ad27725b5c8868d Request headers Accept application/json Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Tue, 15 Dec 2020 23:44:26 GMT content-type application/json;charset=UTF-8 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers p3p CP="NOI DSP CURa OUR STP COM" access-control-allow-origin https://apply.nbc-insurance.ca cache-control no-cache access-control-allow-credentials true timing-allow-origin * content-length 96 x-request-id 689d415cf2e6b2ec443a57b227af5916
GET H2	200	s56088897079316 Show response nationalbankofcanada.d2.sc.omtrdc.net/b/ss/nbcabnaproduction/10/JS-2.6.0-D7QN/	5 KB 5 KB	67ms 61ms	Script application/x-javascript	15.237.136.106 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://nationalbankofcanada.d2.sc.omtrdc.net/b/ss/nbcabnaproduction/10/JS-2.6.0-D7QN/s56088897079316?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=16%2F11%2F2020%200%3A44%3A26%203%20-60&d.&nsid=0&jsonv=1&.d&sdid=2F21D9D80D78E9A5-035B355F74FB20BD&D=D%3D&mid=20016790447713169204067135298631845733&aamlh=6&ce=UTF-8&ns=nationalbankofcanada&cdp=2&fpCookieDomainPeriods=2&pageName=nbc-insurance%3Alanding-page&g=https%3A%2F%2Fapply.nbc-insurance.ca%2F&ch=nbc-insurance%3Alanding-page&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=D%3Dv1&v1=landing-page&c2=D%3Dv2&c3=D%3Dv3&c4=D%3Dv4&c5=D%3Dv5&v5=nbc-insurance%3Alanding-page&c7=D%3Dv7&v7=https%3A%2F%2Fapply.nbc-insurance.ca%2F&c8=D%3Dv8&v8=en&c11=D%3Dv11&v11=12%3A30am&c12=D%3Dv12&v12=wednesday&c54=D%3Dv54&v54=apply.nbc-insurance.ca&c55=D%3Dv55&v55=nbc-insurance%3Alanding-page&c56=D%3Dv56&c75=D%3Dv75&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=1E24776A524450D90A490D44%40AdobeOrg&AQE=1 Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/58a1d39ae7dbd9ad6d68fd7a2e33a92917d9261c/s-code-contents-52841e203e41014e54e2bc77566c405e9d87d237.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 15.237.136.106 Paris, France, ASN16509 (AMAZON-02, US), Reverse DNS ec2-15-237-136-106.eu-west-3.compute.amazonaws.com Software jag / Resource Hash 0b8d09d552ae2f52b94551cf2b239b5caacea56313eb7ac24b20b7adb69c01e8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-aam-tid ChMlV1ygScw= date Tue, 15 Dec 2020 23:44:26 GMT x-content-type-options nosniff x-c master-1404.I1e61f9.M0-468 p3p CP="This is not a P3P policy" content-length 5334 x-xss-protection 1; mode=block dcs dcs-prod-irl1-v086-08b9c1b58.edge-irl1.demdex.com 5.80.1.20201111130852 10ms (+0ms) pragma no-cache last-modified Wed, 16 Dec 2020 23:44:26 GMT server jag xserver anedge-f7bfdfcfd-xwzfj etag 3453316627063734272-4621796598698434426 vary * content-type application/x-javascript;charset=utf-8 access-control-allow-origin * cache-control no-cache, no-store, max-age=0, no-transform, private expires Mon, 14 Dec 2020 23:44:26 GMT
GET H3-Q050	200	conversion_async.js Show response www.googleadservices.com/pagead/	30 KB 12 KB	16ms 15ms	Script text/javascript	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion_async.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-870131889&l=cmPixel&cx=c Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e1ec254792b6fe5cb168d2ce9cb1e35d15311d3b357b305a95cbfb12552477d0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 15 Dec 2020 23:44:26 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 12175 x-xss-protection 0 server cafe etag 17536051821503146167 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Tue, 15 Dec 2020 23:44:26 GMT
GET H2	200	s56020117939625 ingcanada.112.2o7.net/b/ss/intactbnagprod/1/JS-1.5.3/ Redirect Chain https://ingcanada.112.2o7.net/b/ss/intactbnagprod/1/JS-1.5.3/s56020117939625?AQB=1&ndh=1&pf=1&t=16%2F11%2F2020%200%3A44%3A26%203%20-60&fid=5B9FE725F5397144-02958AEB701729C2&ce=UTF-8&ns=ingcanada&cd... https://ingcanada.112.2o7.net/b/ss/intactbnagprod/1/JS-1.5.3/s56020117939625?AQB=1&pccr=true&vidn=2FECA52D0515AB44-40000943B60A5514&ndh=1&pf=1&t=16%2F11%2F2020%200%3A44%3A26%203%20-60&fid=5B9FE725F...	43 B 292 B	32ms 31ms	Image image/gif	15.237.76.117 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ingcanada.112.2o7.net/b/ss/intactbnagprod/1/JS-1.5.3/s56020117939625?AQB=1&pccr=true&vidn=2FECA52D0515AB44-40000943B60A5514&ndh=1&pf=1&t=16%2F11%2F2020%200%3A44%3A26%203%20-60&fid=5B9FE725F5397144-02958AEB701729C2&ce=UTF-8&ns=ingcanada&cdp=2&pageName=nb%3A&g=https%3A%2F%2Fapply.nbc-insurance.ca%2F&cc=CAD&server=apply.nbc-insurance.ca&events=event7&h1=D%3DpageName&c7=no%20province%20specified&v7=D%3Dc7&c8=tuesday-6%3A44pm&v8=D%3Dc8&v9=D%3Dc13&c13=no%20language%20specified&c31=new%7Cfirst%20visit%7C1&c34=anonymous%7Canonymous&c39=D%3Dg&c40=D%3DpageName%2B%22%28%22%2Bc13%2B%22%29%22&v40=D%3Dg&c41=D%3DpageName%2B%22%28%22%2Bc7%2B%22%29%22&v41=D%3Dc31&v44=D%3Dc34&c50=ATM%2F_bda%5B2.25%3AND%3A2015-05-05%5D%2Fmap%5B1.7%3AWY%3A2017-02-21%5D&v50=D%3DpageName&v51=D%3DpageName&v55=D%3Dc55&v61=typed%2Fbookmarked&v63=typed%2Fbookmarked&v65=D%3Dv64&v67=typed%2Fbookmarked&v68=D%3Dv67&v69=typed%2Fbookmarked&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1 Requested by Host: apply.nbc-insurance.ca URL: https://apply.nbc-insurance.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 15.237.76.117 Paris, France, ASN16509 (AMAZON-02, US), Reverse DNS ec2-15-237-76-117.eu-west-3.compute.amazonaws.com Software jag / Resource Hash a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 15 Dec 2020 23:44:26 GMT x-content-type-options nosniff x-c master-1404.I1e61f9.M0-468 p3p CP="This is not a P3P policy" content-length 43 x-xss-protection 1; mode=block pragma no-cache last-modified Wed, 16 Dec 2020 23:44:26 GMT server jag xserver anedge-f7bfdfcfd-zhkkx etag 3453316627063734272-4621864209217701502 vary * content-type image/gif;charset=utf-8 access-control-allow-origin * cache-control no-cache, no-store, max-age=0, no-transform, private expires Mon, 14 Dec 2020 23:44:26 GMT Redirect headers pragma no-cache date Tue, 15 Dec 2020 23:44:26 GMT x-content-type-options nosniff last-modified Wed, 16 Dec 2020 23:44:26 GMT server jag access-control-allow-origin * xserver anedge-f7bfdfcfd-2nnf6 x-c master-1404.I1e61f9.M0-468 p3p CP="This is not a P3P policy" location https://ingcanada.112.2o7.net/b/ss/intactbnagprod/1/JS-1.5.3/s56020117939625?AQB=1&pccr=true&vidn=2FECA52D0515AB44-40000943B60A5514&ndh=1&pf=1&t=16%2F11%2F2020%200%3A44%3A26%203%20-60&fid=5B9FE725F5397144-02958AEB701729C2&ce=UTF-8&ns=ingcanada&cdp=2&pageName=nb%3A&g=https%3A%2F%2Fapply.nbc-insurance.ca%2F&cc=CAD&server=apply.nbc-insurance.ca&events=event7&h1=D%3DpageName&c7=no%20province%20specified&v7=D%3Dc7&c8=tuesday-6%3A44pm&v8=D%3Dc8&v9=D%3Dc13&c13=no%20language%20specified&c31=new%7Cfirst%20visit%7C1&c34=anonymous%7Canonymous&c39=D%3Dg&c40=D%3DpageName%2B%22%28%22%2Bc13%2B%22%29%22&v40=D%3Dg&c41=D%3DpageName%2B%22%28%22%2Bc7%2B%22%29%22&v41=D%3Dc31&v44=D%3Dc34&c50=ATM%2F_bda%5B2.25%3AND%3A2015-05-05%5D%2Fmap%5B1.7%3AWY%3A2017-02-21%5D&v50=D%3DpageName&v51=D%3DpageName&v55=D%3Dc55&v61=typed%2Fbookmarked&v63=typed%2Fbookmarked&v65=D%3Dv64&v67=typed%2Fbookmarked&v68=D%3Dv67&v69=typed%2Fbookmarked&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1 cache-control no-cache, no-store, max-age=0, no-transform, private content-type text/plain;charset=utf-8 content-length 0 x-xss-protection 1; mode=block expires Mon, 14 Dec 2020 23:44:26 GMT
GET H2	200	/ www.facebook.com/tr/	44 B 257 B	6ms 6ms	Image image/gif	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1783130221942772&ev=PageView&dl=https%3A%2F%2Fapply.nbc-insurance.ca%2F&rl=&if=false&ts=1608075866569&sw=1600&sh=1200&v=2.9.30&r=stable&ec=0&o=28&fbp=fb.1.1608075866562.1102844653&it=1608075864690&coo=false&rqm=GET Requested by Host: apply.nbc-insurance.ca URL: https://apply.nbc-insurance.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 15 Dec 2020 23:44:26 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 44 expires Tue, 15 Dec 2020 23:44:26 GMT
GET H3-Q050	200	linkid.js Show response www.google-analytics.com/plugins/ua/	2 KB 1001 B	6ms 6ms	Script text/javascript	2a00:1450:4001:820::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/plugins/ua/linkid.js Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 15 Dec 2020 23:08:21 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe age 2165 vary Accept-Encoding content-type text/javascript cache-control public, max-age=3600 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 859 x-xss-protection 0 expires Wed, 16 Dec 2020 00:08:21 GMT
GET H2	200	315469978858251 Show response connect.facebook.net/signals/config/	25 KB 7 KB	59ms 59ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/315469978858251?v=2.9.30&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash a0c5b46bdf1bc61dee7b2de89978afcc71eaf458bfa07cbaabffef7542c28db5 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c; content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 x-xss-protection 0 pragma public x-fb-debug S/Ochn68uLNR4d1dvCUVb7GnotugkF/hxcJCV/nN+kqiHrSP2WZWLDHEf2ettkEBUjgtIhTvap6K7cESRvyePA== x-fb-trip-id 436667874 x-frame-options DENY cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" date Tue, 15 Dec 2020 23:44:26 GMT strict-transport-security max-age=31536000; preload; includeSubDomains report-to {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]} content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-content-id 414786422 expires Sat, 01 Jan 2000 00:00:00 GMT
POST H2	200	p Show response api.segment.io/v1/	21 B 147 B	647ms 198ms	XHR application/json	54.68.60.138 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.segment.io/v1/p Requested by Host: apply.nbc-insurance.ca URL: https://apply.nbc-insurance.ca/static/js/2.07ce6a45.chunk.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.68.60.138 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-68-60-138.us-west-2.compute.amazonaws.com Software / Resource Hash 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254 Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://apply.nbc-insurance.ca date Tue, 15 Dec 2020 23:44:27 GMT content-length 21 vary Origin content-type application/json
GET H3-Q050	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/870131889/	2 KB 1 KB	72ms 72ms	Script text/javascript	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/870131889/?random=1608075866787&cv=9&fst=1608075866787&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fapply.nbc-insurance.ca%2F&tiba=Term%20Life%20Insurance%20%7C%20National%20Bank%20Insurance&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 221add3523423763a5b53d1197591de50beec85702fca547329a89cf389a8368 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Tue, 15 Dec 2020 23:44:26 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 1047 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	amplitude-5.2.2-min.gz.js Show response cdn.amplitude.com/libs/	54 KB 18 KB	168ms 92ms	Script application/javascript	143.204.214.148 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.amplitude.com/libs/amplitude-5.2.2-min.gz.js Requested by Host: cdn.segment.com URL: https://cdn.segment.com/analytics.js/v1/pQBvzP5jquzXPzh2OlVbEmNGRtNKSlEm/analytics.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.214.148 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-214-148.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash 2173f130ca59dc5554498343432f02f92ecce45c4f9381ea12b203a2978f33d4 Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 25 Nov 2020 03:10:03 GMT content-encoding gzip age 1802063 x-cache Hit from cloudfront content-length 17889 access-control-allow-origin * last-modified Mon, 21 Oct 2019 15:45:34 GMT server AmazonS3 etag "b568e7b3c9d94da6a1d4845b18400f7a" x-amz-version-id aZB1RIRJqET7nosqRtOBVideRuh0jIV6 via 1.1 c5c25772c7f14e267596e0f8ce51d9bc.cloudfront.net (CloudFront) cache-control max-age=31536000 x-amz-cf-pop FRA53-C1 accept-ranges bytes content-type application/javascript x-amz-cf-id GY_AfwuGHn4ReeKjaN7FGn4g9Ejkweof-eF62sCVwHbPlj_GEMW7EQ==
GET H/1.1	200 OK	roundtrip.js Show response s.adroll.com/j/	40 KB 13 KB	166ms 90ms	Script text/javascript	2.18.233.40 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/j/roundtrip.js Requested by Host: cdn.segment.com URL: https://cdn.segment.com/analytics.js/v1/pQBvzP5jquzXPzh2OlVbEmNGRtNKSlEm/analytics.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-233-40.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash c2cb2cc5345c71f30b0ce56069cfe0bdf65eb061228333d27ba0e7388748636a Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-amz-version-id eHeCFa11ZmebQv0hmrjMAs.eB.BPo.q4 Content-Encoding gzip ETag "0aed5b94bc26ce0fe9e58d25dd314418" x-amz-request-id A153E367E4F64E44 x-amz-server-side-encryption AES256 Connection keep-alive Vary Accept-Encoding Content-Length 12695 x-amz-id-2 1CcC1EKrieRTlAyvmM8I9czxbYiNWqUAlIg4XQoBWjKMxkmKs0MXuebcXJ5+1jv9UbHz74EL7Lo= Last-Modified Thu, 10 Dec 2020 18:09:34 GMT Server AmazonS3 Date Tue, 15 Dec 2020 23:44:26 GMT Access-Control-Max-Age 600 Access-Control-Allow-Methods GET Content-Type text/javascript Access-Control-Allow-Origin * Cache-Control max-age=3600, must-revalidate Access-Control-Allow-Credentials false Accept-Ranges bytes Access-Control-Allow-Headers *
GET H2	200	bat.js Show response bat.bing.com/	27 KB 9 KB	66ms 43ms	Script application/javascript	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/bat.js Requested by Host: cdn.segment.com URL: https://cdn.segment.com/analytics.js/v1/pQBvzP5jquzXPzh2OlVbEmNGRtNKSlEm/analytics.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515 Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 15 Dec 2020 23:44:26 GMT content-encoding gzip last-modified Tue, 20 Oct 2020 22:19:32 GMT x-msedge-ref Ref A: E5172FC8E15B4BAC95F23237D7A76C4B Ref B: FRAEDGE1414 Ref C: 2020-12-15T23:44:26Z etag "0b27f152fa7d61:0" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control private,max-age=1800 accept-ranges bytes content-length 8454
GET H2	200	/ cx.atdmt.com/ Redirect Chain https://www.facebook.com/tr/?id=1783130221942772&ev=PageView&dl=https%3A%2F%2Fapply.nbc-insurance.ca%2F&rl=&if=false&ts=1608075866809&sw=1600&sh=1200&v=2.9.30&r=stable&a=seg&ec=1&o=28&fbp=fb.1.1608... https://cx.atdmt.com/?c=14817184135660154719&f=AYyjPPfUJMW6mgoVSTZ42FYbVG9EoNSlbsNVmEWOLXsAs_V8G1JyIpdlvtz2kwmeAfRYkcM6-1b9aYPEVgDBN2q_&id=1783130221942772&l=3&v=0	43 B 636 B	142ms 89ms	Image image/gif	2a03:2880:f02d:5:face:b00c:0:8c FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://cx.atdmt.com/?c=14817184135660154719&f=AYyjPPfUJMW6mgoVSTZ42FYbVG9EoNSlbsNVmEWOLXsAs_V8G1JyIpdlvtz2kwmeAfRYkcM6-1b9aYPEVgDBN2q_&id=1783130221942772&l=3&v=0 Requested by Host: apply.nbc-insurance.ca URL: https://apply.nbc-insurance.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f02d:5:face:b00c:0:8c , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma public x-fb-debug PLYgCinJBgCjW2Xu7Kz7PTg+zgwDVofa3Zy1stDy2Fz9TYpKTpujjcfBANx+8WJjz2kPadapI3CalrLNYwiF/Q== content-encoding br x-content-type-options nosniff cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" date Tue, 15 Dec 2020 15:44:26 PST x-frame-options DENY report-to {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]} content-type image/gif cache-control public, max-age=0 cross-origin-resource-policy cross-origin vary Accept-Encoding expires Tue, 15 Dec 2020 15:44:26 PST Redirect headers pragma no-cache date Tue, 15 Dec 2020 23:44:26 GMT server proxygen-bolt content-type text/plain location https://cx.atdmt.com/?c=14817184135660154719&f=AYyjPPfUJMW6mgoVSTZ42FYbVG9EoNSlbsNVmEWOLXsAs_V8G1JyIpdlvtz2kwmeAfRYkcM6-1b9aYPEVgDBN2q_&id=1783130221942772&l=3&v=0 cache-control no-cache, no-store, must-revalidate alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 0 expires 0
GET H2	200	/ www.facebook.com/tr/	44 B 101 B	7ms 6ms	Image image/gif	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=315469978858251&ev=PageView&dl=https%3A%2F%2Fapply.nbc-insurance.ca%2F&rl=&if=false&ts=1608075866810&sw=1600&sh=1200&v=2.9.30&r=stable&a=seg&ec=0&o=28&fbp=fb.1.1608075866562.1102844653&it=1608075864690&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET Requested by Host: apply.nbc-insurance.ca URL: https://apply.nbc-insurance.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 15 Dec 2020 23:44:26 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 44 expires Tue, 15 Dec 2020 23:44:26 GMT
GET H3-Q050	200	collect www.google-analytics.com/	35 B 109 B	8ms 7ms	Image image/gif	2a00:1450:4001:820::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j87&a=2014454096&t=pageview&_s=2&dl=https%3A%2F%2Fapply.nbc-insurance.ca%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Term%20Life%20Insurance%20%7C%20National%20Bank%20Insurance&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAiEAjBAAAAC~&jid=&gjid=&cid=1329901490.1608075865&tid=UA-2595397-1&_gid=521652081.1608075865&z=333541189 Requested by Host: apply.nbc-insurance.ca URL: https://apply.nbc-insurance.ca/ Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Tue, 15 Dec 2020 15:18:50 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 30336 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	/ Show response www.googleadservices.com/pagead/conversion/819651208/	2 KB 1 KB	42ms 41ms	Script text/javascript	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion/819651208/?random=1608075866813&cv=9&fst=1608075866813&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fapply.nbc-insurance.ca%2F&tiba=Term%20Life%20Insurance%20%7C%20National%20Bank%20Insurance&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 652301162f4408f9de1ca35dae9b41c89afd848210b31d852676bd8ed8eba0d2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Tue, 15 Dec 2020 23:44:26 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 1069 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/819651208/	2 KB 1 KB	51ms 50ms	Script text/javascript	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/819651208/?random=1608075866820&cv=9&fst=1608075866820&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&data=path%3D%2F%3Breferrer%3D%3Bsearch%3D%3Btitle%3DTerm%20Life%20Insurance%20%7C%20National%20Bank%20Insurance%3Burl%3Dhttps%3A%2F%2Fapply.nbc-insurance.ca%2F&frm=0&url=https%3A%2F%2Fapply.nbc-insurance.ca%2F&tiba=Term%20Life%20Insurance%20%7C%20National%20Bank%20Insurance&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4f95b9bdfbad48776d37defb17a4b5ad19ac74fb1aad46c778c3842ea5a1da84 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Tue, 15 Dec 2020 23:44:26 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 1056 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	/ www.google.de/pagead/1p-conversion/819651208/ Redirect Chain https://googleads.g.doubleclick.net/pagead/viewthroughconversion/819651208/?random=227185916&cv=9&fst=1608075866813&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24... https://www.google.com/pagead/1p-conversion/819651208/?random=227185916&cv=9&fst=1608075866813&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_ja... https://www.google.de/pagead/1p-conversion/819651208/?random=227185916&cv=9&fst=1608075866813&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_jav...	42 B 89 B	70ms 70ms	Image image/gif	2a00:1450:4001:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-conversion/819651208/?random=227185916&cv=9&fst=1608075866813&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fapply.nbc-insurance.ca%2F&tiba=Term%20Life%20Insurance%20%7C%20National%20Bank%20Insurance&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=WkrZX-TGMo2I3wOS05aACw&cid=CAQSKQCNIrLMt347PVC-yn8Fn80bLoQSwEuuRLDoBY8cnWgabO7f1CWCSKNF&random=792797542&resp=GooglemKTybQhCsO&ipr=y Requested by Host: apply.nbc-insurance.ca URL: https://apply.nbc-insurance.ca/ Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Tue, 15 Dec 2020 23:44:27 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Tue, 15 Dec 2020 23:44:27 GMT x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/gif location https://www.google.de/pagead/1p-conversion/819651208/?random=227185916&cv=9&fst=1608075866813&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fapply.nbc-insurance.ca%2F&tiba=Term%20Life%20Insurance%20%7C%20National%20Bank%20Insurance&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=WkrZX-TGMo2I3wOS05aACw&cid=CAQSKQCNIrLMt347PVC-yn8Fn80bLoQSwEuuRLDoBY8cnWgabO7f1CWCSKNF&random=792797542&resp=GooglemKTybQhCsO&ipr=y cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	/ www.google.com/pagead/1p-user-list/870131889/	42 B 89 B	22ms 18ms	Image image/gif	2a00:1450:4001:814::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/870131889/?random=1608075866787&cv=9&fst=1608073200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fapply.nbc-insurance.ca%2F&tiba=Term%20Life%20Insurance%20%7C%20National%20Bank%20Insurance&async=1&fmt=3&is_vtc=1&random=2635767955&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Requested by Host: apply.nbc-insurance.ca URL: https://apply.nbc-insurance.ca/ Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Tue, 15 Dec 2020 23:44:26 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	/ www.google.de/pagead/1p-user-list/870131889/	42 B 89 B	23ms 19ms	Image image/gif	2a00:1450:4001:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/870131889/?random=1608075866787&cv=9&fst=1608073200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fapply.nbc-insurance.ca%2F&tiba=Term%20Life%20Insurance%20%7C%20National%20Bank%20Insurance&async=1&fmt=3&is_vtc=1&random=2635767955&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Requested by Host: apply.nbc-insurance.ca URL: https://apply.nbc-insurance.ca/ Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Tue, 15 Dec 2020 23:44:26 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	0 bat.bing.com/action/	0 148 B	84ms 83ms	Image text/plain	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=28000217&Ver=2&mid=6d28f48e-c3b6-4179-9e3e-a6f526fd7bbe&sid=77acf2303f2f11ebaf829d1433cbd68d&vid=77ad0cc03f2f11eba13e3bc0af10e7b5&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Term%20Life%20Insurance%20%7C%20National%20Bank%20Insurance&p=https%3A%2F%2Fapply.nbc-insurance.ca%2F&r=&lt=2822&evt=pageLoad&msclkid=N&sv=1&rn=510157 Requested by Host: apply.nbc-insurance.ca URL: https://apply.nbc-insurance.ca/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers access-control-allow-origin * pragma no-cache date Tue, 15 Dec 2020 23:44:26 GMT cache-control no-cache, must-revalidate x-msedge-ref Ref A: 5DE4A613AC10493C825A738352EF952D Ref B: FRAEDGE1414 Ref C: 2020-12-15T23:44:26Z expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	/ www.google.com/pagead/1p-user-list/819651208/	42 B 66 B	80ms 80ms	Image image/gif	2a00:1450:4001:814::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/819651208/?random=1608075866820&cv=9&fst=1608073200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=path%3D%2F%3Breferrer%3D%3Bsearch%3D%3Btitle%3DTerm%20Life%20Insurance%20%7C%20National%20Bank%20Insurance%3Burl%3Dhttps%3A%2F%2Fapply.nbc-insurance.ca%2F&frm=0&url=https%3A%2F%2Fapply.nbc-insurance.ca%2F&tiba=Term%20Life%20Insurance%20%7C%20National%20Bank%20Insurance&async=1&fmt=3&is_vtc=1&random=1674827304&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Requested by Host: apply.nbc-insurance.ca URL: https://apply.nbc-insurance.ca/ Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Tue, 15 Dec 2020 23:44:26 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	/ www.google.de/pagead/1p-user-list/819651208/	42 B 66 B	81ms 80ms	Image image/gif	2a00:1450:4001:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/819651208/?random=1608075866820&cv=9&fst=1608073200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=path%3D%2F%3Breferrer%3D%3Bsearch%3D%3Btitle%3DTerm%20Life%20Insurance%20%7C%20National%20Bank%20Insurance%3Burl%3Dhttps%3A%2F%2Fapply.nbc-insurance.ca%2F&frm=0&url=https%3A%2F%2Fapply.nbc-insurance.ca%2F&tiba=Term%20Life%20Insurance%20%7C%20National%20Bank%20Insurance&async=1&fmt=3&is_vtc=1&random=1674827304&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Requested by Host: apply.nbc-insurance.ca URL: https://apply.nbc-insurance.ca/ Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Tue, 15 Dec 2020 23:44:26 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	/ Show response api.amplitude.com/	7 B 168 B	736ms 230ms	XHR text/html	52.88.251.52 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.amplitude.com/ Requested by Host: apply.nbc-insurance.ca URL: https://apply.nbc-insurance.ca/static/js/2.07ce6a45.chunk.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.88.251.52 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-88-251-52.us-west-2.compute.amazonaws.com Software / Resource Hash aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers access-control-allow-origin * date Tue, 15 Dec 2020 23:44:27 GMT content-length 7 strict-transport-security max-age=15768000 access-control-allow-methods GET, POST content-type text/html;charset=utf-8
GET H/1.1	200 OK	index.js Show response s.adroll.com/j/exp/ Redirect Chain https://s.adroll.com/j/exp/EX76L7I6JVDGRDLV4P2AMG/index.js https://s.adroll.com/j/exp/index.js	28 B 747 B	79ms 78ms	Script application/javascript	2.18.233.40 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/j/exp/index.js Requested by Host: apply.nbc-insurance.ca URL: https://apply.nbc-insurance.ca/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-233-40.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52 Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-amz-version-id NRd5BJy3mTVGILCcmBdUI4KKHh2sq935 Content-Encoding gzip ETag "5816cced8568d223aa09d889f300692b" x-amz-request-id 7W9WAWDN1PDJ9K6T x-amz-server-side-encryption AES256 Connection keep-alive Vary Accept-Encoding Content-Length 48 x-amz-id-2 NBvratIHE//44TPOypShMaCv/9QzRoRblXgrQhIlv+9B2ymzS7rKcZPf7Q+NJ4aV6oOIl9m1JcE= Last-Modified Wed, 02 Dec 2020 20:19:48 GMT Server AmazonS3 Date Tue, 15 Dec 2020 23:44:27 GMT Access-Control-Max-Age 600 Access-Control-Allow-Methods GET Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Allow-Credentials false Accept-Ranges bytes Access-Control-Allow-Headers * Redirect headers Date Tue, 15 Dec 2020 23:44:27 GMT Server AkamaiGHost Location https://s.adroll.com/j/exp/index.js Access-Control-Max-Age 600 Access-Control-Allow-Methods GET Access-Control-Allow-Origin * Access-Control-Allow-Credentials false Connection keep-alive Access-Control-Allow-Headers * Content-Length 0
GET H/1.1	200 OK	index.js Show response s.adroll.com/j/pre/EX76L7I6JVDGRDLV4P2AMG/J3B2Y3Y6LVGEHJM2VNGBFL/	0 773 B	289ms 208ms	Script text/javascript	2.18.233.40 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/j/pre/EX76L7I6JVDGRDLV4P2AMG/J3B2Y3Y6LVGEHJM2VNGBFL/index.js Requested by Host: s.adroll.com URL: https://s.adroll.com/j/roundtrip.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-233-40.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-amz-version-id lCC46KVmLbsmadFZ2hXbhuxiaR4t47Ah Content-Encoding gzip ETag "d41d8cd98f00b204e9800998ecf8427e" x-amz-request-id 02AF293657AACC77 x-amz-server-side-encryption AES256 Connection keep-alive Vary Accept-Encoding Content-Length 20 x-amz-id-2 Ku5q74RR5hMdQQkkdcEXZCBLwaRpXI+RO4MNISWdV1EZ8LEnGwSyMVg7eq82VH30JKkptIbsSUI= Last-Modified Mon, 14 Dec 2020 23:03:56 GMT Server AmazonS3 Date Tue, 15 Dec 2020 23:44:27 GMT Access-Control-Max-Age 600 Access-Control-Allow-Methods GET Content-Type text/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control max-age=3600, must-revalidate Access-Control-Allow-Credentials false Accept-Ranges bytes Access-Control-Allow-Headers *
GET H2	200	/ Show response d.adroll.com/consent/check/EX76L7I6JVDGRDLV4P2AMG/ Redirect Chain https://d.adroll.mgr.consensu.org/consent/iabcheck/EX76L7I6JVDGRDLV4P2AMG?_s=13cc629129c76d758282ce7124c20d90&_b=2 https://d.adroll.com/consent/check/EX76L7I6JVDGRDLV4P2AMG/?_s=13cc629129c76d758282ce7124c20d90&_b=2	393 B 862 B	148ms 42ms	Script application/javascript	52.51.179.214 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d.adroll.com/consent/check/EX76L7I6JVDGRDLV4P2AMG/?_s=13cc629129c76d758282ce7124c20d90&_b=2 Requested by Host: apply.nbc-insurance.ca URL: https://apply.nbc-insurance.ca/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.51.179.214 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-51-179-214.eu-west-1.compute.amazonaws.com Software nginx/1.18.0 / Resource Hash 1223d0e5aa86c49b238a3dbd1d886521324afcf32616b7af438fc2e3597cbe1d Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Tue, 15 Dec 2020 23:44:27 GMT cache-control no-store, no-cache, must-revalidate server nginx/1.18.0 content-type application/javascript content-length 393 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" Redirect headers location https://d.adroll.com/consent/check/EX76L7I6JVDGRDLV4P2AMG/?_s=13cc629129c76d758282ce7124c20d90&_b=2 date Tue, 15 Dec 2020 23:44:27 GMT server nginx/1.18.0 content-length 105
GET H/1.1	200 OK	NFXO64YS4VGX7ISTODZOX2.js Show response s.adroll.com/pixel/EX76L7I6JVDGRDLV4P2AMG/J3B2Y3Y6LVGEHJM2VNGBFL/ Redirect Chain https://d.adroll.com/pixel/EX76L7I6JVDGRDLV4P2AMG/J3B2Y3Y6LVGEHJM2VNGBFL?arrfrr=https%3A%2F%2Fapply.nbc-insurance.ca%2F&xid_ch=f&pv=2753094514.3759313&cookie=&adroll_s_ref=&keyw= https://s.adroll.com/pixel/EX76L7I6JVDGRDLV4P2AMG/J3B2Y3Y6LVGEHJM2VNGBFL/NFXO64YS4VGX7ISTODZOX2.js	3 KB 2 KB	275ms 274ms	Script text/javascript	2.18.233.40 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/pixel/EX76L7I6JVDGRDLV4P2AMG/J3B2Y3Y6LVGEHJM2VNGBFL/NFXO64YS4VGX7ISTODZOX2.js Requested by Host: apply.nbc-insurance.ca URL: https://apply.nbc-insurance.ca/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-233-40.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash f5a5e1f929ec8bd4d95634e368507fbbbbf847a9c1120cea4ca69ddcd68f89ff Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-amz-version-id IOY9DcbWN0GL3rLq0TlvWsSee4Nm7qsr Content-Encoding gzip ETag "8a6baec8407e5904d164f2b9fcb2644a" x-amz-request-id 868387EB660E90DC x-amz-server-side-encryption AES256 Connection keep-alive Vary Accept-Encoding Content-Length 1353 x-amz-id-2 KXrdbh5lGUEnYhxr5WKBErutqwnCZe7ox+bLJ6o9beeWxbXgkx14LzOrCysrJI22IuOk5PBG1dM= Last-Modified Wed, 09 Dec 2020 00:01:43 GMT Server AmazonS3 Date Tue, 15 Dec 2020 23:44:27 GMT Access-Control-Max-Age 600 Access-Control-Allow-Methods GET Content-Type text/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control max-age=3600, must-revalidate Access-Control-Allow-Credentials false Accept-Ranges bytes Access-Control-Allow-Headers * Redirect headers pragma no-cache x-conversion-value 0.00 server nginx/1.18.0 x-rule * date Tue, 15 Dec 2020 23:44:27 GMT x-segment-eid NFXO64YS4VGX7ISTODZOX2 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" location https://s.adroll.com/pixel/EX76L7I6JVDGRDLV4P2AMG/J3B2Y3Y6LVGEHJM2VNGBFL/NFXO64YS4VGX7ISTODZOX2.js cache-control no-store, no-cache, must-revalidate x-segment-display-name Visitors to Unsegmented Pages x-pixel-eid J3B2Y3Y6LVGEHJM2VNGBFL x-segment-name * x-advertisable-eid EX76L7I6JVDGRDLV4P2AMG content-length 0 x-conversion-currency
GET H2	200	163945267582337 Show response connect.facebook.net/signals/config/	238 KB 69 KB	86ms 85ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/163945267582337?v=2.9.30&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash d91bbc27d7db337090bfdf5e46ad2bd30cd72148ea890b31ab6a45b17bc75804 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c; content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 x-xss-protection 0 pragma public x-fb-debug xJalPuN62vXoyQjmhXcPAA6pGo+cCohe3OaILG0z6ocE827GwmsvY04J9kVUggPuDEpHVIFIi5wuSiTnk/efDg== x-fb-trip-id 436667874 x-frame-options DENY cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" date Tue, 15 Dec 2020 23:44:28 GMT strict-transport-security max-age=31536000; preload; includeSubDomains report-to {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]} content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-content-id 1680058356 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	in d.adroll.com/cm/r/ Redirect Chain https://d.adroll.com/cm/r/out?arrfrr=https%3A%2F%2Fapply.nbc-insurance.ca%2F&xid_ch=f&advertisable=EX76L7I6JVDGRDLV4P2AMG https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA https://d.adroll.com/cm/r/in?xid=E0&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA	42 B 501 B	42ms 42ms	Image image/gif	52.51.179.214 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d.adroll.com/cm/r/in?xid=E0&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA Requested by Host: apply.nbc-insurance.ca URL: https://apply.nbc-insurance.ca/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.51.179.214 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-51-179-214.eu-west-1.compute.amazonaws.com Software nginx/1.18.0 / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Tue, 15 Dec 2020 23:44:28 GMT cache-control no-store, no-cache, must-revalidate server nginx/1.18.0 content-type image/gif content-length 42 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" Redirect headers date Tue, 15 Dec 2020 23:44:28 GMT referrer-policy no-referrer-when-downgrade server ATS age 0 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" strict-transport-security max-age=15552000 p3p policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV" location https://d.adroll.com/cm/r/in?xid=E0&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA x-xss-protection 1; mode=block content-length 0 x-content-type-options nosniff
GET H2	200	sync x.bidswitch.net/ul_cb/ Redirect Chain https://d.adroll.com/cm/b/out?arrfrr=https%3A%2F%2Fapply.nbc-insurance.ca%2F&xid_ch=f&advertisable=EX76L7I6JVDGRDLV4P2AMG https://x.bidswitch.net/sync?dsp_id=44&user_id=MDUwNDA0NDY1YTQ3YjcyZDg5NmY4NDM1ZjkwYWRlNTA https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=MDUwNDA0NDY1YTQ3YjcyZDg5NmY4NDM1ZjkwYWRlNTA	43 B 412 B	26ms 26ms	Image image/gif	52.29.191.126 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=MDUwNDA0NDY1YTQ3YjcyZDg5NmY4NDM1ZjkwYWRlNTA Requested by Host: apply.nbc-insurance.ca URL: https://apply.nbc-insurance.ca/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.29.191.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-29-191-126.eu-central-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 15 Dec 2020 23:44:28 GMT cache-control no-cache, no-store, must-revalidate content-type image/gif content-length 43 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Redirect headers location https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=MDUwNDA0NDY1YTQ3YjcyZDg5NmY4NDM1ZjkwYWRlNTA date Tue, 15 Dec 2020 23:44:28 GMT cache-control no-cache, no-store, must-revalidate content-length 0 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
GET H/1.1	200 OK	bounce ib.adnxs.com/ Redirect Chain https://d.adroll.com/cm/x/out?arrfrr=https%3A%2F%2Fapply.nbc-insurance.ca%2F&xid_ch=f&advertisable=EX76L7I6JVDGRDLV4P2AMG https://ib.adnxs.com/setuid?entity=172&code=MDUwNDA0NDY1YTQ3YjcyZDg5NmY4NDM1ZjkwYWRlNTA https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DMDUwNDA0NDY1YTQ3YjcyZDg5NmY4NDM1ZjkwYWRlNTA	43 B 1 KB	38ms 36ms	Image image/gif	185.33.220.242 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DMDUwNDA0NDY1YTQ3YjcyZDg5NmY4NDM1ZjkwYWRlNTA Requested by Host: apply.nbc-insurance.ca URL: https://apply.nbc-insurance.ca/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.220.242 , Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Tue, 15 Dec 2020 23:44:28 GMT X-Proxy-Origin 185.156.175.107; 185.156.175.107; 724.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.79:80 AN-X-Request-Uuid 010ed3fc-c9b8-4fa2-814d-de11b9909cfb Server nginx/1.17.9 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers Pragma no-cache Date Tue, 15 Dec 2020 23:44:28 GMT X-Proxy-Origin 185.156.175.107; 185.156.175.107; 724.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.111:80 AN-X-Request-Uuid feb8dfc8-736e-4c44-a20e-91589f53fd57 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DMDUwNDA0NDY1YTQ3YjcyZDg5NmY4NDM1ZjkwYWRlNTA Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	451	377928.gif idsync.rlcdn.com/ Redirect Chain https://d.adroll.com/cm/l/out?arrfrr=https%3A%2F%2Fapply.nbc-insurance.ca%2F&xid_ch=f&advertisable=EX76L7I6JVDGRDLV4P2AMG https://idsync.rlcdn.com/377928.gif?partner_uid=050404465a47b72d896f8435f90ade50	0 66 B	73ms 33ms	Image text/plain	34.120.207.148 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/377928.gif?partner_uid=050404465a47b72d896f8435f90ade50 Requested by Host: apply.nbc-insurance.ca URL: https://apply.nbc-insurance.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.207.148 , United States, ASN15169 (GOOGLE, US), Reverse DNS 148.207.120.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 15 Dec 2020 23:44:28 GMT via 1.1 google alt-svc clear content-length 0 Redirect headers location https://idsync.rlcdn.com/377928.gif?partner_uid=050404465a47b72d896f8435f90ade50 pragma no-cache date Tue, 15 Dec 2020 23:44:27 GMT cache-control no-store, no-cache, must-revalidate server nginx/1.18.0 content-length 86 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
GET H2	200	sd us-u.openx.net/w/1.0/ Redirect Chain https://d.adroll.com/cm/o/out?arrfrr=https%3A%2F%2Fapply.nbc-insurance.ca%2F&xid_ch=f&advertisable=EX76L7I6JVDGRDLV4P2AMG https://us-u.openx.net/w/1.0/sd?id=537103138&val=050404465a47b72d896f8435f90ade50 https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=050404465a47b72d896f8435f90ade50	43 B 122 B	26ms 26ms	Image image/gif	34.98.64.218 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=050404465a47b72d896f8435f90ade50 Requested by Host: apply.nbc-insurance.ca URL: https://apply.nbc-insurance.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.64.218 , United States, ASN15169 (GOOGLE, US), Reverse DNS 218.64.98.34.bc.googleusercontent.com Software OXGW/16.199.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Tue, 15 Dec 2020 23:44:28 GMT via 1.1 google server OXGW/16.199.0 vary Accept p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache content-type image/gif alt-svc clear content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers location https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=050404465a47b72d896f8435f90ade50 date Tue, 15 Dec 2020 23:44:28 GMT via 1.1 google server OXGW/16.199.0 alt-svc clear content-length 0 p3p CP="CUR ADM OUR NOR STA NID"
GET H2	200	in d.adroll.com/cm/g/ Redirect Chain https://d.adroll.com/cm/g/out?arrfrr=https%3A%2F%2Fapply.nbc-insurance.ca%2F&xid_ch=f&advertisable=EX76L7I6JVDGRDLV4P2AMG&google_nid=adroll5 https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=BQQERlpHty2Jb4Q1-QreUA https://d.adroll.com/cm/g/in	42 B 538 B	43ms 43ms	Image image/gif	52.51.179.214 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d.adroll.com/cm/g/in Requested by Host: apply.nbc-insurance.ca URL: https://apply.nbc-insurance.ca/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.51.179.214 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-51-179-214.eu-west-1.compute.amazonaws.com Software nginx/1.18.0 / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Tue, 15 Dec 2020 23:44:28 GMT server nginx/1.18.0 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" cache-control no-store, no-cache, must-revalidate content-type image/gif content-length 42 x-result g.-1.-1.-1 Redirect headers pragma no-cache date Tue, 15 Dec 2020 23:44:28 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://d.adroll.com/cm/g/in cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 225 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	44 B 148 B	7ms 6ms	Image image/gif	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1783130221942772&ev=PageView&dl=https%3A%2F%2Fapply.nbc-insurance.ca%2F&rl=&if=false&ts=1608075868051&cd[segment_eid]=NFXO64YS4VGX7ISTODZOX2&sw=1600&sh=1200&v=2.9.30&r=stable&a=seg&ec=2&o=28&fbp=fb.1.1608075868049.1803191398&it=1608075864690&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET Requested by Host: apply.nbc-insurance.ca URL: https://apply.nbc-insurance.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 15 Dec 2020 23:44:28 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 44 expires Tue, 15 Dec 2020 23:44:28 GMT
GET H2	200	/ www.facebook.com/tr/	44 B 102 B	7ms 7ms	Image image/gif	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=315469978858251&ev=PageView&dl=https%3A%2F%2Fapply.nbc-insurance.ca%2F&rl=&if=false&ts=1608075868052&cd[segment_eid]=NFXO64YS4VGX7ISTODZOX2&sw=1600&sh=1200&v=2.9.30&r=stable&a=seg&ec=1&o=28&fbp=fb.1.1608075868049.1803191398&it=1608075864690&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET Requested by Host: apply.nbc-insurance.ca URL: https://apply.nbc-insurance.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 15 Dec 2020 23:44:28 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 44 expires Tue, 15 Dec 2020 23:44:28 GMT
GET H2	200	/ www.facebook.com/tr/	44 B 102 B	7ms 6ms	Image image/gif	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=163945267582337&ev=PageView&dl=https%3A%2F%2Fapply.nbc-insurance.ca%2F&rl=&if=false&ts=1608075868053&cd[segment_eid]=NFXO64YS4VGX7ISTODZOX2&sw=1600&sh=1200&v=2.9.30&r=stable&a=seg&ec=0&o=29&fbp=fb.1.1608075868049.1803191398&it=1608075864690&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET Requested by Host: apply.nbc-insurance.ca URL: https://apply.nbc-insurance.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 15 Dec 2020 23:44:28 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 44 expires Tue, 15 Dec 2020 23:44:28 GMT
GET H2	200	satellite-566999dd64746d571e005567.js Show response assets.adobedtm.com/58a1d39ae7dbd9ad6d68fd7a2e33a92917d9261c/scripts/	3 KB 2 KB	13ms 12ms	Script application/x-javascript	2a02:26f0:6c00:28a::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/58a1d39ae7dbd9ad6d68fd7a2e33a92917d9261c/scripts/satellite-566999dd64746d571e005567.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/58a1d39ae7dbd9ad6d68fd7a2e33a92917d9261c/satelliteLib-23f9eeb04eeb4bd02e31d36e3ed3825c4d8105ae.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:28a::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS Software AkamaiNetStorage / Resource Hash adaf34c13d2096235a9ce5e84a9df0ae087691860672e9c0f3dd8121e947f730 Request headers Referer https://apply.nbc-insurance.ca/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 15 Dec 2020 23:44:28 GMT content-encoding gzip last-modified Tue, 26 May 2020 21:27:57 GMT server AkamaiNetStorage etag "b669b79df6cfab1374802de160b6b14e:1590528477.813592" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://apply.nbc-insurance.ca cache-control max-age=3600 accept-ranges bytes timing-allow-origin * content-length 1649 expires Wed, 16 Dec 2020 00:44:28 GMT