www.aviva.ca Open in urlscan Pro
23.9.178.244 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://insurance.aviva.ca/
Effective URL:
https://www.aviva.ca/en/direct/
Submission: On October 21 via manual (October 21st 2024, 1:49:27 pm UTC) from US — Scanned from CA

Summary HTTP 105 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 105 HTTP transactions. The main IP is 23.9.178.244, located in United States and belongs to AKAMAI-AS, US. The main domain is www.aviva.ca.
TLS certificate: Issued by Sectigo RSA Extended Validation Secur... on August 9th 2024. Valid for: 9 months.

This is the only time www.aviva.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.17.72.206 104.17.72.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 39	23.9.178.244 23.9.178.244	16625 (AKAMAI-AS) (AKAMAI-AS)
11	2606:4700::68... 2606:4700::6812:572a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
48	23.9.178.162 23.9.178.162	16625 (AKAMAI-AS) (AKAMAI-AS)
5	2600:1408:ec0... 2600:1408:ec00:88a::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700:440... 2606:4700:4400::6812:2089	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	157.240.229.1 157.240.229.1	32934 (FACEBOOK) (FACEBOOK)
105	7

1 104.17.72.206 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

insurance.aviva.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 23.9.178.244 (United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-9-178-244.deploy.static.akamaitechnologies.com

www.aviva.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6812:572a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

48 23.9.178.162 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-9-178-162.deploy.static.akamaitechnologies.com

cdn.aviva.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1408:ec00:88a::1e80 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.229.1 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-iad3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	aviva.com cdn.aviva.com — Cisco Umbrella Rank: 389038	265 KB
40	aviva.ca 2 redirects insurance.aviva.ca www.aviva.ca	465 KB
11	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 326	167 KB
5	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 430	135 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	73 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 498	295 B
105	6

	Domain	Requested by
48	cdn.aviva.com	www.aviva.ca cdn.aviva.com
39	www.aviva.ca	1 redirects www.aviva.ca cdn.aviva.com
11	cdn.cookielaw.org	www.aviva.ca cdn.cookielaw.org
5	assets.adobedtm.com	www.aviva.ca assets.adobedtm.com
2	connect.facebook.net	assets.adobedtm.com connect.facebook.net
1	geolocation.onetrust.com	cdn.cookielaw.org
1	insurance.aviva.ca	1 redirects
105	7

This site contains links to these domains. Also see Links.

Domain
www.nationalhomewarranty.com
myaviva.avivainsurance.ca
www.ontario.ca
insurance.aviva.ca
www.aviva.com
partner.aviva.ca
www.facebook.com
twitter.com
ca.linkedin.com
www.youtube.com
www.equiteassociation.com
www.onetrust.com

Subject Issuer	Validity	Valid
cert01.ca.aviva.com Sectigo RSA Extended Validation Secure Server CA	`2024-08-09` - `2025-05-08`	9 months	crt.sh
cookielaw.org WE1	`2024-10-11` - `2025-01-09`	3 months	crt.sh
cert02.uk.aviva.com Sectigo RSA Extended Validation Secure Server CA	`2024-09-30` - `2025-09-30`	a year	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-09` - `2025-08-09`	a year	crt.sh
geolocation.onetrust.com WE1	`2024-10-11` - `2025-01-09`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-07-30` - `2024-10-28`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.aviva.ca/en/direct/
Frame ID: 62DFFE7A36B872F783249B12B8F78D4C
Requests: 107 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Car and Home Insurance Online with Aviva Direct

Page URL History Show full URLs

http://insurance.aviva.ca/ HTTP 307
https://insurance.aviva.ca/ HTTP 302
https://www.aviva.ca/en/direct HTTP 301
https://www.aviva.ca/en/direct/ Page URL

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

/etc/designs/

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

105
Requests

100 %
HTTPS

43 %
IPv6

6
Domains

7
Subdomains

7
IPs

2
Countries

1103 kB
Transfer

3670 kB
Size

9
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://www.nationalhomewarranty.com/tools/claims.html
Title: Home Warranty Insurance Claim

Search URL Search Domain Scan URL

URL: https://myaviva.avivainsurance.ca/claims/make-a-claim/landing?pid=pro-per-per-clm&adobe_mc=MCORGID%3D8225575E557166897F000101%2540AdobeOrg%7CTS%3D1729518552
Title: Submit a claim

Search URL Search Domain Scan URL

URL: https://myaviva.avivainsurance.ca/MyAccount/login?adobe_mc=MCORGID%3D8225575E557166897F000101%2540AdobeOrg%7CTS%3D1729518552
Title: Access MyAviva

Search URL Search Domain Scan URL

URL: https://www.ontario.ca/page/get-driving-record
Title: driver’s licence history

Search URL Search Domain Scan URL

URL: https://insurance.aviva.ca/property-insurance-ontario?cmp=sem-aut-goo-srp-inh-avi&gad=1&gclid=CjwKCAjwgZCoBhBnEiwAz35RwjFQGfmhkP41DWIXxfXW0fUvucahmmLi0VEX1od4sA7hPKpjBiFwuhoCcR4QAvD_BwE&gclsrc=aw.ds#fn-lnk**
Title: Get a quote

Search URL Search Domain Scan URL

URL: https://www.aviva.com/
Title: Aviva plc, corporate website

Search URL Search Domain Scan URL

URL: https://partner.aviva.ca/login/
Title: Aviva Partner

Search URL Search Domain Scan URL

URL: https://www.nationalhomewarranty.com/
Title: Home Warranty Insurance

Search URL Search Domain Scan URL

URL: https://www.facebook.com/AvivaCanada/
Title: Follow Us on Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/AvivaCanada
Title: Follow Us on Twitter

Search URL Search Domain Scan URL

URL: https://ca.linkedin.com/company/aviva-canada
Title: Follow Us on LinkedIn

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/avivacanada
Title: Follow Us on Youtube

Search URL Search Domain Scan URL

URL: https://www.equiteassociation.com/

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://insurance.aviva.ca/ HTTP 307
https://insurance.aviva.ca/ HTTP 302
https://www.aviva.ca/en/direct HTTP 301
https://www.aviva.ca/en/direct/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

105 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.aviva.ca/en/direct/
Redirect Chain

http://insurance.aviva.ca/
https://insurance.aviva.ca/
https://www.aviva.ca/en/direct
https://www.aviva.ca/en/direct/

123 KB
23 KB

629ms
541ms

Document
text/html

23.9.178.244
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aviva.ca/en/direct/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.244 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-244.deploy.static.akamaitechnologies.com

Software

Resource Hash

3bfb8b7a88db8db8144b8002735f0b1186f9b8044cd7a607ffe9b71f76b6f5e0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .aviva.ca .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com .pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' .aviva.ca cdn.aviva.com .adobedtm.com .amazon.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com .cookielaw.org ajax.aspnetcdn.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com fonts.googleapis.com; connect-src 'self' .amazon.com cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .cookielaw.org .linkedin.com .reddit.com .redditstatic.com .onetrust.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .amazon .aviva.ca .pardot.com; frame-ancestors https://.aviva.ca
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 21338
content-security-policy: default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.aviva.ca *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com *.pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' *.aviva.ca cdn.aviva.com *.adobedtm.com *.amazon.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com *.cookielaw.org ajax.aspnetcdn.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com fonts.googleapis.com; connect-src 'self' *.amazon.com cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.cookielaw.org *.linkedin.com *.reddit.com *.redditstatic.com *.onetrust.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.amazon *.aviva.ca *.pardot.com; frame-ancestors https://*.aviva.ca
content-type: text/html; charset=UTF-8
date: Mon, 21 Oct 2024 13:49:09 GMT
etag: "1eb63-624f56235823d-gzip"
expires: Thu, 01 Jan 1970 00:00:00 GMT
last-modified: Mon, 21 Oct 2024 04:49:53 GMT
pragma: no-cache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-akamai-transformed: 9 21110 0 pmb=mTOE,2
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-length: 239
content-security-policy: default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.aviva.ca *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com *.pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' *.aviva.ca cdn.aviva.com *.adobedtm.com *.amazon.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com *.cookielaw.org ajax.aspnetcdn.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com fonts.googleapis.com; connect-src 'self' *.amazon.com cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.cookielaw.org *.linkedin.com *.reddit.com *.redditstatic.com *.onetrust.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.amazon *.aviva.ca *.pardot.com; frame-ancestors https://*.aviva.ca
content-type: text/html; charset=iso-8859-1
date: Mon, 21 Oct 2024 13:49:08 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://www.aviva.ca/en/direct/
pragma: no-cache
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 22 KB
8 KB 1018ms
56ms Script
application/javascript 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/en/direct/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efad755939e511f2bc1feb0d58d6014006e8598a4d431f27a66dd59e14fc19cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

content-md5: uiXk8gw/ehyoMvZ3GeQiaQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCEDAD087F157F
x-ms-lease-status: unlocked
age: 68184
cf-cache-status: HIT
x-content-type-options: nosniff
expires: Mon, 21 Oct 2024 18:52:46 GMT
date: Mon, 21 Oct 2024 13:49:10 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 06:37:40 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: ca0be203-601e-00f9-010e-20596a000000
cf-ray: 8d61b59dfacca2af-YUL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7214
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 normalize.css
cdn.aviva.com/static/core/v.3.3.0/css/vendor/normalize/ 2 KB
1 KB 1141ms
167ms Stylesheet
text/css 23.9.178.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/css/vendor/normalize/normalize.css

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/en/direct/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.162 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

80bc044677cf80929d5d037919a68e2040d0b3632f80340b418a29fc8f5baaff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
content-encoding: gzip
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Wed, 20 Nov 2024 13:49:10 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 897
date: Mon, 21 Oct 2024 13:49:10 GMT
content-type: text/css
last-modified: Mon, 24 May 2021 15:46:45 GMT
vary: Accept-Encoding

GET
H2 200 postcss-split1.css
cdn.aviva.com/static/core/v.3.3.0/css/ 250 KB
21 KB 1140ms
166ms Stylesheet
text/css 23.9.178.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split1.css

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/en/direct/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.162 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

1bc9542c1c8c760c1561163c13a4a74dca5335392f2844c2273f20e8a92e8ed5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
content-encoding: gzip
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Wed, 20 Nov 2024 13:49:10 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 21579
date: Mon, 21 Oct 2024 13:49:10 GMT
content-type: text/css
last-modified: Mon, 24 May 2021 15:46:45 GMT
vary: Accept-Encoding

GET
H2 200 postcss-split2.css
cdn.aviva.com/static/core/v.3.3.0/css/ 309 KB
22 KB 1097ms
124ms Stylesheet
text/css 23.9.178.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split2.css

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/en/direct/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.162 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

1d9addbda55aa12a20367b4afb563f3516b4db50edb4437de62e2704a6dcfa32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
content-encoding: gzip
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Wed, 20 Nov 2024 13:49:10 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 22286
date: Mon, 21 Oct 2024 13:49:10 GMT
content-type: text/css
last-modified: Mon, 24 May 2021 15:46:45 GMT
vary: Accept-Encoding

GET
H2 200 postcss-split.css
cdn.aviva.com/static/core/v.3.3.0/css/ 337 KB
39 KB 1068ms
96ms Stylesheet
text/css 23.9.178.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split.css

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/en/direct/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.162 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

ea681f855f779432a5b2cbb5ff740b95a533c3731d0d66281c8b03567da00a45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
content-encoding: gzip
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Wed, 20 Nov 2024 13:49:10 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 39450
date: Mon, 21 Oct 2024 13:49:10 GMT
content-type: text/css
last-modified: Mon, 24 May 2021 15:46:45 GMT
vary: Accept-Encoding

GET
H2 200 core.min.css
www.aviva.ca/etc/designs/aviva-public/1.49.2/css/ 199 KB
31 KB 352ms
310ms Stylesheet
text/css 23.9.178.244
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aviva.ca/etc/designs/aviva-public/1.49.2/css/core.min.css?v=2021.02.19

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/en/direct/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.244 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-244.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec92ce4898b64554e8af26eed6b09024f152008f2f64affe6c300dbfbb8f0e75

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .aviva.ca .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com .pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' .aviva.ca cdn.aviva.com .adobedtm.com .amazon.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com .cookielaw.org ajax.aspnetcdn.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com fonts.googleapis.com; connect-src 'self' .amazon.com cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .cookielaw.org .linkedin.com .reddit.com .redditstatic.com .onetrust.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .amazon .aviva.ca .pardot.com; frame-ancestors https://.aviva.ca
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/direct/

Response headers

content-encoding: gzip
etag: "31a12-6216a25541dd2-gzip"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Wed, 20 Nov 2024 13:49:10 GMT
date: Mon, 21 Oct 2024 13:49:10 GMT
last-modified: Fri, 06 Sep 2024 02:27:16 GMT
content-type: text/css
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.aviva.ca *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com *.pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' *.aviva.ca cdn.aviva.com *.adobedtm.com *.amazon.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com *.cookielaw.org ajax.aspnetcdn.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com fonts.googleapis.com; connect-src 'self' *.amazon.com cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.cookielaw.org *.linkedin.com *.reddit.com *.redditstatic.com *.onetrust.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.amazon *.aviva.ca *.pardot.com; frame-ancestors https://*.aviva.ca
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 30603
x-xss-protection: 1; mode=block
x-edgeconnect-midmile-rtt: 2
x-edgeconnect-origin-mex-latency: 124

GET
H2 200 aviva-modal.css
www.aviva.ca/etc/designs/aviva/clientlibs/uk/ 19 KB
6 KB 310ms
284ms Stylesheet
text/css 23.9.178.244
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aviva.ca/etc/designs/aviva/clientlibs/uk/aviva-modal.css?v=2024.09.05-2

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/en/direct/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.244 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-244.deploy.static.akamaitechnologies.com

Software

Resource Hash

1a0948e98160002a3b821cd4cf703fea9eda4b847fc828fee905aeca128c0204

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .aviva.ca .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com .pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' .aviva.ca cdn.aviva.com .adobedtm.com .amazon.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com .cookielaw.org ajax.aspnetcdn.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com fonts.googleapis.com; connect-src 'self' .amazon.com cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .cookielaw.org .linkedin.com .reddit.com .redditstatic.com .onetrust.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .amazon .aviva.ca .pardot.com; frame-ancestors https://.aviva.ca
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/direct/

Response headers

content-encoding: gzip
etag: "4db9-6216a1923017f-gzip"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Wed, 20 Nov 2024 13:49:10 GMT
date: Mon, 21 Oct 2024 13:49:10 GMT
last-modified: Fri, 06 Sep 2024 02:23:52 GMT
content-type: text/css
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.aviva.ca *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com *.pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' *.aviva.ca cdn.aviva.com *.adobedtm.com *.amazon.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com *.cookielaw.org ajax.aspnetcdn.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com fonts.googleapis.com; connect-src 'self' *.amazon.com cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.cookielaw.org *.linkedin.com *.reddit.com *.redditstatic.com *.onetrust.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.amazon *.aviva.ca *.pardot.com; frame-ancestors https://*.aviva.ca
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 4919
x-xss-protection: 1; mode=block

GET
H2 200 global-overrides.css
www.aviva.ca/etc/designs/aviva/clientlibs/uk/ 66 KB
10 KB 311ms
285ms Stylesheet
text/css 23.9.178.244
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aviva.ca/etc/designs/aviva/clientlibs/uk/global-overrides.css?v=2024.09.05-2

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/en/direct/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.244 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-244.deploy.static.akamaitechnologies.com

Software

Resource Hash

98348dab3a9c47f21b6a09f2777e6f35a8063f5190230081fd78723742248ade

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .aviva.ca .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com .pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' .aviva.ca cdn.aviva.com .adobedtm.com .amazon.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com .cookielaw.org ajax.aspnetcdn.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com fonts.googleapis.com; connect-src 'self' .amazon.com cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .cookielaw.org .linkedin.com .reddit.com .redditstatic.com .onetrust.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .amazon .aviva.ca .pardot.com; frame-ancestors https://.aviva.ca
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/direct/

Response headers

content-encoding: gzip
etag: "108f3-6216a1928566a-gzip"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Wed, 20 Nov 2024 13:49:10 GMT
date: Mon, 21 Oct 2024 13:49:10 GMT
last-modified: Fri, 06 Sep 2024 02:23:52 GMT
content-type: text/css
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.aviva.ca *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com *.pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' *.aviva.ca cdn.aviva.com *.adobedtm.com *.amazon.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com *.cookielaw.org ajax.aspnetcdn.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com fonts.googleapis.com; connect-src 'self' *.amazon.com cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.cookielaw.org *.linkedin.com *.reddit.com *.redditstatic.com *.onetrust.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.amazon *.aviva.ca *.pardot.com; frame-ancestors https://*.aviva.ca
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9304
x-xss-protection: 1; mode=block
x-edgeconnect-midmile-rtt: 3
x-edgeconnect-origin-mex-latency: 750

GET
H2 200 modernizr-3.3.1.min.js Show response
www.aviva.ca/etc/designs/aviva-public/vendor/js/core/ 9 KB
5 KB 340ms
317ms Script
text/javascript 23.9.178.244
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aviva.ca/etc/designs/aviva-public/vendor/js/core/modernizr-3.3.1.min.js?v=2021.02.19

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/en/direct/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.244 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-244.deploy.static.akamaitechnologies.com

Software

Resource Hash

fd46dab6d4bbf6444c64c44318834c53d80fcd0547ed1f88a04576d41aa112ca

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .aviva.ca .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com .pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' .aviva.ca cdn.aviva.com .adobedtm.com .amazon.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com .cookielaw.org ajax.aspnetcdn.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com fonts.googleapis.com; connect-src 'self' .amazon.com cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .cookielaw.org .linkedin.com .reddit.com .redditstatic.com .onetrust.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .amazon .aviva.ca .pardot.com; frame-ancestors https://.aviva.ca
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/direct/

Response headers

content-encoding: gzip
etag: "2468-6216a1926664c"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Mon, 21 Oct 2024 13:49:12 GMT
date: Mon, 21 Oct 2024 13:49:11 GMT
last-modified: Fri, 06 Sep 2024 02:23:52 GMT
content-type: text/javascript
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.aviva.ca *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com *.pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' *.aviva.ca cdn.aviva.com *.adobedtm.com *.amazon.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com *.cookielaw.org ajax.aspnetcdn.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com fonts.googleapis.com; connect-src 'self' *.amazon.com cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.cookielaw.org *.linkedin.com *.reddit.com *.redditstatic.com *.onetrust.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.amazon *.aviva.ca *.pardot.com; frame-ancestors https://*.aviva.ca
cache-control: max-age=1
accept-ranges: bytes
content-length: 3980
x-xss-protection: 1; mode=block

GET
H2 200 launch-76e68f2dde59.min.js Show response
assets.adobedtm.com/cb3f8d042d56/2daa76811d16/ 498 KB
120 KB 390ms
60ms Script
application/x-javascript 2600:1408:ec00:88a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/cb3f8d042d56/2daa76811d16/launch-76e68f2dde59.min.js
Requested by: Host: www.aviva.ca
URL: https://www.aviva.ca/en/direct/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:ec00:88a::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 1c391d65fdfecb14749faa25a105c5c05a3fe9832426a70ead84dd76e5bf349f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

cache-control: max-age=3600
timing-allow-origin: *
content-encoding: gzip
etag: "ae07fbf4805008ae3375edd9607342b0:1727805706.156753"
expires: Mon, 21 Oct 2024 14:49:11 GMT
accept-ranges: bytes
access-control-allow-origin: https://www.aviva.ca
content-length: 122261
date: Mon, 21 Oct 2024 13:49:11 GMT
content-type: application/x-javascript
last-modified: Tue, 01 Oct 2024 18:01:46 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

GET
H2 200 3c32a986 Show response
www.aviva.ca/akam/13/ 26 KB
9 KB 107ms
85ms Script
application/javascript 23.9.178.244
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aviva.ca/akam/13/3c32a986

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/en/direct/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.244 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-244.deploy.static.akamaitechnologies.com

Software

Resource Hash

14018642ecb5da337b472d8e576d508dd632e50befb8c9e68e52f484bb0d0dff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/direct/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=21600
content-encoding: gzip
etag: "6c22ba75a93343e9b81edc48b6e81e4d99e7e95154ec4f3dbf6e416a394bf7c6"
content-length: 8771
date: Mon, 21 Oct 2024 13:49:11 GMT
stored-attribute-sha-checksum: 14018642ecb5da337b472d8e576d508dd632e50befb8c9e68e52f484bb0d0dff
last-modified: Thu, 22 Feb 2024 19:36:20 GMT
content-type: application/javascript
vary: Accept-Encoding

GET
H2 200 aviva-logo.svg
cdn.aviva.com/static/core/v.3.3.0/images/logo/ 7 KB
2 KB 1121ms
165ms Image
image/svg+xml 23.9.178.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/images/logo/aviva-logo.svg

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/en/direct/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.162 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

4c619c1235dc58e0c64cf814dd6d74fd4b12e36eb6a1a0055b3c8b834af66b68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
content-encoding: gzip
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Wed, 20 Nov 2024 13:49:10 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1648
date: Mon, 21 Oct 2024 13:49:10 GMT
content-type: image/svg+xml
last-modified: Mon, 24 May 2021 15:46:45 GMT
vary: Accept-Encoding

GET
H2 200 direct-hero-9.$public_hero_desktop$.jpg
www.aviva.ca/content/dam/aviva-public/ca/hero/ 34 KB
35 KB 554ms
528ms Image
image/jpeg 23.9.178.244
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aviva.ca/content/dam/aviva-public/ca/hero/direct-hero-9.$public_hero_desktop$.jpg?$public_hero_desktop$

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/en/direct/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.244 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-244.deploy.static.akamaitechnologies.com

Software

Resource Hash

f204cc9346d83fef429e0511051aaed84d2baa749b846cc60946c81517da17a3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .aviva.ca .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com .pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' .aviva.ca cdn.aviva.com .adobedtm.com .amazon.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com .cookielaw.org ajax.aspnetcdn.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com fonts.googleapis.com; connect-src 'self' .amazon.com cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .cookielaw.org .linkedin.com .reddit.com .redditstatic.com .onetrust.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .amazon .aviva.ca .pardot.com; frame-ancestors https://.aviva.ca
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/direct/

Response headers

etag: "8731-601640cbffe76"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Tue, 21 Oct 2025 13:49:10 GMT
date: Mon, 21 Oct 2024 13:49:10 GMT
last-modified: Wed, 26 Jul 2023 13:44:42 GMT
content-type: image/jpeg
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.aviva.ca *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com *.pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' *.aviva.ca cdn.aviva.com *.adobedtm.com *.amazon.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com *.cookielaw.org ajax.aspnetcdn.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com fonts.googleapis.com; connect-src 'self' *.amazon.com cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.cookielaw.org *.linkedin.com *.reddit.com *.redditstatic.com *.onetrust.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.amazon *.aviva.ca *.pardot.com; frame-ancestors https://*.aviva.ca
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 34609
x-xss-protection: 1; mode=block
x-edgeconnect-midmile-rtt: 0
x-edgeconnect-origin-mex-latency: 256

GET
H2 200 direct_icon_shop.svg
www.aviva.ca/content/dam/aviva-public/icons/ 4 KB
3 KB 574ms
540ms Image
image/svg+xml 23.9.178.244
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aviva.ca/content/dam/aviva-public/icons/direct_icon_shop.svg

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/en/direct/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.244 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-244.deploy.static.akamaitechnologies.com

Software

Resource Hash

fcfdcd619a1fd113846b9a98948fd75b0bdfce0665705c4954dda539941e7cbc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .aviva.ca .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com .pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' .aviva.ca cdn.aviva.com .adobedtm.com .amazon.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com .cookielaw.org ajax.aspnetcdn.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com fonts.googleapis.com; connect-src 'self' .amazon.com cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .cookielaw.org .linkedin.com .reddit.com .redditstatic.com .onetrust.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .amazon .aviva.ca .pardot.com; frame-ancestors https://.aviva.ca
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/direct/

Response headers

content-encoding: gzip
etag: "f6e-601640cbd6275"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Tue, 21 Oct 2025 13:49:11 GMT
date: Mon, 21 Oct 2024 13:49:11 GMT
last-modified: Wed, 26 Jul 2023 13:44:42 GMT
vary: Accept-Encoding
content-type: image/svg+xml
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.aviva.ca *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com *.pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' *.aviva.ca cdn.aviva.com *.adobedtm.com *.amazon.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com *.cookielaw.org ajax.aspnetcdn.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com fonts.googleapis.com; connect-src 'self' *.amazon.com cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.cookielaw.org *.linkedin.com *.reddit.com *.redditstatic.com *.onetrust.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.amazon *.aviva.ca *.pardot.com; frame-ancestors https://*.aviva.ca
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1260
x-xss-protection: 1; mode=block
x-edgeconnect-midmile-rtt: 0, 0
x-edgeconnect-origin-mex-latency: 1014, 684

GET
H2 200 direct_icon_shop.svg.png
www.aviva.ca/content/dam/aviva-public/icons/ 18 KB
19 KB 575ms
571ms Image
image/png 23.9.178.244
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aviva.ca/content/dam/aviva-public/icons/direct_icon_shop.svg.png

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/en/direct/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.244 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-244.deploy.static.akamaitechnologies.com

Software

Resource Hash

5e0f1aad3f9f1d3326c584369cc8343879252ffe114c3289c2be5ff5dde930aa

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .aviva.ca .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com .pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' .aviva.ca cdn.aviva.com .adobedtm.com .amazon.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com .cookielaw.org ajax.aspnetcdn.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com fonts.googleapis.com; connect-src 'self' .amazon.com cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .cookielaw.org .linkedin.com .reddit.com .redditstatic.com .onetrust.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .amazon .aviva.ca .pardot.com; frame-ancestors https://.aviva.ca
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/direct/

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.aviva.ca *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com *.pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' *.aviva.ca cdn.aviva.com *.adobedtm.com *.amazon.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com *.cookielaw.org ajax.aspnetcdn.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com fonts.googleapis.com; connect-src 'self' *.amazon.com cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.cookielaw.org *.linkedin.com *.reddit.com *.redditstatic.com *.onetrust.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.amazon *.aviva.ca *.pardot.com; frame-ancestors https://*.aviva.ca
cache-control: max-age=31536000
etag: "483e-601527fda3b4d"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Tue, 21 Oct 2025 13:49:11 GMT
accept-ranges: bytes
content-length: 18494
x-xss-protection: 1; mode=block
date: Mon, 21 Oct 2024 13:49:11 GMT
last-modified: Tue, 25 Jul 2023 16:48:24 GMT
content-type: image/png
x-frame-options: SAMEORIGIN

GET
H2 200 direct_icon_buy.svg
www.aviva.ca/content/dam/aviva-public/icons/ 2 KB
2 KB 1265ms
1242ms Image
image/svg+xml 23.9.178.244
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aviva.ca/content/dam/aviva-public/icons/direct_icon_buy.svg

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/en/direct/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.244 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-244.deploy.static.akamaitechnologies.com

Software

Resource Hash

8f0ed08df990d0d9dde796cea79c511e4e92b564d0701afa510382c3da969ad1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .aviva.ca .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com .pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' .aviva.ca cdn.aviva.com .adobedtm.com .amazon.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com .cookielaw.org ajax.aspnetcdn.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com fonts.googleapis.com; connect-src 'self' .amazon.com cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .cookielaw.org .linkedin.com .reddit.com .redditstatic.com .onetrust.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .amazon .aviva.ca .pardot.com; frame-ancestors https://.aviva.ca
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/direct/

Response headers

content-encoding: gzip
etag: "677-60164e7be9428"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Tue, 21 Oct 2025 13:49:12 GMT
date: Mon, 21 Oct 2024 13:49:12 GMT
last-modified: Wed, 26 Jul 2023 14:45:56 GMT
vary: Accept-Encoding
content-type: image/svg+xml
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.aviva.ca *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com *.pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' *.aviva.ca cdn.aviva.com *.adobedtm.com *.amazon.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com *.cookielaw.org ajax.aspnetcdn.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com fonts.googleapis.com; connect-src 'self' *.amazon.com cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.cookielaw.org *.linkedin.com *.reddit.com *.redditstatic.com *.onetrust.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.amazon *.aviva.ca *.pardot.com; frame-ancestors https://*.aviva.ca
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 764
x-xss-protection: 1; mode=block
x-edgeconnect-midmile-rtt: 0
x-edgeconnect-origin-mex-latency: 231

GET
H2 200 direct_icon_buy.svg.png
www.aviva.ca/content/dam/aviva-public/icons/ 19 KB
20 KB 994ms
973ms Image
image/png 23.9.178.244
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aviva.ca/content/dam/aviva-public/icons/direct_icon_buy.svg.png

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/en/direct/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.244 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-244.deploy.static.akamaitechnologies.com

Software

Resource Hash

513e2b3c37af4730bae25086ccb50fd8e88fa6c6ca3101599ffb48442e97ecac

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .aviva.ca .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com .pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' .aviva.ca cdn.aviva.com .adobedtm.com .amazon.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com .cookielaw.org ajax.aspnetcdn.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com fonts.googleapis.com; connect-src 'self' .amazon.com cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .cookielaw.org .linkedin.com .reddit.com .redditstatic.com .onetrust.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .amazon .aviva.ca .pardot.com; frame-ancestors https://.aviva.ca
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/direct/

Response headers

etag: "4bab-601527fd96472"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Tue, 21 Oct 2025 13:49:12 GMT
date: Mon, 21 Oct 2024 13:49:12 GMT
last-modified: Tue, 25 Jul 2023 16:48:24 GMT
content-type: image/png
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.aviva.ca *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com *.pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' *.aviva.ca cdn.aviva.com *.adobedtm.com *.amazon.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com *.cookielaw.org ajax.aspnetcdn.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com fonts.googleapis.com; connect-src 'self' *.amazon.com cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.cookielaw.org *.linkedin.com *.reddit.com *.redditstatic.com *.onetrust.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.amazon *.aviva.ca *.pardot.com; frame-ancestors https://*.aviva.ca
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 19371
x-xss-protection: 1; mode=block
x-edgeconnect-midmile-rtt: 0
x-edgeconnect-origin-mex-latency: 960

GET
H2 200 direct_icon_access.svg
www.aviva.ca/content/dam/aviva-public/icons/ 2 KB
2 KB 1251ms
1229ms Image
image/svg+xml 23.9.178.244
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aviva.ca/content/dam/aviva-public/icons/direct_icon_access.svg

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/en/direct/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.244 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-244.deploy.static.akamaitechnologies.com

Software

Resource Hash

85df666e6c7b4c5e40a6f1ea4ad6851c6c563f8a5f7a93d07daea446542660f4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .aviva.ca .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com .pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' .aviva.ca cdn.aviva.com .adobedtm.com .amazon.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com .cookielaw.org ajax.aspnetcdn.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com fonts.googleapis.com; connect-src 'self' .amazon.com cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .cookielaw.org .linkedin.com .reddit.com .redditstatic.com .onetrust.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .amazon .aviva.ca .pardot.com; frame-ancestors https://.aviva.ca
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/direct/

Response headers

content-encoding: gzip
etag: "7f9-601527fd8917f"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Tue, 21 Oct 2025 13:49:12 GMT
date: Mon, 21 Oct 2024 13:49:12 GMT
last-modified: Tue, 25 Jul 2023 16:48:24 GMT
vary: Accept-Encoding
content-type: image/svg+xml
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.aviva.ca *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com *.pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' *.aviva.ca cdn.aviva.com *.adobedtm.com *.amazon.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com *.cookielaw.org ajax.aspnetcdn.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com fonts.googleapis.com; connect-src 'self' *.amazon.com cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.cookielaw.org *.linkedin.com *.reddit.com *.redditstatic.com *.onetrust.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.amazon *.aviva.ca *.pardot.com; frame-ancestors https://*.aviva.ca
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 776
x-xss-protection: 1; mode=block
x-edgeconnect-midmile-rtt: 0
x-edgeconnect-origin-mex-latency: 732

GET
H2 200 direct_icon_access.svg.png
www.aviva.ca/content/dam/aviva-public/icons/ 12 KB
14 KB 526ms
505ms Image
image/png 23.9.178.244
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aviva.ca/content/dam/aviva-public/icons/direct_icon_access.svg.png

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/en/direct/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.244 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-244.deploy.static.akamaitechnologies.com

Software

Resource Hash

bd29bea0fbe3e60e07b2da22219cbedde895bfe00aac0fa32a6eed46d51e0130

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .aviva.ca .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com .pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' .aviva.ca cdn.aviva.com .adobedtm.com .amazon.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com .cookielaw.org ajax.aspnetcdn.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com fonts.googleapis.com; connect-src 'self' .amazon.com cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .cookielaw.org .linkedin.com .reddit.com .redditstatic.com .onetrust.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .amazon .aviva.ca .pardot.com; frame-ancestors https://.aviva.ca
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/direct/

Response headers

etag: "316d-601527fdadf60"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Tue, 21 Oct 2025 13:49:11 GMT
date: Mon, 21 Oct 2024 13:49:11 GMT
last-modified: Tue, 25 Jul 2023 16:48:24 GMT
content-type: image/png
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.aviva.ca *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com *.pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' *.aviva.ca cdn.aviva.com *.adobedtm.com *.amazon.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com *.cookielaw.org ajax.aspnetcdn.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com fonts.googleapis.com; connect-src 'self' *.amazon.com cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.cookielaw.org *.linkedin.com *.reddit.com *.redditstatic.com *.onetrust.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.amazon *.aviva.ca *.pardot.com; frame-ancestors https://*.aviva.ca
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 12653
x-xss-protection: 1; mode=block
x-edgeconnect-midmile-rtt: 0
x-edgeconnect-origin-mex-latency: 239

GET
H2 200 4-direct-editorial-500.jpg
www.aviva.ca/content/dam/aviva-public/ca/images/ 90 KB
91 KB 1016ms
995ms Image
image/jpeg 23.9.178.244
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aviva.ca/content/dam/aviva-public/ca/images/4-direct-editorial-500.jpg

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/en/direct/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.244 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-244.deploy.static.akamaitechnologies.com

Software

Resource Hash

9b7cfcc346a0ff3d82e36266374c1d8830e8dbadc433595b39885910f85bb4ba

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .aviva.ca .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com .pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' .aviva.ca cdn.aviva.com .adobedtm.com .amazon.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com .cookielaw.org ajax.aspnetcdn.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com fonts.googleapis.com; connect-src 'self' .amazon.com cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .cookielaw.org .linkedin.com .reddit.com .redditstatic.com .onetrust.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .amazon .aviva.ca .pardot.com; frame-ancestors https://.aviva.ca
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/direct/

Response headers

etag: "167c8-601640cbdf6e7"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Tue, 21 Oct 2025 13:49:12 GMT
date: Mon, 21 Oct 2024 13:49:12 GMT
last-modified: Wed, 26 Jul 2023 13:44:42 GMT
content-type: image/jpeg
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.aviva.ca *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com *.pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' *.aviva.ca cdn.aviva.com *.adobedtm.com *.amazon.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com *.cookielaw.org ajax.aspnetcdn.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com fonts.googleapis.com; connect-src 'self' *.amazon.com cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.cookielaw.org *.linkedin.com *.reddit.com *.redditstatic.com *.onetrust.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.amazon *.aviva.ca *.pardot.com; frame-ancestors https://*.aviva.ca
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 92104
x-xss-protection: 1; mode=block
x-edgeconnect-midmile-rtt: 0
x-edgeconnect-origin-mex-latency: 711

GET
H2 200 7-direct-editorial-500.$public_editorial_card$.jpg
www.aviva.ca/content/dam/aviva-public/ca/images/ 12 KB
13 KB 536ms
515ms Image
image/jpeg 23.9.178.244
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aviva.ca/content/dam/aviva-public/ca/images/7-direct-editorial-500.$public_editorial_card$.jpg?$public_editorial_card$

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/en/direct/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.244 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-244.deploy.static.akamaitechnologies.com

Software

Resource Hash

e321ac8433ed0c3c26b1e9f79dbf8626f86925cea2f1f0dc8302ad5ca9544466

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .aviva.ca .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com .pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' .aviva.ca cdn.aviva.com .adobedtm.com .amazon.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com .cookielaw.org ajax.aspnetcdn.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com fonts.googleapis.com; connect-src 'self' .amazon.com cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .cookielaw.org .linkedin.com .reddit.com .redditstatic.com .onetrust.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .amazon .aviva.ca .pardot.com; frame-ancestors https://.aviva.ca
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/direct/

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.aviva.ca *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com *.pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' *.aviva.ca cdn.aviva.com *.adobedtm.com *.amazon.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com *.cookielaw.org ajax.aspnetcdn.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com fonts.googleapis.com; connect-src 'self' *.amazon.com cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.cookielaw.org *.linkedin.com *.reddit.com *.redditstatic.com *.onetrust.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.amazon *.aviva.ca *.pardot.com; frame-ancestors https://*.aviva.ca
cache-control: max-age=31536000
etag: "308a-60164385405e7"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Tue, 21 Oct 2025 13:49:11 GMT
accept-ranges: bytes
content-length: 12426
x-xss-protection: 1; mode=block
date: Mon, 21 Oct 2024 13:49:11 GMT
last-modified: Wed, 26 Jul 2023 13:56:53 GMT
content-type: image/jpeg
x-frame-options: SAMEORIGIN

GET
H2 200 2-direct-editorial-500.$public_editorial_card$.jpg
www.aviva.ca/content/dam/aviva-public/ca/images/ 18 KB
19 KB 989ms
969ms Image
image/jpeg 23.9.178.244
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aviva.ca/content/dam/aviva-public/ca/images/2-direct-editorial-500.$public_editorial_card$.jpg?$public_editorial_card$

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/en/direct/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.244 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-244.deploy.static.akamaitechnologies.com

Software

Resource Hash

cf850a5f181892d87d9660e33275fc46c0094b9b6428b8e4b1f93a16518cd7e7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .aviva.ca .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com .pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' .aviva.ca cdn.aviva.com .adobedtm.com .amazon.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com .cookielaw.org ajax.aspnetcdn.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com fonts.googleapis.com; connect-src 'self' .amazon.com cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .cookielaw.org .linkedin.com .reddit.com .redditstatic.com .onetrust.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .amazon .aviva.ca .pardot.com; frame-ancestors https://.aviva.ca
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/direct/

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.aviva.ca *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com *.pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' *.aviva.ca cdn.aviva.com *.adobedtm.com *.amazon.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com *.cookielaw.org ajax.aspnetcdn.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com fonts.googleapis.com; connect-src 'self' *.amazon.com cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.cookielaw.org *.linkedin.com *.reddit.com *.redditstatic.com *.onetrust.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.amazon *.aviva.ca *.pardot.com; frame-ancestors https://*.aviva.ca
cache-control: max-age=31536000
etag: "466c-601640cbe7fa1"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Tue, 21 Oct 2025 13:49:12 GMT
accept-ranges: bytes
content-length: 18028
x-xss-protection: 1; mode=block
date: Mon, 21 Oct 2024 13:49:12 GMT
last-modified: Wed, 26 Jul 2023 13:44:42 GMT
content-type: image/jpeg
x-frame-options: SAMEORIGIN

GET
H2 200 3-direct-editorial-500.$public_editorial_card$.jpg
www.aviva.ca/content/dam/aviva-public/ca/images/ 14 KB
16 KB 534ms
514ms Image
image/jpeg 23.9.178.244
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aviva.ca/content/dam/aviva-public/ca/images/3-direct-editorial-500.$public_editorial_card$.jpg?$public_editorial_card$

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/en/direct/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.244 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-244.deploy.static.akamaitechnologies.com

Software

Resource Hash

fd72079e85de3d4af8217c8eecc5c32cec3e04ce713eb342cda01a0e68220287

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .aviva.ca .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com .pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' .aviva.ca cdn.aviva.com .adobedtm.com .amazon.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com .cookielaw.org ajax.aspnetcdn.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com fonts.googleapis.com; connect-src 'self' .amazon.com cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .cookielaw.org .linkedin.com .reddit.com .redditstatic.com .onetrust.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .amazon .aviva.ca .pardot.com; frame-ancestors https://.aviva.ca
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/direct/

Response headers

etag: "3984-601640cc10f5d"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Tue, 21 Oct 2025 13:49:11 GMT
date: Mon, 21 Oct 2024 13:49:11 GMT
last-modified: Wed, 26 Jul 2023 13:44:42 GMT
content-type: image/jpeg
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.aviva.ca *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com *.pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' *.aviva.ca cdn.aviva.com *.adobedtm.com *.amazon.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com *.cookielaw.org ajax.aspnetcdn.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com fonts.googleapis.com; connect-src 'self' *.amazon.com cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.cookielaw.org *.linkedin.com *.reddit.com *.redditstatic.com *.onetrust.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.amazon *.aviva.ca *.pardot.com; frame-ancestors https://*.aviva.ca
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 14724
x-xss-protection: 1; mode=block
x-edgeconnect-midmile-rtt: 0, 0
x-edgeconnect-origin-mex-latency: 236, 225

GET
H2 200 Badge-Equite-Blue-EN.png
www.aviva.ca/content/dam/aviva-public/logos/ 20 KB
21 KB 336ms
316ms Image
image/png 23.9.178.244
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aviva.ca/content/dam/aviva-public/logos/Badge-Equite-Blue-EN.png

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/en/direct/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.244 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-244.deploy.static.akamaitechnologies.com

Software

Resource Hash

4976976fa8ab2959946c4e96a275554f099d6c5968633506febe65f1e630d522

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .five9.com .amazon-adsystem.com .facebook.com .pinterest.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com; script-src 'self' 'unsafe-inline' cdn.aviva.com .adobedtm.com .pinimg.com .amazon-adsystem.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .redditstatic.com .teads.tv .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com; connect-src 'self' cdn.aviva.com .amazon-adsystem.com .mktoresp.com .google.com .google-analytics.com .pinterest.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .teads.tv .redditstatic.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/direct/

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.five9.com *.amazon-adsystem.com *.facebook.com *.pinterest.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com; script-src 'self' 'unsafe-inline' cdn.aviva.com *.adobedtm.com *.pinimg.com *.amazon-adsystem.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.redditstatic.com *.teads.tv *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com; connect-src 'self' cdn.aviva.com *.amazon-adsystem.com *.mktoresp.com *.google.com *.google-analytics.com *.pinterest.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.teads.tv *.redditstatic.com
cache-control: max-age=31536000
etag: "5090-5d12f2cdc48b0"
x-content-type-options: nosniff
expires: Tue, 21 Oct 2025 13:49:11 GMT
accept-ranges: bytes
content-length: 20624
x-xss-protection: 1; mode=block
date: Mon, 21 Oct 2024 13:49:11 GMT
last-modified: Sat, 20 Nov 2021 02:30:29 GMT
content-type: image/png
x-edgeconnect-midmile-rtt: 0
x-edgeconnect-origin-mex-latency: 89
x-frame-options: SAMEORIGIN

GET
H2 200 init.js Show response
www.aviva.ca/etc/designs/aviva/clientlibs/uk/ 21 KB
5 KB 336ms
318ms Script
text/javascript 23.9.178.244
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aviva.ca/etc/designs/aviva/clientlibs/uk/init.js?v=2024.09.05-2

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/en/direct/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.244 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-244.deploy.static.akamaitechnologies.com

Software

Resource Hash

d92d857d4df200abcc14acee55662de41d428cf2f1c453461ab45e86d31ef413

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .aviva.ca .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com .pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' .aviva.ca cdn.aviva.com .adobedtm.com .amazon.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com .cookielaw.org ajax.aspnetcdn.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com fonts.googleapis.com; connect-src 'self' .amazon.com cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .cookielaw.org .linkedin.com .reddit.com .redditstatic.com .onetrust.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .amazon .aviva.ca .pardot.com; frame-ancestors https://.aviva.ca
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/direct/

Response headers

content-encoding: gzip
etag: W/"55ef-6216a192850dc"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Mon, 21 Oct 2024 13:49:18 GMT
date: Mon, 21 Oct 2024 13:49:11 GMT
last-modified: Fri, 06 Sep 2024 02:23:52 GMT
content-type: text/javascript
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.aviva.ca *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com *.pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' *.aviva.ca cdn.aviva.com *.adobedtm.com *.amazon.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com *.cookielaw.org ajax.aspnetcdn.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com fonts.googleapis.com; connect-src 'self' *.amazon.com cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.cookielaw.org *.linkedin.com *.reddit.com *.redditstatic.com *.onetrust.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.amazon *.aviva.ca *.pardot.com; frame-ancestors https://*.aviva.ca
cache-control: max-age=7
accept-ranges: bytes
content-length: 4105
x-xss-protection: 1; mode=block

GET
H2 200 faf19e2c-ab6d-4025-8008-ae2cb4580072.json Show response
cdn.cookielaw.org/consent/faf19e2c-ab6d-4025-8008-ae2cb4580072/ 4 KB
2 KB 152ms
15ms XHR
application/json 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/faf19e2c-ab6d-4025-8008-ae2cb4580072/faf19e2c-ab6d-4025-8008-ae2cb4580072.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24cd6f5b8656917eab7cdad902ad419e0148756c448f304353e7871db252c4f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

content-md5: 0mpIPDroO1mIfhx+F1KdGQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
cf-cache-status: HIT
etag: 0x8DCC5E17085E2C8
age: 79340
x-ms-lease-status: unlocked
x-content-type-options: nosniff
x-ms-version: 2009-09-19
expires: Tue, 22 Oct 2024 13:49:11 GMT
date: Mon, 21 Oct 2024 13:49:11 GMT
content-type: application/json
last-modified: Mon, 26 Aug 2024 15:12:02 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin, cross-origin
x-ms-request-id: 5a2ed972-101e-00f6-7aca-f7b49c000000
cf-ray: 8d61b59fc855a2b2-YUL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1662
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 print.css
cdn.aviva.com/static/core/v.3.3.0/css/ 12 KB
3 KB 104ms
81ms Stylesheet
text/css 23.9.178.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/css/print.css

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/en/direct/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.162 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

613f291a3ea06249a168b73652318eca603b5b9a7c933bf08feb2458a00abaf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
content-encoding: gzip
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Wed, 20 Nov 2024 13:49:11 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2534
date: Mon, 21 Oct 2024 13:49:11 GMT
content-type: text/css
last-modified: Mon, 24 May 2021 15:46:45 GMT
vary: Accept-Encoding

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
295 B 200ms
35ms XHR
application/json 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db0da7efe3ac5fc9e598f71e291326f137ea7bbbf97fed4fee0e86b717b0d9a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
accept: application/json
Referer: https://www.aviva.ca/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
access-control-allow-methods: GET, OPTIONS
cf-ray: 8d61b5a13de0a296-YUL
access-control-allow-origin: *
date: Mon, 21 Oct 2024 13:49:11 GMT
content-type: application/json
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: Content-Type

GET
H2 200 CA.png
cdn.aviva.com/static/core/v.3.3.0/images/icons/flags/small/ 822 B
1015 B 103ms
35ms Image
image/png 23.9.178.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/images/icons/flags/small/CA.png

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.162 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

d22ba65430ce6ee971c19978dff9a95f23a1b31fdd676e9b801ad5812a797703

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split.css

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Wed, 20 Nov 2024 13:49:11 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 822
date: Mon, 21 Oct 2024 13:49:11 GMT
content-type: image/png
last-modified: Mon, 24 May 2021 15:46:45 GMT

GET
H2 200 notification-warning.png
cdn.aviva.com/static/core/v.3.3.0/images/icons/ 143 B
337 B 100ms
34ms Image
image/png 23.9.178.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/images/icons/notification-warning.png

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.162 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

4e5e155d17ad05a6e38823b3afb7d4fb1bb1c6c1aca70cc0e482fa4c8f941079

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split.css

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Wed, 20 Nov 2024 13:49:11 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 143
date: Mon, 21 Oct 2024 13:49:11 GMT
content-type: image/png
last-modified: Mon, 24 May 2021 15:46:45 GMT

GET
H2 200 list-unordered.png
cdn.aviva.com/static/core/v.3.3.0/images/icons/sprites/ 2 KB
2 KB 99ms
34ms Image
image/png 23.9.178.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/images/icons/sprites/list-unordered.png

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split2.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.162 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

e8790e50c08d56261ed4900e7282adc4451eb4f34b677ae444d9177c6c2f652c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split2.css

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Wed, 20 Nov 2024 13:49:11 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2191
date: Mon, 21 Oct 2024 13:49:11 GMT
content-type: image/png
last-modified: Mon, 24 May 2021 15:46:45 GMT

GET
H2 200 modal-photo-bg.jpg
www.aviva.ca/content/dam/aviva-public/ca/quote/ 29 KB
31 KB 757ms
681ms Image
image/jpeg 23.9.178.244
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aviva.ca/content/dam/aviva-public/ca/quote/modal-photo-bg.jpg

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/en/direct/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.244 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-244.deploy.static.akamaitechnologies.com

Software

Resource Hash

ef640470ded5f3fcab2c29ab75dad29e4761df60663f7a50829bb010cde0f08a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com; script-src 'self' 'unsafe-inline' cdn.aviva.com .adobedtm.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com; connect-src 'self' cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com *.oribi.io
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/direct/

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com; script-src 'self' 'unsafe-inline' cdn.aviva.com *.adobedtm.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com; connect-src 'self' cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io
cache-control: max-age=31536000
etag: "7556-5cc14e5dbee26"
x-content-type-options: nosniff
expires: Tue, 21 Oct 2025 13:49:11 GMT
accept-ranges: bytes
content-length: 30038
x-xss-protection: 1; mode=block
date: Mon, 21 Oct 2024 13:49:11 GMT
last-modified: Thu, 16 Sep 2021 04:03:31 GMT
content-type: image/jpeg
x-edgeconnect-midmile-rtt: 0, 0, 0, 13, 0, 0, 7, 0
x-edgeconnect-origin-mex-latency: 706, 242, 773, 232, 247, 265, 1054, 1051
x-frame-options: SAMEORIGIN

GET
H2 200 external-link.png
cdn.aviva.com/static/core/v.3.3.0/images/icons/sprites/ 296 B
490 B 90ms
35ms Image
image/png 23.9.178.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/images/icons/sprites/external-link.png

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split1.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.162 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

ef62b1cd6c0c08e5207dd9aac5ae16be906b30b07272d3442aa5b6d229a4e4bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split1.css

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Wed, 20 Nov 2024 13:49:11 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 296
date: Mon, 21 Oct 2024 13:49:11 GMT
content-type: image/png
last-modified: Mon, 24 May 2021 15:46:45 GMT

GET
H2 200 facebook-sprite.png
cdn.aviva.com/static/core/v.3.3.0/images/icons/social/ 687 B
881 B 111ms
39ms Image
image/png 23.9.178.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/images/icons/social/facebook-sprite.png

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split2.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.162 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

14c2fa6095807c2d3f99a94c89c152d3fad5a9850d5a473fa20b9f086823a922

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split2.css

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Wed, 20 Nov 2024 13:49:11 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 687
date: Mon, 21 Oct 2024 13:49:11 GMT
content-type: image/png
last-modified: Mon, 24 May 2021 15:46:45 GMT

GET
H2 200 twitter-sprite.png
cdn.aviva.com/static/core/v.3.3.0/images/icons/social/ 2 KB
2 KB 136ms
64ms Image
image/png 23.9.178.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/images/icons/social/twitter-sprite.png

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split2.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.162 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

8f234e9965637f671774c12515e3837f16b5b62a4ec26e60d69eca5d3c288d13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split2.css

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Wed, 20 Nov 2024 13:49:11 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1663
date: Mon, 21 Oct 2024 13:49:11 GMT
content-type: image/png
last-modified: Mon, 24 May 2021 15:46:45 GMT

GET
H2 200 linkedin-sprite.png
cdn.aviva.com/static/core/v.3.3.0/images/icons/social/ 861 B
1 KB 136ms
65ms Image
image/png 23.9.178.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/images/icons/social/linkedin-sprite.png

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split2.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.162 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

1898973c6fd7b6de48334fd7f747bf5910d2d0928bacdf309a832caa8bc61bc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split2.css

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Wed, 20 Nov 2024 13:49:11 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 861
date: Mon, 21 Oct 2024 13:49:11 GMT
content-type: image/png
last-modified: Mon, 24 May 2021 15:46:45 GMT

GET
H2 200 youtube-sprite.png
cdn.aviva.com/static/core/v.3.3.0/images/icons/social/ 1 KB
2 KB 135ms
65ms Image
image/png 23.9.178.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/images/icons/social/youtube-sprite.png

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split2.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.162 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

6b7940f2febd9b5356fe2aebfaca02088451d50d5c6bc962381ba1f478da83f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split2.css

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Wed, 20 Nov 2024 13:49:11 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1438
date: Mon, 21 Oct 2024 13:49:11 GMT
content-type: image/png
last-modified: Mon, 24 May 2021 15:46:45 GMT

GET
H2 200 sourcesanspro-bold-webfont-base.woff2
cdn.aviva.com/static/core/v.4.13.0/fonts/ 21 KB
22 KB 196ms
56ms Font
font/woff2 23.9.178.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.aviva.com/static/core/v.4.13.0/fonts/sourcesanspro-bold-webfont-base.woff2

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/etc/designs/aviva/clientlibs/uk/global-overrides.css?v=2024.09.05-2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.162 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

bd96e065b03bcab321ce111a63b368f08b25217115ee67a1827219b7ba2ebab0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.aviva.ca
Referer: https://www.aviva.ca/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
etag: "53cb2e671d745cb67e65ee87e2123733:1621871240.776168"
expires: Wed, 20 Nov 2024 13:49:11 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 21804
date: Mon, 21 Oct 2024 13:49:11 GMT
content-type: font/woff2
last-modified: Mon, 24 May 2021 15:47:20 GMT

GET
H2 200 sourcesanspro-light-webfont-base.woff2
cdn.aviva.com/static/core/v.4.13.0/fonts/ 21 KB
22 KB 185ms
45ms Font
font/woff2 23.9.178.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.aviva.com/static/core/v.4.13.0/fonts/sourcesanspro-light-webfont-base.woff2

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/etc/designs/aviva/clientlibs/uk/global-overrides.css?v=2024.09.05-2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.162 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

12c10e573781b8bd6a19e60bb756ea0dcc768eca8a7e256384bd5fbe29a61e0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.aviva.ca
Referer: https://www.aviva.ca/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
etag: "53cb2e671d745cb67e65ee87e2123733:1621871240.776168"
expires: Wed, 20 Nov 2024 13:49:11 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 21828
date: Mon, 21 Oct 2024 13:49:11 GMT
content-type: font/woff2
last-modified: Mon, 24 May 2021 15:47:20 GMT

GET
H2 200 sourcesanspro-regular-webfont-base.woff2
cdn.aviva.com/static/core/v.4.13.0/fonts/ 22 KB
22 KB 218ms
78ms Font
font/woff2 23.9.178.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.aviva.com/static/core/v.4.13.0/fonts/sourcesanspro-regular-webfont-base.woff2

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/etc/designs/aviva/clientlibs/uk/global-overrides.css?v=2024.09.05-2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.162 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

c299052a00248b1cd445299d869b8025dd3108f601a986d3f56399c33d0a5039

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.aviva.ca
Referer: https://www.aviva.ca/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
etag: "53cb2e671d745cb67e65ee87e2123733:1621871240.776168"
expires: Wed, 20 Nov 2024 13:49:11 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 22288
date: Mon, 21 Oct 2024 13:49:11 GMT
content-type: font/woff2
last-modified: Mon, 24 May 2021 15:47:20 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202407.2.0/ 452 KB
110 KB 86ms
12ms Script
application/javascript 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202407.2.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb60550070f9a5ce5d91b9cb0d34ee6777a3dcb25de950cb185d1c2b624b2590

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

content-md5: btqcTGGxKzfJ1KoWzOA9vQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCBD61B7AC59A0
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 69673
x-content-type-options: nosniff
date: Mon, 21 Oct 2024 13:49:11 GMT
content-type: application/javascript
last-modified: Thu, 15 Aug 2024 19:37:37 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: c284c536-001e-0084-49f8-1fc5a2000000
cf-ray: 8d61b5a288b5a2af-YUL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 112185
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 dropdown.png
cdn.aviva.com/static/core/v.3.3.0/images/icons/sprites/ 945 B
1 KB 217ms
154ms Image
image/png 23.9.178.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/images/icons/sprites/dropdown.png

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split2.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.162 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

ccc886ecf317012e82fbca6129a17462af04d4fb51d4e1b5e32977e639c2f685

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split2.css

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Wed, 20 Nov 2024 13:49:11 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 945
date: Mon, 21 Oct 2024 13:49:11 GMT
content-type: image/png
last-modified: Mon, 24 May 2021 15:46:45 GMT

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d554361630709572f4c9e33d02ca5ae56275756099a62195513017a0421f73c2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 157 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H2 200 require.js Show response
cdn.aviva.com/static/core/v.3.3.0/js//vendor/core/ 17 KB
6 KB 61ms
59ms Script
application/x-javascript 23.9.178.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/js//vendor/core/require.js

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/etc/designs/aviva/clientlibs/uk/init.js?v=2024.09.05-2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.162 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

434eaf54c6a1bf62181a2f7a37f5f2539f60d116dcf9a0e4bbcb732688965138

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
content-encoding: gzip
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Wed, 20 Nov 2024 13:49:11 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6420
date: Mon, 21 Oct 2024 13:49:11 GMT
content-type: application/x-javascript
last-modified: Mon, 24 May 2021 15:46:45 GMT
vary: Accept-Encoding

GET
H2 200 en-ca.json Show response
cdn.cookielaw.org/consent/faf19e2c-ab6d-4025-8008-ae2cb4580072/018f8202-840e-7b63-8111-8dec7c6edcba/ 80 KB
18 KB 56ms
55ms Fetch
application/json 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/faf19e2c-ab6d-4025-8008-ae2cb4580072/018f8202-840e-7b63-8111-8dec7c6edcba/en-ca.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202407.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e3b43082dfbff5371f6906e86e44ce86999eb0ccae3bb992135b6abb37ae11d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

content-md5: kf8ZUXy797U/EXaXvh002A==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
cf-cache-status: HIT
etag: 0x8DCC5E16FD66AE9
age: 60229
x-ms-lease-status: unlocked
x-content-type-options: nosniff
x-ms-version: 2009-09-19
expires: Tue, 22 Oct 2024 13:49:11 GMT
date: Mon, 21 Oct 2024 13:49:11 GMT
content-type: application/json
last-modified: Mon, 26 Aug 2024 15:12:01 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin, cross-origin
x-ms-request-id: 34459da3-b01e-001e-74ca-f74967000000
cf-ray: 8d61b5a4ae13a2b2-YUL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18134
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 CA.svg
cdn.aviva.com/static/core/v.3.3.0/images/icons/flags/large/ 1 KB
765 B 63ms
62ms Image
image/svg+xml 23.9.178.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/images/icons/flags/large/CA.svg

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.162 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

b2a3ac010fb6da012d414ff4d2aef937835561686229ed979e418fcabae5d46c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split.css

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
content-encoding: gzip
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Wed, 20 Nov 2024 13:49:11 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 547
date: Mon, 21 Oct 2024 13:49:11 GMT
content-type: image/svg+xml
last-modified: Mon, 24 May 2021 15:46:45 GMT
vary: Accept-Encoding

GET
H2 200 aviva-logo.svg
cdn.aviva.com/static/core/v.3.3.0/images/logo/ 7 KB
0 1ms
1ms Image
image/svg+xml 23.9.178.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.aviva.com/static/core/v.3.3.0/images/logo/aviva-logo.svg
Requested by: Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.9.178.162 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-9-178-162.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4c619c1235dc58e0c64cf814dd6d74fd4b12e36eb6a1a0055b3c8b834af66b68

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split.css

Response headers

cache-control: max-age=2592000
content-encoding: gzip
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Wed, 20 Nov 2024 13:49:10 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1648
date: Mon, 21 Oct 2024 13:49:10 GMT
content-type: image/svg+xml
last-modified: Mon, 24 May 2021 15:46:45 GMT
vary: Accept-Encoding

GET
H2 200 list-unordered.svg
cdn.aviva.com/static/core/v.3.3.0/images/icons/sprites/ 3 KB
1 KB 62ms
61ms Image
image/svg+xml 23.9.178.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/images/icons/sprites/list-unordered.svg

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split2.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.162 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

c9f6483374942b7e0d19ffa02fbd999069906eaedadae5602b63d538b4d0add1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split2.css

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
content-encoding: gzip
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Wed, 20 Nov 2024 13:49:11 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 813
date: Mon, 21 Oct 2024 13:49:11 GMT
content-type: image/svg+xml
last-modified: Mon, 24 May 2021 15:46:45 GMT
vary: Accept-Encoding

GET
H2 200 external-link.svg
cdn.aviva.com/static/core/v.3.3.0/images/icons/sprites/ 2 KB
695 B 63ms
54ms Image
image/svg+xml 23.9.178.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/images/icons/sprites/external-link.svg

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split1.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.162 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

5214f0b12f6d038f35a061b40c6f36fc8c329d2d21d3fb1c9ecee8d3b9568c7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split1.css

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
content-encoding: gzip
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Wed, 20 Nov 2024 13:49:11 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 477
date: Mon, 21 Oct 2024 13:49:11 GMT
content-type: image/svg+xml
last-modified: Mon, 24 May 2021 15:46:45 GMT
vary: Accept-Encoding

GET
H2 200 facebook-sprite.svg
cdn.aviva.com/static/core/v.3.3.0/images/icons/social/ 1 KB
596 B 63ms
55ms Image
image/svg+xml 23.9.178.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/images/icons/social/facebook-sprite.svg

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split2.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.162 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

40a10f09c8ae7b2a8c83091589cb1522fd817fd464dd1d5b9570abf702acd499

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split2.css

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
content-encoding: gzip
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Wed, 20 Nov 2024 13:49:11 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 378
date: Mon, 21 Oct 2024 13:49:11 GMT
content-type: image/svg+xml
last-modified: Mon, 24 May 2021 15:46:45 GMT
vary: Accept-Encoding

GET
H2 200 twitter-sprite.svg
cdn.aviva.com/static/core/v.3.3.0/images/icons/social/ 2 KB
804 B 63ms
57ms Image
image/svg+xml 23.9.178.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/images/icons/social/twitter-sprite.svg

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split2.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.162 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

115712ec33924a79d72a3a4cdb32d02c98cc445528e6aa247d6dc589fb3d67a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split2.css

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
content-encoding: gzip
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Wed, 20 Nov 2024 13:49:11 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 586
date: Mon, 21 Oct 2024 13:49:11 GMT
content-type: image/svg+xml
last-modified: Mon, 24 May 2021 15:46:45 GMT
vary: Accept-Encoding

GET
H2 200 linkedin-sprite.svg
cdn.aviva.com/static/core/v.3.3.0/images/icons/social/ 1 KB
705 B 64ms
57ms Image
image/svg+xml 23.9.178.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/images/icons/social/linkedin-sprite.svg

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split2.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.162 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

41673777ea627ad546f0aa6263387040017fc2c105558e24bbba276f1e871044

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split2.css

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
content-encoding: gzip
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Wed, 20 Nov 2024 13:49:11 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 487
date: Mon, 21 Oct 2024 13:49:11 GMT
content-type: image/svg+xml
last-modified: Mon, 24 May 2021 15:46:45 GMT
vary: Accept-Encoding

GET
H2 200 youtube-sprite.svg
cdn.aviva.com/static/core/v.3.3.0/images/icons/social/ 1 KB
865 B 62ms
57ms Image
image/svg+xml 23.9.178.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/images/icons/social/youtube-sprite.svg

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split2.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.162 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

194d7dc861a0f86e5b3ea21f2fb19fa108c6f9ff034f6bad8341d826262d3dc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split2.css

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
content-encoding: gzip
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Wed, 20 Nov 2024 13:49:11 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 647
date: Mon, 21 Oct 2024 13:49:11 GMT
content-type: image/svg+xml
last-modified: Mon, 24 May 2021 15:46:45 GMT
vary: Accept-Encoding

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPe51f9b26f7c243dfa8d1d3ea2bf16f5f/ 34 KB
12 KB 38ms
29ms Script
application/x-javascript 2600:1408:ec00:88a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPe51f9b26f7c243dfa8d1d3ea2bf16f5f/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cb3f8d042d56/2daa76811d16/launch-76e68f2dde59.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:ec00:88a::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 6b470a5ec92399b5420afa5e81b07fe400eeb24c317d911ce76aabcf7e02db39

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

cache-control: no-cache
timing-allow-origin: *
content-encoding: gzip
etag: "ade220db70aa3259d42f32d039757920:1689673134.025267"
expires: Mon, 21 Oct 2024 14:49:11 GMT
accept-ranges: bytes
access-control-allow-origin: https://www.aviva.ca
content-length: 12463
date: Mon, 21 Oct 2024 13:49:11 GMT
content-type: application/x-javascript
last-modified: Tue, 18 Jul 2023 09:38:54 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EPe51f9b26f7c243dfa8d1d3ea2bf16f5f/ 3 KB
2 KB 40ms
31ms Script
application/x-javascript 2600:1408:ec00:88a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPe51f9b26f7c243dfa8d1d3ea2bf16f5f/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cb3f8d042d56/2daa76811d16/launch-76e68f2dde59.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:ec00:88a::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 2f12bf7ca8e0bc82ac4634c7f6b5d9cd3b260ec31c2ec76d2db01d983770cf48

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

cache-control: no-cache
timing-allow-origin: *
content-encoding: gzip
etag: "051ec0e10d7fb5b48a8bf326aa3a7442:1689673134.518239"
expires: Mon, 21 Oct 2024 14:49:11 GMT
accept-ranges: bytes
access-control-allow-origin: https://www.aviva.ca
content-length: 1597
date: Mon, 21 Oct 2024 13:49:11 GMT
content-type: application/x-javascript
last-modified: Tue, 18 Jul 2023 09:38:54 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 227 KB
58 KB 92ms
51ms Script
application/x-javascript 157.240.229.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cb3f8d042d56/2daa76811d16/launch-76e68f2dde59.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-iad3.fbcdn.net

Software

Resource Hash

f4cfd4a5b95dfb31c47cd567d9719fc12a0453f6ff27e2872147a9740e4b9e56

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'unsafe-inline' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 21 Oct 2024 13:49:11 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=23, mss=1232, tbw=4439, tp=9, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: M8K43iTNESWkzsV7mj1/sLxENP9OHEMMM8OGAxTCE4Udu7+MEejGNpLq5Gps5jXMvS1g07VA+XMBgyd+103yUg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 59352
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 RC644ce76735ee4d04a83a5de238659fc2-source.min.js Show response
assets.adobedtm.com/cb3f8d042d56/2daa76811d16/697fc558228c/ 867 B
678 B 31ms
29ms Script
application/x-javascript 2600:1408:ec00:88a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/cb3f8d042d56/2daa76811d16/697fc558228c/RC644ce76735ee4d04a83a5de238659fc2-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cb3f8d042d56/2daa76811d16/launch-76e68f2dde59.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:ec00:88a::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 33797800b62023f90d04fecee08d31e963558c78ebfe4a91609b4ca39d0ce003

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

cache-control: max-age=3600
timing-allow-origin: *
content-encoding: gzip
etag: "fb843bc8d9fdf1e17cba964ea51475a4:1727805707.496575"
expires: Mon, 21 Oct 2024 14:49:12 GMT
accept-ranges: bytes
access-control-allow-origin: https://www.aviva.ca
content-length: 423
date: Mon, 21 Oct 2024 13:49:12 GMT
content-type: application/x-javascript
last-modified: Tue, 01 Oct 2024 18:01:47 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/202407.2.0/assets/ 13 KB
3 KB 41ms
39ms Fetch
application/json 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202407.2.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202407.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d890abf66010907c7a0a61236d25c3c98bcb7edec34b13dc887f5be122bfef7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

content-md5: HFRQn1JrLTlh4Ku3smscgQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCBD61B424DE74
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 79340
x-content-type-options: nosniff
date: Mon, 21 Oct 2024 13:49:12 GMT
content-type: application/json
last-modified: Thu, 15 Aug 2024 19:37:31 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: c7f0db4e-801e-001d-1eca-f74a60000000
cf-ray: 8d61b5a63f95a2b2-YUL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3003
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/202407.2.0/assets/v2/ 62 KB
13 KB 35ms
34ms Fetch
application/json 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202407.2.0/assets/v2/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202407.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7dbc72c3f0511495fdf45d42283a246613db44b0906199cef195a773068d822f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

content-md5: gHD/hbq7+H1F/GSzLFMxSw==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCBD61B56E6320
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 79340
x-content-type-options: nosniff
date: Mon, 21 Oct 2024 13:49:12 GMT
content-type: application/json
last-modified: Thu, 15 Aug 2024 19:37:33 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 2a563851-a01e-000a-73ca-f78a03000000
cf-ray: 8d61b5a63f96a2b2-YUL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 12723
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otCookieSettingsButton.json Show response
cdn.cookielaw.org/scripttemplates/202407.2.0/assets/ 5 KB
2 KB 33ms
32ms Fetch
application/json 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202407.2.0/assets/otCookieSettingsButton.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202407.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fb7c176325267082e94a7131fed5e157516e6805cee3ac6f6a93340a947d640

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

content-md5: O3m9h96R8jrQiO6UBOWOVA==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCBD61B52A5384
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 79340
x-content-type-options: nosniff
date: Mon, 21 Oct 2024 13:49:12 GMT
content-type: application/json
last-modified: Thu, 15 Aug 2024 19:37:32 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 8212ddcf-501e-0050-55ca-f78c82000000
cf-ray: 8d61b5a63f97a2b2-YUL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1738
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202407.2.0/assets/ 24 KB
4 KB 32ms
31ms Fetch
text/css 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202407.2.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202407.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c2092048f21074425f3e025db78fb6505f75d6fcf2e121ced055c8d53bcb1b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

content-md5: HyPJ72TNHxdfOI82cqKVqA==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 79340
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 21 Oct 2024 13:49:12 GMT
content-type: text/css
last-modified: Thu, 15 Aug 2024 19:37:41 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 85244194-001e-008f-12ca-f7ddd6000000
cf-ray: 8d61b5a63f98a2b2-YUL
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 main.js Show response
cdn.aviva.com/static/core/v.3.3.0/js/ 3 KB
2 KB 45ms
44ms Script
application/x-javascript 23.9.178.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/js/main.js

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/js//vendor/core/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.162 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

9c1cc3bc24ad3b897132b6891f3f119c44b9198aa893a971e56195bc21325b3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
content-encoding: gzip
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Wed, 20 Nov 2024 13:49:12 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1365
date: Mon, 21 Oct 2024 13:49:12 GMT
content-type: application/x-javascript
last-modified: Mon, 24 May 2021 15:46:45 GMT
vary: Accept-Encoding

GET
H3 200 217092132896024 Show response
connect.facebook.net/signals/config/ 74 KB
15 KB 40ms
40ms Script
application/x-javascript 157.240.229.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/217092132896024?v=2.9.172&r=stable&domain=www.aviva.ca&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C28%2C82%2C87%2C47%2C46%2C86%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-iad3.fbcdn.net

Software

Resource Hash

8c17464aecc823437211c39bc8ceee296097eff3f4756a1b9881072d51a644e0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'unsafe-inline' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 21 Oct 2024 13:49:12 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=30, rtx=0, c=74, mss=1232, tbw=67495, tp=64, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: i4Or9To/9L/MclWoFe3SgWheI7x//B0ilT0nCDf76ZiPW7zzpU4razZuX71Wb+dKHVWv+VNdV1gwLgyKRHED3w==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 15425
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H2 200 pixel_3c32a986 Show response
www.aviva.ca/akam/13/ 0
598 B 50ms
47ms XHR
text/html 23.9.178.244
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aviva.ca/akam/13/pixel_3c32a986

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/akam/13/3c32a986

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.244 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-244.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://www.aviva.ca/en/direct/

Response headers

strict-transport-security: max-age=31536000
content-length: 0
date: Mon, 21 Oct 2024 13:49:12 GMT
content-type: text/html

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
510 B 54ms
47ms Fetch
image/svg+xml 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202407.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

content-md5: tXyZydHjxQshFMbbBT1/8A==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 51157
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 21 Oct 2024 13:49:12 GMT
content-type: image/svg+xml
last-modified: Wed, 16 Oct 2024 06:37:42 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 5c2358f8-f01e-0074-2e2f-2015cc000000
cf-ray: 8d61b5a829c1a2b2-YUL
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 aviva_logo_white_bg_140x50._v2.png
cdn.cookielaw.org/logos/5f4e30eb-4e49-40d1-b745-d29c24e0b29f/4cc38684-ccb3-4465-82bf-13e51b3031fc/5aa7014f-e06a-475a-b26f-631558064085/ 4 KB
4 KB 38ms
34ms Image
mage/png 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/5f4e30eb-4e49-40d1-b745-d29c24e0b29f/4cc38684-ccb3-4465-82bf-13e51b3031fc/5aa7014f-e06a-475a-b26f-631558064085/aviva_logo_white_bg_140x50._v2.png

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/en/direct/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a07c979e9c0f6b9a5b1edcd198b9eda289e954533d9af5efb5036823fb07eb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

content-md5: 1FQVpBRCOy8vnnSZSi0A1Q==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DC2D7D3F140CD2
age: 73040
cf-cache-status: HIT
x-content-type-options: nosniff
date: Mon, 21 Oct 2024 13:49:12 GMT
content-type: mage/png
last-modified: Wed, 14 Feb 2024 16:51:53 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 44536c02-501e-0032-65ba-9439f4000000
cf-ray: 8d61b5a899e7a2af-YUL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4191
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 37ms
33ms Image
image/svg+xml 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/en/direct/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

content-md5: Y+c301RBZNK39PvKQWrIBw==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 73093
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 21 Oct 2024 13:49:12 GMT
content-type: image/svg+xml
last-modified: Wed, 16 Oct 2024 06:37:43 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 324d4739-a01e-00a0-6e98-1f5cec000000
cf-ray: 8d61b5a899e8a2af-YUL
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 sourcesanspro-semibold-webfont-base.woff2
cdn.aviva.com/static/core/v.4.13.0/fonts/ 21 KB
22 KB 47ms
46ms Font
font/woff2 23.9.178.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.aviva.com/static/core/v.4.13.0/fonts/sourcesanspro-semibold-webfont-base.woff2

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/etc/designs/aviva/clientlibs/uk/global-overrides.css?v=2024.09.05-2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.162 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

e0e26e82b402f297de0f13cdfe66c5de1a5559add19442dd26790cb9f00a8cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.aviva.ca
Referer: https://www.aviva.ca/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
etag: "53cb2e671d745cb67e65ee87e2123733:1621871240.776168"
expires: Wed, 20 Nov 2024 13:49:12 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 21988
date: Mon, 21 Oct 2024 13:49:12 GMT
content-type: font/woff2
last-modified: Mon, 24 May 2021 15:47:20 GMT

GET
H2 200 sourcesanspro-regular-webfont-extra.woff2
cdn.aviva.com/static/core/v.4.13.0/fonts/ 11 KB
11 KB 47ms
47ms Font
font/woff2 23.9.178.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.aviva.com/static/core/v.4.13.0/fonts/sourcesanspro-regular-webfont-extra.woff2

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/etc/designs/aviva/clientlibs/uk/global-overrides.css?v=2024.09.05-2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.162 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

29a7b39128e58a5b560363255f9dc14f5563833a4b8331c4df438b05dc0504bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.aviva.ca
Referer: https://www.aviva.ca/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
etag: "53cb2e671d745cb67e65ee87e2123733:1621871240.776168"
expires: Wed, 20 Nov 2024 13:49:12 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 11380
date: Mon, 21 Oct 2024 13:49:12 GMT
content-type: font/woff2
last-modified: Mon, 24 May 2021 15:47:20 GMT

GET
H2 200 sourcesanspro-bold-webfont-extra.woff2
cdn.aviva.com/static/core/v.4.13.0/fonts/ 11 KB
11 KB 50ms
50ms Font
font/woff2 23.9.178.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.aviva.com/static/core/v.4.13.0/fonts/sourcesanspro-bold-webfont-extra.woff2

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/etc/designs/aviva/clientlibs/uk/global-overrides.css?v=2024.09.05-2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.162 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

116ceea20a8d437e01a4f6de4200901f79f5b5541e711096ae8afe7466a03c2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.aviva.ca
Referer: https://www.aviva.ca/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
etag: "53cb2e671d745cb67e65ee87e2123733:1621871240.776168"
expires: Wed, 20 Nov 2024 13:49:12 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 11360
date: Mon, 21 Oct 2024 13:49:12 GMT
content-type: font/woff2
last-modified: Mon, 24 May 2021 15:47:20 GMT

GET
H2 200 sourcesanspro-light-webfont-extra.woff2
cdn.aviva.com/static/core/v.4.13.0/fonts/ 11 KB
11 KB 52ms
52ms Font
font/woff2 23.9.178.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.aviva.com/static/core/v.4.13.0/fonts/sourcesanspro-light-webfont-extra.woff2

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/etc/designs/aviva/clientlibs/uk/global-overrides.css?v=2024.09.05-2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.162 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

8e8d2f1c9ff36f06d7887b59a899deddaa597afa955fe9011f27848fa3b175e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.aviva.ca
Referer: https://www.aviva.ca/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
etag: "53cb2e671d745cb67e65ee87e2123733:1621871240.776168"
expires: Wed, 20 Nov 2024 13:49:12 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 10968
date: Mon, 21 Oct 2024 13:49:12 GMT
content-type: font/woff2
last-modified: Mon, 24 May 2021 15:47:20 GMT

GET
H2 200 jquery-3-7-0-min.js Show response
www.aviva.ca/etc/designs/aviva/clientlibs/uk/ 85 KB
31 KB 304ms
304ms Script
text/javascript 23.9.178.244
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aviva.ca/etc/designs/aviva/clientlibs/uk/jquery-3-7-0-min.js

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/js//vendor/core/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.244 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-244.deploy.static.akamaitechnologies.com

Software

Resource Hash

8f764efbb2cdb303e3019325d811225ead27d656f8b40390de427db1415dc56a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .aviva.ca .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com .pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' .aviva.ca cdn.aviva.com .adobedtm.com .amazon.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com .cookielaw.org ajax.aspnetcdn.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com fonts.googleapis.com; connect-src 'self' .amazon.com cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .cookielaw.org .linkedin.com .reddit.com .redditstatic.com .onetrust.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .amazon .aviva.ca .pardot.com; frame-ancestors https://.aviva.ca
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/direct/

Response headers

content-encoding: gzip
etag: W/"155a5-6216a1936be17"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Mon, 21 Oct 2024 13:50:07 GMT
date: Mon, 21 Oct 2024 13:49:12 GMT
last-modified: Fri, 06 Sep 2024 02:23:53 GMT
content-type: text/javascript
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.aviva.ca *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com *.pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' *.aviva.ca cdn.aviva.com *.adobedtm.com *.amazon.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com *.cookielaw.org ajax.aspnetcdn.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com fonts.googleapis.com; connect-src 'self' *.amazon.com cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.cookielaw.org *.linkedin.com *.reddit.com *.redditstatic.com *.onetrust.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.amazon *.aviva.ca *.pardot.com; frame-ancestors https://*.aviva.ca
cache-control: max-age=55
accept-ranges: bytes
content-length: 30383
x-xss-protection: 1; mode=block
x-edgeconnect-midmile-rtt: 0
x-edgeconnect-origin-mex-latency: 118

GET
H2 200 RC84ced9589a4b43708482e2d841cd98e4-source.min.js Show response
assets.adobedtm.com/cb3f8d042d56/2daa76811d16/697fc558228c/ 813 B
701 B 32ms
31ms Script
application/x-javascript 2600:1408:ec00:88a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/cb3f8d042d56/2daa76811d16/697fc558228c/RC84ced9589a4b43708482e2d841cd98e4-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cb3f8d042d56/2daa76811d16/launch-76e68f2dde59.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:ec00:88a::1e80 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 9387c06fc18f94fe9d7bf799a3026e1be9258ecbb6ae16c398ee9f51c6663a48

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

cache-control: max-age=3600
timing-allow-origin: *
content-encoding: gzip
etag: "fb843bc8d9fdf1e17cba964ea51475a4:1727805707.496575"
expires: Mon, 21 Oct 2024 14:49:12 GMT
accept-ranges: bytes
access-control-allow-origin: https://www.aviva.ca
content-length: 446
date: Mon, 21 Oct 2024 13:49:12 GMT
content-type: application/x-javascript
last-modified: Tue, 01 Oct 2024 18:01:47 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

GET
H2 200 block.js Show response
cdn.aviva.com/static/core/v.3.3.0/js/ 339 B
472 B 45ms
43ms Script
application/x-javascript 23.9.178.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/js/block.js

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/js//vendor/core/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.162 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

2448cbe428e1386ca469f3d900acab696f77d8cf70ed410b0dec8012dc33a7d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
content-encoding: gzip
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Wed, 20 Nov 2024 13:49:12 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 248
date: Mon, 21 Oct 2024 13:49:12 GMT
content-type: application/x-javascript
last-modified: Mon, 24 May 2021 15:46:45 GMT
vary: Accept-Encoding

GET
H2 200 o-masthead.js Show response
www.aviva.ca/etc/designs/aviva/clientlibs/uk/override/ 50 KB
10 KB 319ms
287ms Script
text/javascript 23.9.178.244
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aviva.ca/etc/designs/aviva/clientlibs/uk/override/o-masthead.js

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/js//vendor/core/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.244 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-244.deploy.static.akamaitechnologies.com

Software

Resource Hash

02f9a50da41909a431c5a6bc0136dfdb864d15395b950e7debd00e677dac71bd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .aviva.ca .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com .pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' .aviva.ca cdn.aviva.com .adobedtm.com .amazon.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com .cookielaw.org ajax.aspnetcdn.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com fonts.googleapis.com; connect-src 'self' .amazon.com cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .cookielaw.org .linkedin.com .reddit.com .redditstatic.com .onetrust.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .amazon .aviva.ca .pardot.com; frame-ancestors https://.aviva.ca
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/direct/

Response headers

content-encoding: gzip
etag: "c675-6216a272725dd"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Mon, 21 Oct 2024 13:50:13 GMT
date: Mon, 21 Oct 2024 13:49:13 GMT
last-modified: Fri, 06 Sep 2024 02:27:47 GMT
vary: Accept-Encoding
content-type: text/javascript
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.aviva.ca *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com *.pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' *.aviva.ca cdn.aviva.com *.adobedtm.com *.amazon.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com *.cookielaw.org ajax.aspnetcdn.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com fonts.googleapis.com; connect-src 'self' *.amazon.com cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.cookielaw.org *.linkedin.com *.reddit.com *.redditstatic.com *.onetrust.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.amazon *.aviva.ca *.pardot.com; frame-ancestors https://*.aviva.ca
cache-control: max-age=60
accept-ranges: bytes
content-length: 8534
x-xss-protection: 1; mode=block
x-edgeconnect-midmile-rtt: 0
x-edgeconnect-origin-mex-latency: 215

GET
H2 200 m-card-close.js Show response
cdn.aviva.com/static/core/v.3.3.0/js/blocks/ 552 B
591 B 67ms
36ms Script
application/x-javascript 23.9.178.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/js/blocks/m-card-close.js

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/js//vendor/core/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.162 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

738291574dbf7f2fec2f648b5ac9ca4ab1948c5842009d61ceb2c7667df9a843

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
content-encoding: gzip
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Wed, 20 Nov 2024 13:49:13 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 367
date: Mon, 21 Oct 2024 13:49:13 GMT
content-type: application/x-javascript
last-modified: Mon, 24 May 2021 15:46:45 GMT
vary: Accept-Encoding

GET
H2 200 objectfit.js Show response
cdn.aviva.com/static/core/v.3.3.0/js/blocks/ 814 B
648 B 80ms
50ms Script
application/x-javascript 23.9.178.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/js/blocks/objectfit.js

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/js//vendor/core/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.162 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

1d7054e43ce8b91430289349c993e84d41a8e0a7b60af38e7299524dab742785

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
content-encoding: gzip
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Wed, 20 Nov 2024 13:49:13 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 424
date: Mon, 21 Oct 2024 13:49:13 GMT
content-type: application/x-javascript
last-modified: Mon, 24 May 2021 15:46:45 GMT
vary: Accept-Encoding

GET
H2 200 favicon.ico
www.aviva.ca/etc/designs/aviva-public/images/ 3 KB
2 KB 548ms
518ms Other
image/vnd.microsoft.icon 23.9.178.244
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aviva.ca/etc/designs/aviva-public/images/favicon.ico?v=2021.02.19

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.244 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-244.deploy.static.akamaitechnologies.com

Software

Resource Hash

1e32181093bb9e29c8fc35663d11d42f4f71a8d98c2606d9e0d844aa479986ba

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .aviva.ca .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com .pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' .aviva.ca cdn.aviva.com .adobedtm.com .amazon.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com .cookielaw.org ajax.aspnetcdn.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com fonts.googleapis.com; connect-src 'self' .amazon.com cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .cookielaw.org .linkedin.com .reddit.com .redditstatic.com .onetrust.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .amazon .aviva.ca .pardot.com; frame-ancestors https://.aviva.ca
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/direct/

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.aviva.ca *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com *.pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' *.aviva.ca cdn.aviva.com *.adobedtm.com *.amazon.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com *.cookielaw.org ajax.aspnetcdn.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com fonts.googleapis.com; connect-src 'self' *.amazon.com cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.cookielaw.org *.linkedin.com *.reddit.com *.redditstatic.com *.onetrust.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.amazon *.aviva.ca *.pardot.com; frame-ancestors https://*.aviva.ca
content-encoding: gzip
etag: "cbe-6216a180dda7c"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 507
x-xss-protection: 1; mode=block
date: Mon, 21 Oct 2024 13:49:13 GMT
last-modified: Fri, 06 Sep 2024 02:23:34 GMT
content-type: image/vnd.microsoft.icon
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 m-tabs.js Show response
www.aviva.ca/etc/designs/aviva/clientlibs/uk/override/ 20 KB
5 KB 317ms
288ms Script
text/javascript 23.9.178.244
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aviva.ca/etc/designs/aviva/clientlibs/uk/override/m-tabs.js

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/js//vendor/core/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.244 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-244.deploy.static.akamaitechnologies.com

Software

Resource Hash

34219396e7eef00f45e86c0b18bbaf15f9da148802f7f4e8feeb68593daeb40a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .aviva.ca .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com .pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' .aviva.ca cdn.aviva.com .adobedtm.com .amazon.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com .cookielaw.org ajax.aspnetcdn.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com fonts.googleapis.com; connect-src 'self' .amazon.com cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .cookielaw.org .linkedin.com .reddit.com .redditstatic.com .onetrust.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .amazon .aviva.ca .pardot.com; frame-ancestors https://.aviva.ca
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/direct/

Response headers

content-encoding: gzip
etag: W/"4fd4-6216a29d150b7"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Mon, 21 Oct 2024 13:49:38 GMT
date: Mon, 21 Oct 2024 13:49:13 GMT
last-modified: Fri, 06 Sep 2024 02:28:32 GMT
vary: Accept-Encoding
content-type: text/javascript
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.aviva.ca *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com *.pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' *.aviva.ca cdn.aviva.com *.adobedtm.com *.amazon.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com *.cookielaw.org ajax.aspnetcdn.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com fonts.googleapis.com; connect-src 'self' *.amazon.com cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.cookielaw.org *.linkedin.com *.reddit.com *.redditstatic.com *.onetrust.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.amazon *.aviva.ca *.pardot.com; frame-ancestors https://*.aviva.ca
cache-control: max-age=25
accept-ranges: bytes
content-length: 4009
x-xss-protection: 1; mode=block
x-edgeconnect-midmile-rtt: 4
x-edgeconnect-origin-mex-latency: 431

GET
H2 200 m-showhide.js Show response
www.aviva.ca/etc/designs/aviva/clientlibs/uk/override/ 7 KB
3 KB 363ms
334ms Script
text/javascript 23.9.178.244
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aviva.ca/etc/designs/aviva/clientlibs/uk/override/m-showhide.js

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/js//vendor/core/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.244 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-244.deploy.static.akamaitechnologies.com

Software

Resource Hash

746c14b2f77e2529a5ccb173eb96e00c830b82ccf6519e4d173fb8c9b802ef08

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .aviva.ca .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com .pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' .aviva.ca cdn.aviva.com .adobedtm.com .amazon.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com .cookielaw.org ajax.aspnetcdn.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com fonts.googleapis.com; connect-src 'self' .amazon.com cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .cookielaw.org .linkedin.com .reddit.com .redditstatic.com .onetrust.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .amazon .aviva.ca .pardot.com; frame-ancestors https://.aviva.ca
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/direct/

Response headers

content-encoding: gzip
etag: W/"1d42-6216a259e7dc9"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Mon, 21 Oct 2024 13:49:58 GMT
date: Mon, 21 Oct 2024 13:49:13 GMT
last-modified: Fri, 06 Sep 2024 02:27:21 GMT
content-type: text/javascript
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.aviva.ca *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com *.pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' *.aviva.ca cdn.aviva.com *.adobedtm.com *.amazon.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com *.cookielaw.org ajax.aspnetcdn.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com fonts.googleapis.com; connect-src 'self' *.amazon.com cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.cookielaw.org *.linkedin.com *.reddit.com *.redditstatic.com *.onetrust.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.amazon *.aviva.ca *.pardot.com; frame-ancestors https://*.aviva.ca
cache-control: max-age=45
accept-ranges: bytes
content-length: 1704
x-xss-protection: 1; mode=block

GET
H2 200 m-radio-segmented.js Show response
cdn.aviva.com/static/core/v.3.3.0/js/blocks/ 2 KB
1 KB 75ms
46ms Script
application/x-javascript 23.9.178.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/js/blocks/m-radio-segmented.js

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/js//vendor/core/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.162 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

0643c0278a85f07f8db35b9dca1a3cf925b07023e0446b4d943526993a64e840

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
content-encoding: gzip
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Wed, 20 Nov 2024 13:49:13 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 854
date: Mon, 21 Oct 2024 13:49:13 GMT
content-type: application/x-javascript
last-modified: Mon, 24 May 2021 15:46:45 GMT
vary: Accept-Encoding

GET
H2 200 main.js Show response
www.aviva.ca/etc/designs/aviva-public/1.49.2/js/ 13 KB
4 KB 317ms
289ms Script
text/javascript 23.9.178.244
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aviva.ca/etc/designs/aviva-public/1.49.2/js/main.js?v=2024.09.05-2

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/js//vendor/core/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.244 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-244.deploy.static.akamaitechnologies.com

Software

Resource Hash

7781eee45114653568143bda6a3ce08548251992d086e76f44706650668aaf2f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .aviva.ca .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com .pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' .aviva.ca cdn.aviva.com .adobedtm.com .amazon.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com .cookielaw.org ajax.aspnetcdn.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com fonts.googleapis.com; connect-src 'self' .amazon.com cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .cookielaw.org .linkedin.com .reddit.com .redditstatic.com .onetrust.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .amazon .aviva.ca .pardot.com; frame-ancestors https://.aviva.ca
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/direct/

Response headers

content-encoding: gzip
etag: "3488-6216a193acb47"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Mon, 21 Oct 2024 13:49:54 GMT
date: Mon, 21 Oct 2024 13:49:13 GMT
last-modified: Fri, 06 Sep 2024 02:23:53 GMT
vary: Accept-Encoding
content-type: text/javascript
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.aviva.ca *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com *.pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' *.aviva.ca cdn.aviva.com *.adobedtm.com *.amazon.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com *.cookielaw.org ajax.aspnetcdn.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com fonts.googleapis.com; connect-src 'self' *.amazon.com cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.cookielaw.org *.linkedin.com *.reddit.com *.redditstatic.com *.onetrust.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.amazon *.aviva.ca *.pardot.com; frame-ancestors https://*.aviva.ca
cache-control: max-age=41
accept-ranges: bytes
content-length: 2481
x-xss-protection: 1; mode=block
x-edgeconnect-midmile-rtt: 0, 0
x-edgeconnect-origin-mex-latency: 238, 1185

GET
H2 200 o-modal.js Show response
www.aviva.ca/etc/designs/aviva/clientlibs/uk/override/ 14 KB
5 KB 390ms
361ms Script
text/javascript 23.9.178.244
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aviva.ca/etc/designs/aviva/clientlibs/uk/override/o-modal.js

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/js//vendor/core/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.244 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-244.deploy.static.akamaitechnologies.com

Software

Resource Hash

8cfa5486c54ca27001dcd80bf8db28e1eef38e0985748dd54d24655f17258fc5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .aviva.ca .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com .pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' .aviva.ca cdn.aviva.com .adobedtm.com .amazon.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com .cookielaw.org ajax.aspnetcdn.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com fonts.googleapis.com; connect-src 'self' .amazon.com cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .cookielaw.org .linkedin.com .reddit.com .redditstatic.com .onetrust.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .amazon .aviva.ca .pardot.com; frame-ancestors https://.aviva.ca
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/direct/

Response headers

content-encoding: gzip
etag: "3876-6216a2401d403"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Mon, 21 Oct 2024 13:50:07 GMT
date: Mon, 21 Oct 2024 13:49:13 GMT
last-modified: Fri, 06 Sep 2024 02:26:54 GMT
vary: Accept-Encoding
content-type: text/javascript
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.aviva.ca *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com *.pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' *.aviva.ca cdn.aviva.com *.adobedtm.com *.amazon.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com *.cookielaw.org ajax.aspnetcdn.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com fonts.googleapis.com; connect-src 'self' *.amazon.com cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.cookielaw.org *.linkedin.com *.reddit.com *.redditstatic.com *.onetrust.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.amazon *.aviva.ca *.pardot.com; frame-ancestors https://*.aviva.ca
cache-control: max-age=54
accept-ranges: bytes
content-length: 3450
x-xss-protection: 1; mode=block
x-edgeconnect-midmile-rtt: 0
x-edgeconnect-origin-mex-latency: 220

GET
H2 200 utility.js Show response
cdn.aviva.com/static/core/v.3.3.0/js/ 2 KB
1 KB 44ms
44ms Script
application/x-javascript 23.9.178.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/js/utility.js

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/js//vendor/core/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.162 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

0145edba7a2aebcc5d9fc32ef047a0ccc1c7cecd3609db7f7d559fe1a3e2c20e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
content-encoding: gzip
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Wed, 20 Nov 2024 13:49:13 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 860
date: Mon, 21 Oct 2024 13:49:13 GMT
content-type: application/x-javascript
last-modified: Mon, 24 May 2021 15:46:45 GMT
vary: Accept-Encoding

GET
H2 200 init.js Show response
www.aviva.ca/etc/designs/aviva-public/1.49.2/js/ 3 KB
2 KB 287ms
286ms Script
text/javascript 23.9.178.244
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aviva.ca/etc/designs/aviva-public/1.49.2/js/init.js?v=2024.09.05-2

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/js//vendor/core/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.244 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-244.deploy.static.akamaitechnologies.com

Software

Resource Hash

37694ec351fb3635fe60812af0252d58d7eb81366e1769b758f32a886e819115

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .aviva.ca .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com .pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' .aviva.ca cdn.aviva.com .adobedtm.com .amazon.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com .cookielaw.org ajax.aspnetcdn.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com fonts.googleapis.com; connect-src 'self' .amazon.com cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .cookielaw.org .linkedin.com .reddit.com .redditstatic.com .onetrust.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .amazon .aviva.ca .pardot.com; frame-ancestors https://.aviva.ca
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/direct/

Response headers

content-encoding: gzip
etag: W/"a07-6216a2068f08a"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Mon, 21 Oct 2024 13:49:32 GMT
date: Mon, 21 Oct 2024 13:49:13 GMT
last-modified: Fri, 06 Sep 2024 02:25:54 GMT
content-type: text/javascript
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.aviva.ca *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com *.pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' *.aviva.ca cdn.aviva.com *.adobedtm.com *.amazon.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com *.cookielaw.org ajax.aspnetcdn.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com fonts.googleapis.com; connect-src 'self' *.amazon.com cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.cookielaw.org *.linkedin.com *.reddit.com *.redditstatic.com *.onetrust.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.amazon *.aviva.ca *.pardot.com; frame-ancestors https://*.aviva.ca
cache-control: max-age=19
accept-ranges: bytes
content-length: 1025
x-xss-protection: 1; mode=block

GET
H2 200 arrow-down-white-small.svg
cdn.aviva.com/static/core/v.3.3.0/images/icons/arrows/ 252 B
417 B 46ms
44ms Image
image/svg+xml 23.9.178.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/images/icons/arrows/arrow-down-white-small.svg

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.162 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

e38250a24286a63e23ee03aff600d4a35eaf6ad60205aa358514c6f61a5f5969

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split.css

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
content-encoding: gzip
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Wed, 20 Nov 2024 13:49:13 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 200
date: Mon, 21 Oct 2024 13:49:13 GMT
content-type: image/svg+xml
last-modified: Mon, 24 May 2021 15:46:45 GMT
vary: Accept-Encoding

GET
H2 200 show-hide.svg
cdn.aviva.com/static/core/v.3.3.0/images/icons/sprites/ 619 B
507 B 55ms
46ms Image
image/svg+xml 23.9.178.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/images/icons/sprites/show-hide.svg

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.162 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

a53c4792806ac6203b118b5b290237ae879a6f3c674f9475e83e0a0ba1a89d2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split.css

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
content-encoding: gzip
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Wed, 20 Nov 2024 13:49:13 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 289
date: Mon, 21 Oct 2024 13:49:13 GMT
content-type: image/svg+xml
last-modified: Mon, 24 May 2021 15:46:45 GMT
vary: Accept-Encoding

GET
H2 200 arrow-down-tabs-grey.svg
cdn.aviva.com/static/core/v.3.3.0/images/icons/arrows/ 273 B
439 B 69ms
61ms Image
image/svg+xml 23.9.178.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/images/icons/arrows/arrow-down-tabs-grey.svg

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.162 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

c0e151c7d0242dfd387a8e91a3d75da0bf5cccde65b9a37a3abc45cc7db76b2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split.css

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
content-encoding: gzip
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Wed, 20 Nov 2024 13:49:13 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 222
date: Mon, 21 Oct 2024 13:49:13 GMT
content-type: image/svg+xml
last-modified: Mon, 24 May 2021 15:46:45 GMT
vary: Accept-Encoding

GET
H2 200 bowser-1.4.3.min.js Show response
www.aviva.ca/etc/designs/aviva-public/vendor/js/core/ 6 KB
4 KB 282ms
281ms Script
text/javascript 23.9.178.244
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aviva.ca/etc/designs/aviva-public/vendor/js/core/bowser-1.4.3.min.js

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/js//vendor/core/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.244 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-244.deploy.static.akamaitechnologies.com

Software

Resource Hash

6cedbfc0180bcd3e6e9f116e59151ea35dd68f444a05b9a8fedbae7f2efbed4e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .aviva.ca .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com .pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' .aviva.ca cdn.aviva.com .adobedtm.com .amazon.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com .cookielaw.org ajax.aspnetcdn.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com fonts.googleapis.com; connect-src 'self' .amazon.com cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .cookielaw.org .linkedin.com .reddit.com .redditstatic.com .onetrust.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .amazon .aviva.ca .pardot.com; frame-ancestors https://.aviva.ca
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/direct/

Response headers

content-encoding: gzip
etag: W/"18ba-6216a213d63e4"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Mon, 21 Oct 2024 13:50:14 GMT
date: Mon, 21 Oct 2024 13:49:14 GMT
last-modified: Fri, 06 Sep 2024 02:26:08 GMT
content-type: text/javascript
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.aviva.ca *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com *.pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' *.aviva.ca cdn.aviva.com *.adobedtm.com *.amazon.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com *.cookielaw.org ajax.aspnetcdn.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com fonts.googleapis.com; connect-src 'self' *.amazon.com cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.cookielaw.org *.linkedin.com *.reddit.com *.redditstatic.com *.onetrust.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.amazon *.aviva.ca *.pardot.com; frame-ancestors https://*.aviva.ca
cache-control: max-age=60
accept-ranges: bytes
content-length: 2307
x-xss-protection: 1; mode=block

GET
H2 200 picturePolyfill.js Show response
www.aviva.ca/etc/designs/aviva-public/1.49.2/js/util/ 1 KB
2 KB 280ms
280ms Script
text/javascript 23.9.178.244
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aviva.ca/etc/designs/aviva-public/1.49.2/js/util/picturePolyfill.js

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/js//vendor/core/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.244 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-244.deploy.static.akamaitechnologies.com

Software

Resource Hash

34e7793f5c055ca5a4e464953c950d27a8adb471d65d7fba9440895bec594bb3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .aviva.ca .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com .pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' .aviva.ca cdn.aviva.com .adobedtm.com .amazon.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com .cookielaw.org ajax.aspnetcdn.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com fonts.googleapis.com; connect-src 'self' .amazon.com cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .cookielaw.org .linkedin.com .reddit.com .redditstatic.com .onetrust.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .amazon .aviva.ca .pardot.com; frame-ancestors https://.aviva.ca
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/direct/

Response headers

content-encoding: gzip
etag: W/"4f6-6216a247cf335"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Mon, 21 Oct 2024 13:50:10 GMT
date: Mon, 21 Oct 2024 13:49:14 GMT
last-modified: Fri, 06 Sep 2024 02:27:02 GMT
content-type: text/javascript
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.aviva.ca *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com *.pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' *.aviva.ca cdn.aviva.com *.adobedtm.com *.amazon.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com *.cookielaw.org ajax.aspnetcdn.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com fonts.googleapis.com; connect-src 'self' *.amazon.com cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.cookielaw.org *.linkedin.com *.reddit.com *.redditstatic.com *.onetrust.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.amazon *.aviva.ca *.pardot.com; frame-ancestors https://*.aviva.ca
cache-control: max-age=56
accept-ranges: bytes
content-length: 532
x-xss-protection: 1; mode=block

GET
H2 200 backToTop.js Show response
www.aviva.ca/etc/designs/aviva-public/1.49.2/js/blocks/ 2 KB
2 KB 273ms
271ms Script
text/javascript 23.9.178.244
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aviva.ca/etc/designs/aviva-public/1.49.2/js/blocks/backToTop.js

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/js//vendor/core/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.244 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-244.deploy.static.akamaitechnologies.com

Software

Resource Hash

3bb9964462e69c296ff5d3161eb547891d50aba596078f91d322e9462ae7255a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .aviva.ca .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com .pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' .aviva.ca cdn.aviva.com .adobedtm.com .amazon.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com .cookielaw.org ajax.aspnetcdn.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com fonts.googleapis.com; connect-src 'self' .amazon.com cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .cookielaw.org .linkedin.com .reddit.com .redditstatic.com .onetrust.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .amazon .aviva.ca .pardot.com; frame-ancestors https://.aviva.ca
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/direct/

Response headers

content-encoding: gzip
etag: "961-6216a213ff6d3"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Mon, 21 Oct 2024 13:50:08 GMT
date: Mon, 21 Oct 2024 13:49:14 GMT
last-modified: Fri, 06 Sep 2024 02:26:08 GMT
content-type: text/javascript
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.aviva.ca *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com *.pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' *.aviva.ca cdn.aviva.com *.adobedtm.com *.amazon.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com *.cookielaw.org ajax.aspnetcdn.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com fonts.googleapis.com; connect-src 'self' *.amazon.com cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.cookielaw.org *.linkedin.com *.reddit.com *.redditstatic.com *.onetrust.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.amazon *.aviva.ca *.pardot.com; frame-ancestors https://*.aviva.ca
cache-control: max-age=54
accept-ranges: bytes
content-length: 836
x-xss-protection: 1; mode=block

GET
H2 200 js-menu-navigation.js Show response
www.aviva.ca/etc/designs/aviva/clientlibs/uk/ 7 KB
2 KB 280ms
278ms Script
text/javascript 23.9.178.244
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aviva.ca/etc/designs/aviva/clientlibs/uk/js-menu-navigation.js?v=2024.09.05-2

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/js//vendor/core/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.244 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-244.deploy.static.akamaitechnologies.com

Software

Resource Hash

3b76e6afc9102159ecf5df56dd8e130db4a174feadfdcd15ef43c09b2d93d01a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .aviva.ca .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com .pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' .aviva.ca cdn.aviva.com .adobedtm.com .amazon.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com .cookielaw.org ajax.aspnetcdn.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com fonts.googleapis.com; connect-src 'self' .amazon.com cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .cookielaw.org .linkedin.com .reddit.com .redditstatic.com .onetrust.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .amazon .aviva.ca .pardot.com; frame-ancestors https://.aviva.ca
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/direct/

Response headers

content-encoding: gzip
etag: W/"1a58-6216a1df7910f"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Mon, 21 Oct 2024 13:49:50 GMT
date: Mon, 21 Oct 2024 13:49:14 GMT
last-modified: Fri, 06 Sep 2024 02:25:13 GMT
content-type: text/javascript
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.aviva.ca *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com *.pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' *.aviva.ca cdn.aviva.com *.adobedtm.com *.amazon.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com *.cookielaw.org ajax.aspnetcdn.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com fonts.googleapis.com; connect-src 'self' *.amazon.com cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.cookielaw.org *.linkedin.com *.reddit.com *.redditstatic.com *.onetrust.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.amazon *.aviva.ca *.pardot.com; frame-ancestors https://*.aviva.ca
cache-control: max-age=36
accept-ranges: bytes
content-length: 1208
x-xss-protection: 1; mode=block

GET
H2 200 country-language-selector-extension.js Show response
www.aviva.ca/etc/designs/aviva-public/1.49.2/js/blocks/ 3 KB
2 KB 526ms
524ms Script
text/javascript 23.9.178.244
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aviva.ca/etc/designs/aviva-public/1.49.2/js/blocks/country-language-selector-extension.js

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/js//vendor/core/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.244 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-244.deploy.static.akamaitechnologies.com

Software

Resource Hash

8f966ad65314fe674f8ccd3e49ce614a30da7e3ad11dea7ee700669efa7c951a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .aviva.ca .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com .pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' .aviva.ca cdn.aviva.com .adobedtm.com .amazon.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com .cookielaw.org ajax.aspnetcdn.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com fonts.googleapis.com; connect-src 'self' .amazon.com cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .cookielaw.org .linkedin.com .reddit.com .redditstatic.com .onetrust.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .amazon .aviva.ca .pardot.com; frame-ancestors https://.aviva.ca
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/direct/

Response headers

content-encoding: gzip
etag: W/"ad0-6216a19caed7c"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Mon, 21 Oct 2024 13:50:14 GMT
date: Mon, 21 Oct 2024 13:49:14 GMT
last-modified: Fri, 06 Sep 2024 02:24:03 GMT
content-type: text/javascript
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.aviva.ca *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com *.pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' *.aviva.ca cdn.aviva.com *.adobedtm.com *.amazon.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com *.cookielaw.org ajax.aspnetcdn.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com fonts.googleapis.com; connect-src 'self' *.amazon.com cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.cookielaw.org *.linkedin.com *.reddit.com *.redditstatic.com *.onetrust.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.amazon *.aviva.ca *.pardot.com; frame-ancestors https://*.aviva.ca
cache-control: max-age=60
accept-ranges: bytes
content-length: 972
x-xss-protection: 1; mode=block

GET
H2 200 emergency-notification-block.js Show response
www.aviva.ca/etc/designs/aviva-public/1.49.2/js/blocks/ 2 KB
2 KB 278ms
276ms Script
text/javascript 23.9.178.244
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aviva.ca/etc/designs/aviva-public/1.49.2/js/blocks/emergency-notification-block.js

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/js//vendor/core/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.244 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-244.deploy.static.akamaitechnologies.com

Software

Resource Hash

7783e3333d27cec324d28862daf75cc7dcc76ce0aab9526ed63b46cb48a65760

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .aviva.ca .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com .pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' .aviva.ca cdn.aviva.com .adobedtm.com .amazon.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com .cookielaw.org ajax.aspnetcdn.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com fonts.googleapis.com; connect-src 'self' .amazon.com cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .cookielaw.org .linkedin.com .reddit.com .redditstatic.com .onetrust.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .amazon .aviva.ca .pardot.com; frame-ancestors https://.aviva.ca
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/direct/

Response headers

content-encoding: gzip
etag: W/"63a-6216a1eaa60aa"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Mon, 21 Oct 2024 13:49:32 GMT
date: Mon, 21 Oct 2024 13:49:14 GMT
last-modified: Fri, 06 Sep 2024 02:25:24 GMT
content-type: text/javascript
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.aviva.ca *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com *.pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' *.aviva.ca cdn.aviva.com *.adobedtm.com *.amazon.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com *.cookielaw.org ajax.aspnetcdn.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com fonts.googleapis.com; connect-src 'self' *.amazon.com cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.cookielaw.org *.linkedin.com *.reddit.com *.redditstatic.com *.onetrust.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.amazon *.aviva.ca *.pardot.com; frame-ancestors https://*.aviva.ca
cache-control: max-age=18
accept-ranges: bytes
content-length: 619
x-xss-protection: 1; mode=block

GET
H2 200 avivaModals.js Show response
www.aviva.ca/etc/designs/aviva/clientlibs/uk/ 21 KB
6 KB 278ms
277ms Script
text/javascript 23.9.178.244
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aviva.ca/etc/designs/aviva/clientlibs/uk/avivaModals.js?v=2024.09.05-2

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/js//vendor/core/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.244 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-244.deploy.static.akamaitechnologies.com

Software

Resource Hash

f4c3223d8ff34087d49e086e3972d0f3c2184c15644d583b802ed6d020345045

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .aviva.ca .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com .pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' .aviva.ca cdn.aviva.com .adobedtm.com .amazon.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com .cookielaw.org ajax.aspnetcdn.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com fonts.googleapis.com; connect-src 'self' .amazon.com cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .cookielaw.org .linkedin.com .reddit.com .redditstatic.com .onetrust.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .amazon .aviva.ca .pardot.com; frame-ancestors https://.aviva.ca
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/direct/

Response headers

content-encoding: gzip
etag: W/"533d-6216a1df8ae3a"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Mon, 21 Oct 2024 13:49:49 GMT
date: Mon, 21 Oct 2024 13:49:14 GMT
last-modified: Fri, 06 Sep 2024 02:25:13 GMT
content-type: text/javascript
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.aviva.ca *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com *.pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' *.aviva.ca cdn.aviva.com *.adobedtm.com *.amazon.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com *.cookielaw.org ajax.aspnetcdn.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com fonts.googleapis.com; connect-src 'self' *.amazon.com cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.cookielaw.org *.linkedin.com *.reddit.com *.redditstatic.com *.onetrust.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.amazon *.aviva.ca *.pardot.com; frame-ancestors https://*.aviva.ca
cache-control: max-age=35
accept-ranges: bytes
content-length: 4473
x-xss-protection: 1; mode=block

GET
H2 200 cookie.js Show response
www.aviva.ca/etc/designs/aviva-public/1.49.2/js/util/ 914 B
2 KB 300ms
296ms Script
text/javascript 23.9.178.244
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aviva.ca/etc/designs/aviva-public/1.49.2/js/util/cookie.js

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/js//vendor/core/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.244 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-244.deploy.static.akamaitechnologies.com

Software

Resource Hash

a138711e3fd6ba8d769df39ce01fbb26e6b32677ea84d5990a54638824266205

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .aviva.ca .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com .pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' .aviva.ca cdn.aviva.com .adobedtm.com .amazon.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com .cookielaw.org ajax.aspnetcdn.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com fonts.googleapis.com; connect-src 'self' .amazon.com cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .cookielaw.org .linkedin.com .reddit.com .redditstatic.com .onetrust.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .amazon .aviva.ca .pardot.com; frame-ancestors https://.aviva.ca
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/direct/

Response headers

content-encoding: gzip
etag: "392-6216a1655e80c"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Mon, 21 Oct 2024 13:50:03 GMT
date: Mon, 21 Oct 2024 13:49:14 GMT
last-modified: Fri, 06 Sep 2024 02:23:05 GMT
content-type: text/javascript
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.aviva.ca *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com *.pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' *.aviva.ca cdn.aviva.com *.adobedtm.com *.amazon.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com *.cookielaw.org ajax.aspnetcdn.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com fonts.googleapis.com; connect-src 'self' *.amazon.com cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.cookielaw.org *.linkedin.com *.reddit.com *.redditstatic.com *.onetrust.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.amazon *.aviva.ca *.pardot.com; frame-ancestors https://*.aviva.ca
cache-control: max-age=49
accept-ranges: bytes
content-length: 403
x-xss-protection: 1; mode=block

GET
H2 200 js.cookie.js Show response
www.aviva.ca/etc/designs/aviva/clientlibs/uk/ 5 KB
3 KB 297ms
295ms Script
text/javascript 23.9.178.244
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aviva.ca/etc/designs/aviva/clientlibs/uk/js.cookie.js

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/js//vendor/core/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.244 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-244.deploy.static.akamaitechnologies.com

Software

Resource Hash

520092d1701ff382044e9cf69851a8c2396850f86ad3240af79ec00d4aa663e0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .aviva.ca .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com .pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' .aviva.ca cdn.aviva.com .adobedtm.com .amazon.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com .cookielaw.org ajax.aspnetcdn.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com fonts.googleapis.com; connect-src 'self' .amazon.com cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .cookielaw.org .linkedin.com .reddit.com .redditstatic.com .onetrust.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .amazon .aviva.ca .pardot.com; frame-ancestors https://.aviva.ca
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/direct/

Response headers

content-encoding: gzip
etag: W/"147e-6216a1940b8e6"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Mon, 21 Oct 2024 13:49:55 GMT
date: Mon, 21 Oct 2024 13:49:14 GMT
last-modified: Fri, 06 Sep 2024 02:23:54 GMT
content-type: text/javascript
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.aviva.ca *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com *.pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' *.aviva.ca cdn.aviva.com *.adobedtm.com *.amazon.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com *.cookielaw.org ajax.aspnetcdn.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com fonts.googleapis.com; connect-src 'self' *.amazon.com cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.cookielaw.org *.linkedin.com *.reddit.com *.redditstatic.com *.onetrust.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.amazon *.aviva.ca *.pardot.com; frame-ancestors https://*.aviva.ca
cache-control: max-age=41
accept-ranges: bytes
content-length: 1545
x-xss-protection: 1; mode=block

GET
H2 200 notification-warning.svg
cdn.aviva.com/static/core/v.3.3.0/images/icons/ 415 B
497 B 59ms
44ms Image
image/svg+xml 23.9.178.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/images/icons/notification-warning.svg

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.162 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

264db88e12581e8eb6af909d3c36af1c0016963a80363a0ef2cbf7e45958bb94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split.css

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
content-encoding: gzip
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Wed, 20 Nov 2024 13:49:14 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 280
date: Mon, 21 Oct 2024 13:49:14 GMT
content-type: image/svg+xml
last-modified: Mon, 24 May 2021 15:46:45 GMT
vary: Accept-Encoding

GET
H2 200 cross-grey.svg
cdn.aviva.com/static/core/v.3.3.0/images/icons/ 238 B
409 B 82ms
67ms Image
image/svg+xml 23.9.178.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/images/icons/cross-grey.svg

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.162 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

824bb9b5249bff9da1815e7bd0521ecc56e116042fa80670332882bff14dd6b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split.css

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
content-encoding: gzip
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Wed, 20 Nov 2024 13:49:14 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 192
date: Mon, 21 Oct 2024 13:49:14 GMT
content-type: image/svg+xml
last-modified: Mon, 24 May 2021 15:46:45 GMT
vary: Accept-Encoding

GET
H2 200 cross-white.svg
cdn.aviva.com/static/core/v.3.3.0/images/icons/ 235 B
407 B 69ms
67ms Image
image/svg+xml 23.9.178.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/images/icons/cross-white.svg

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.162 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

2c9f89242a608ad2b69b67389f05d2c980a9702c0580972fe9f5f93157e5bc93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split.css

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
content-encoding: gzip
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Wed, 20 Nov 2024 13:49:14 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 189
date: Mon, 21 Oct 2024 13:49:14 GMT
content-type: image/svg+xml
last-modified: Mon, 24 May 2021 15:46:45 GMT
vary: Accept-Encoding

GET
H2 200 dropdown.svg
cdn.aviva.com/static/core/v.3.3.0/images/icons/sprites/ 1 KB
548 B 65ms
64ms Image
image/svg+xml 23.9.178.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/images/icons/sprites/dropdown.svg

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split2.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.162 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

3a5974425043f506cf9bcf6e97380a0bff1ffa7b3014632a6e899fb4aeddd5b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split2.css

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
content-encoding: gzip
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Wed, 20 Nov 2024 13:49:14 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 330
date: Mon, 21 Oct 2024 13:49:14 GMT
content-type: image/svg+xml
last-modified: Mon, 24 May 2021 15:46:45 GMT
vary: Accept-Encoding

GET
H2 200 scrollable.js Show response
cdn.aviva.com/static/core/v.3.3.0/js/blocks/ 797 B
674 B 133ms
108ms Script
application/x-javascript 23.9.178.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/js/blocks/scrollable.js

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/js//vendor/core/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.162 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

6f6eb81c9e8918b3bbf0c2021f006c1d7a4ea4bf13012cb6bc9559e4ab58fa1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
content-encoding: gzip
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Wed, 20 Nov 2024 13:49:15 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 450
date: Mon, 21 Oct 2024 13:49:15 GMT
content-type: application/x-javascript
last-modified: Mon, 24 May 2021 15:46:45 GMT
vary: Accept-Encoding

GET
H2 200 jquery-ui.js Show response
cdn.aviva.com/static/core/v.3.3.0/js/vendor/jquery/ 38 KB
11 KB 86ms
85ms Script
application/x-javascript 23.9.178.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/js/vendor/jquery/jquery-ui.js

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/js//vendor/core/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.162 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

6a7f51d8f410616df3c0776bea8166beb1d49d0aeb1634dc12716224617da2e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
content-encoding: gzip
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Wed, 20 Nov 2024 13:49:15 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 11523
date: Mon, 21 Oct 2024 13:49:15 GMT
content-type: application/x-javascript
last-modified: Mon, 24 May 2021 15:46:45 GMT
vary: Accept-Encoding

GET
H2 200 mousewheel.js Show response
cdn.aviva.com/static/core/v.3.3.0/js/vendor/jquery/ 3 KB
1 KB 87ms
87ms Script
application/x-javascript 23.9.178.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/js/vendor/jquery/mousewheel.js

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/js//vendor/core/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.162 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

1b48eaf5c56f4a1722b58ecfcfeb18cf131e328252c14c17cb0de9ea5778deb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
content-encoding: gzip
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Wed, 20 Nov 2024 13:49:15 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1170
date: Mon, 21 Oct 2024 13:49:15 GMT
content-type: application/x-javascript
last-modified: Mon, 24 May 2021 15:46:45 GMT
vary: Accept-Encoding

GET
H2 200 mCustomScrollbar.js Show response
cdn.aviva.com/static/core/v.3.3.0/js/vendor/jquery/ 39 KB
12 KB 88ms
87ms Script
application/x-javascript 23.9.178.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/js/vendor/jquery/mCustomScrollbar.js

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/js//vendor/core/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.9.178.162 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-9-178-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

36f33c52339615a309cc817f4045dcc48fefb41d04b9cbe0023364165249166d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
content-encoding: gzip
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Wed, 20 Nov 2024 13:49:15 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 11856
date: Mon, 21 Oct 2024 13:49:15 GMT
content-type: application/x-javascript
last-modified: Mon, 24 May 2021 15:46:45 GMT
vary: Accept-Encoding

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
insurance.aviva.ca/	1969-12-31 23:59:59	Name: BIGipServersj31web-nginx-app_https Value: !YDfnifYc4MZ+VhQRgS7A5F9dNDOAZMoGZdynfo9QBSThlz0W5Hjg0LEZm1nISHQgYfmld8Ygi8tXrRQ=
.insurance.aviva.ca/	1970-01-21 00:25:20	Name: __cf_bm Value: oRqsxURE_Dmlj7f8jxSgVYRnKjYwkuYTK0lhhJ9SpR0-1729518547-1.0.1.1-m4oVZXK.PEK8JN8bA9d_C8cdG0yFXoEkvcxuy8YDt6uvgNNSHX_NwaKeiz5tcGmoBj_amZPzGcZevGiVrOoGow
www.aviva.ca/	1970-01-21 00:25:19	Name: akacd_f_g_ca Value: 1729519148~rv=65~id=8c45d50389526bcc23da7347fe4019a7
.aviva.ca/	1970-01-21 00:25:25	Name: bm_mi Value: 81BDAB9986813071BF997BF45F0DCDA9~YAAQRcgwFyC/jZ2SAQAAH7hWrxm3otXGoWKA7EwYzFx0kuj7e81IWq4MiThGFbJEPJMAPMd1qeQh23C1o5i1bGnubtV8iYaipfP88M17JGE10yyZjrIzkvnRyWxkXw+E13w0yJFDKIW3DbHXslTfkzcgWtd2T/thfnGz+PAXuoLjPycBDwBi6fTmSC1uwgJ6SkW1sARXY515Dk3a1yY6B9GVvlpchhG+3Kxe+4VH38GaH35RjdM7VeWtQvnGYcvKj6K9ZZ/d7tGGgT1W3uL2HIWtB9BbLBUDT2ee/mgzfQhkBdZ0q4RrGrDDaCwt0oKeYkIYmRiA~1
.aviva.ca/	1970-01-21 00:25:25	Name: bm_sv Value: 791FE9521B15AEDE807AA30A5C27F11B~YAAQRcgwFyG/jZ2SAQAAH7hWrxmxTNn2ZooDM5HgxCgHHxxgtzauQyuPyFpvVFuWsGg+q01EP9WUwyOeSe3z1Uh4G7KGamZG3OGte4pjiRGsr9YOWQi1+uGmdqn7i49fcs/fTbDtaBq9z28WNifA1wVk2UUDjS/rgrW4XHzmRu9lJ7LGKw1x3Xqk+yN4LI1Liw5XivnCikw1CZor27WgC/n6OEL4UFz6DZsrqqPZt/VajRst2eq2453Fh8fSqw==~1
cdn.aviva.com/	1970-01-21 00:25:19	Name: akacd_f_d_eu_l Value: 1729519150~rv=66~id=81aea138993000ad3089be55774ebdab
.aviva.ca/	1969-12-31 23:59:59	Name: at_check Value: true
.aviva.ca/	1970-01-21 00:25:25	Name: ak_bmsc Value: 444A81082D04A997D45C7903EF0CC54E~000000000000000000000000000000~YAAQRcgwF0HCjZ2SAQAAdcRWrxlvv8WaFImbu0M0d0sNRUT+YgfNAGu+uS7tO8cLsayuLHWrr2EonpIQwk0QxqZeGHkrcTFT8qeei0w/rZG4kwiUM3b9XB9tOoIlNZ53IBHcxUrbuv8DZx0uqm7gtbpu2RHg6txjl89RJpMLa2xgJSoTHq9cerfSu6zY/2enx4NUMORrQ/8M3NXh+X6vXTIJfE0izIpX168hcg3bNqwfiKtQPj0WF7zSoIv0y2+78n6pDoS55Sd76KCWeI0u4RQyhzjWNWdRNO8MoFan4T/KnIMMYYA+m6yXiYyx9c8h06h5ok2U+rjI9ja5duNW+3PQOe5E/fMAUCGZ03uRs5zk9efIAH3MDPEdhxP/l/u6+Y4+mqmuvy8tkkGoOOxdgMpVJGCqm8/w/Gad/fyY25WaGu7q5rkh5m00FbQoa3PACGsaau10+lJGWoeNxPyHPIUfbSeQ87mamVfAR5r0Yxw5dEUR6E+UtbU=
.aviva.ca/	1970-01-21 09:10:54	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Mon+Oct+21+2024+06%3A49%3A12+GMT-0700+(Pacific+Daylight+Time)&version=202407.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=c4070d29-1e31-46b0-bf5e-0877a6540090&interactionCount=0&isAnonUser=1&landingPath=https%3A%2F%2Fwww.aviva.ca%2Fen%2Fdirect%2F&groups=1%3A1%2C2%3A0%2C3%3A0%2C4%3A0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .aviva.ca .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com .pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' .aviva.ca cdn.aviva.com .adobedtm.com .amazon.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com .cookielaw.org ajax.aspnetcdn.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com fonts.googleapis.com; connect-src 'self' .amazon.com cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .cookielaw.org .linkedin.com .reddit.com .redditstatic.com .onetrust.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .amazon .aviva.ca .pardot.com; frame-ancestors https://.aviva.ca
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
cdn.aviva.com
cdn.cookielaw.org
connect.facebook.net
geolocation.onetrust.com
insurance.aviva.ca
www.aviva.ca
104.17.72.206
157.240.229.1
23.9.178.162
23.9.178.244
2600:1408:ec00:88a::1e80
2606:4700:4400::6812:2089
2606:4700::6812:572a
0145edba7a2aebcc5d9fc32ef047a0ccc1c7cecd3609db7f7d559fe1a3e2c20e
02f9a50da41909a431c5a6bc0136dfdb864d15395b950e7debd00e677dac71bd
0643c0278a85f07f8db35b9dca1a3cf925b07023e0446b4d943526993a64e840
115712ec33924a79d72a3a4cdb32d02c98cc445528e6aa247d6dc589fb3d67a3
116ceea20a8d437e01a4f6de4200901f79f5b5541e711096ae8afe7466a03c2d
12c10e573781b8bd6a19e60bb756ea0dcc768eca8a7e256384bd5fbe29a61e0c
14018642ecb5da337b472d8e576d508dd632e50befb8c9e68e52f484bb0d0dff
14c2fa6095807c2d3f99a94c89c152d3fad5a9850d5a473fa20b9f086823a922
1898973c6fd7b6de48334fd7f747bf5910d2d0928bacdf309a832caa8bc61bc4
194d7dc861a0f86e5b3ea21f2fb19fa108c6f9ff034f6bad8341d826262d3dc1
1a0948e98160002a3b821cd4cf703fea9eda4b847fc828fee905aeca128c0204
1b48eaf5c56f4a1722b58ecfcfeb18cf131e328252c14c17cb0de9ea5778deb6
1bc9542c1c8c760c1561163c13a4a74dca5335392f2844c2273f20e8a92e8ed5
1c391d65fdfecb14749faa25a105c5c05a3fe9832426a70ead84dd76e5bf349f
1d7054e43ce8b91430289349c993e84d41a8e0a7b60af38e7299524dab742785
1d9addbda55aa12a20367b4afb563f3516b4db50edb4437de62e2704a6dcfa32
1e32181093bb9e29c8fc35663d11d42f4f71a8d98c2606d9e0d844aa479986ba
2448cbe428e1386ca469f3d900acab696f77d8cf70ed410b0dec8012dc33a7d5
24cd6f5b8656917eab7cdad902ad419e0148756c448f304353e7871db252c4f7
264db88e12581e8eb6af909d3c36af1c0016963a80363a0ef2cbf7e45958bb94
29a7b39128e58a5b560363255f9dc14f5563833a4b8331c4df438b05dc0504bd
2c9f89242a608ad2b69b67389f05d2c980a9702c0580972fe9f5f93157e5bc93
2f12bf7ca8e0bc82ac4634c7f6b5d9cd3b260ec31c2ec76d2db01d983770cf48
33797800b62023f90d04fecee08d31e963558c78ebfe4a91609b4ca39d0ce003
34219396e7eef00f45e86c0b18bbaf15f9da148802f7f4e8feeb68593daeb40a
34e7793f5c055ca5a4e464953c950d27a8adb471d65d7fba9440895bec594bb3
36f33c52339615a309cc817f4045dcc48fefb41d04b9cbe0023364165249166d
37694ec351fb3635fe60812af0252d58d7eb81366e1769b758f32a886e819115
3a5974425043f506cf9bcf6e97380a0bff1ffa7b3014632a6e899fb4aeddd5b7
3b76e6afc9102159ecf5df56dd8e130db4a174feadfdcd15ef43c09b2d93d01a
3bb9964462e69c296ff5d3161eb547891d50aba596078f91d322e9462ae7255a
3bfb8b7a88db8db8144b8002735f0b1186f9b8044cd7a607ffe9b71f76b6f5e0
40a10f09c8ae7b2a8c83091589cb1522fd817fd464dd1d5b9570abf702acd499
41673777ea627ad546f0aa6263387040017fc2c105558e24bbba276f1e871044
434eaf54c6a1bf62181a2f7a37f5f2539f60d116dcf9a0e4bbcb732688965138
4976976fa8ab2959946c4e96a275554f099d6c5968633506febe65f1e630d522
4c619c1235dc58e0c64cf814dd6d74fd4b12e36eb6a1a0055b3c8b834af66b68
4e5e155d17ad05a6e38823b3afb7d4fb1bb1c6c1aca70cc0e482fa4c8f941079
513e2b3c37af4730bae25086ccb50fd8e88fa6c6ca3101599ffb48442e97ecac
520092d1701ff382044e9cf69851a8c2396850f86ad3240af79ec00d4aa663e0
5214f0b12f6d038f35a061b40c6f36fc8c329d2d21d3fb1c9ecee8d3b9568c7f
5e0f1aad3f9f1d3326c584369cc8343879252ffe114c3289c2be5ff5dde930aa
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
5fb7c176325267082e94a7131fed5e157516e6805cee3ac6f6a93340a947d640
613f291a3ea06249a168b73652318eca603b5b9a7c933bf08feb2458a00abaf2
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6a7f51d8f410616df3c0776bea8166beb1d49d0aeb1634dc12716224617da2e7
6b470a5ec92399b5420afa5e81b07fe400eeb24c317d911ce76aabcf7e02db39
6b7940f2febd9b5356fe2aebfaca02088451d50d5c6bc962381ba1f478da83f4
6cedbfc0180bcd3e6e9f116e59151ea35dd68f444a05b9a8fedbae7f2efbed4e
6f6eb81c9e8918b3bbf0c2021f006c1d7a4ea4bf13012cb6bc9559e4ab58fa1f
738291574dbf7f2fec2f648b5ac9ca4ab1948c5842009d61ceb2c7667df9a843
746c14b2f77e2529a5ccb173eb96e00c830b82ccf6519e4d173fb8c9b802ef08
7781eee45114653568143bda6a3ce08548251992d086e76f44706650668aaf2f
7783e3333d27cec324d28862daf75cc7dcc76ce0aab9526ed63b46cb48a65760
7a07c979e9c0f6b9a5b1edcd198b9eda289e954533d9af5efb5036823fb07eb1
7c2092048f21074425f3e025db78fb6505f75d6fcf2e121ced055c8d53bcb1b3
7dbc72c3f0511495fdf45d42283a246613db44b0906199cef195a773068d822f
7e3b43082dfbff5371f6906e86e44ce86999eb0ccae3bb992135b6abb37ae11d
80bc044677cf80929d5d037919a68e2040d0b3632f80340b418a29fc8f5baaff
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
824bb9b5249bff9da1815e7bd0521ecc56e116042fa80670332882bff14dd6b6
85df666e6c7b4c5e40a6f1ea4ad6851c6c563f8a5f7a93d07daea446542660f4
8c17464aecc823437211c39bc8ceee296097eff3f4756a1b9881072d51a644e0
8cfa5486c54ca27001dcd80bf8db28e1eef38e0985748dd54d24655f17258fc5
8e8d2f1c9ff36f06d7887b59a899deddaa597afa955fe9011f27848fa3b175e5
8f0ed08df990d0d9dde796cea79c511e4e92b564d0701afa510382c3da969ad1
8f234e9965637f671774c12515e3837f16b5b62a4ec26e60d69eca5d3c288d13
8f764efbb2cdb303e3019325d811225ead27d656f8b40390de427db1415dc56a
8f966ad65314fe674f8ccd3e49ce614a30da7e3ad11dea7ee700669efa7c951a
9387c06fc18f94fe9d7bf799a3026e1be9258ecbb6ae16c398ee9f51c6663a48
98348dab3a9c47f21b6a09f2777e6f35a8063f5190230081fd78723742248ade
9b7cfcc346a0ff3d82e36266374c1d8830e8dbadc433595b39885910f85bb4ba
9c1cc3bc24ad3b897132b6891f3f119c44b9198aa893a971e56195bc21325b3a
a138711e3fd6ba8d769df39ce01fbb26e6b32677ea84d5990a54638824266205
a53c4792806ac6203b118b5b290237ae879a6f3c674f9475e83e0a0ba1a89d2c
b2a3ac010fb6da012d414ff4d2aef937835561686229ed979e418fcabae5d46c
bb60550070f9a5ce5d91b9cb0d34ee6777a3dcb25de950cb185d1c2b624b2590
bd29bea0fbe3e60e07b2da22219cbedde895bfe00aac0fa32a6eed46d51e0130
bd96e065b03bcab321ce111a63b368f08b25217115ee67a1827219b7ba2ebab0
c0e151c7d0242dfd387a8e91a3d75da0bf5cccde65b9a37a3abc45cc7db76b2e
c299052a00248b1cd445299d869b8025dd3108f601a986d3f56399c33d0a5039
c9f6483374942b7e0d19ffa02fbd999069906eaedadae5602b63d538b4d0add1
ccc886ecf317012e82fbca6129a17462af04d4fb51d4e1b5e32977e639c2f685
cf850a5f181892d87d9660e33275fc46c0094b9b6428b8e4b1f93a16518cd7e7
d22ba65430ce6ee971c19978dff9a95f23a1b31fdd676e9b801ad5812a797703
d554361630709572f4c9e33d02ca5ae56275756099a62195513017a0421f73c2
d890abf66010907c7a0a61236d25c3c98bcb7edec34b13dc887f5be122bfef7e
d92d857d4df200abcc14acee55662de41d428cf2f1c453461ab45e86d31ef413
db0da7efe3ac5fc9e598f71e291326f137ea7bbbf97fed4fee0e86b717b0d9a8
e0e26e82b402f297de0f13cdfe66c5de1a5559add19442dd26790cb9f00a8cf7
e321ac8433ed0c3c26b1e9f79dbf8626f86925cea2f1f0dc8302ad5ca9544466
e38250a24286a63e23ee03aff600d4a35eaf6ad60205aa358514c6f61a5f5969
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8790e50c08d56261ed4900e7282adc4451eb4f34b677ae444d9177c6c2f652c
ea681f855f779432a5b2cbb5ff740b95a533c3731d0d66281c8b03567da00a45
ec92ce4898b64554e8af26eed6b09024f152008f2f64affe6c300dbfbb8f0e75
ef62b1cd6c0c08e5207dd9aac5ae16be906b30b07272d3442aa5b6d229a4e4bd
ef640470ded5f3fcab2c29ab75dad29e4761df60663f7a50829bb010cde0f08a
efad755939e511f2bc1feb0d58d6014006e8598a4d431f27a66dd59e14fc19cb
f204cc9346d83fef429e0511051aaed84d2baa749b846cc60946c81517da17a3
f4c3223d8ff34087d49e086e3972d0f3c2184c15644d583b802ed6d020345045
f4cfd4a5b95dfb31c47cd567d9719fc12a0453f6ff27e2872147a9740e4b9e56
fcfdcd619a1fd113846b9a98948fd75b0bdfce0665705c4954dda539941e7cbc
fd46dab6d4bbf6444c64c44318834c53d80fcd0547ed1f88a04576d41aa112ca
fd72079e85de3d4af8217c8eecc5c32cec3e04ce713eb342cda01a0e68220287

www.aviva.ca Open in urlscan Pro 23.9.178.244 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

105 Requests

100 %HTTPS

43 %IPv6

6 Domains

7 Subdomains

7 IPs

2 Countries

1103 kBTransfer

3670 kBSize

9 Cookies

14 Outgoing links

Page URL History

Redirected requests

105 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.aviva.ca Open in urlscan Pro
23.9.178.244 Public Scan

Screenshot
Live screenshot

Full Image

105
Requests

100 %
HTTPS

43 %
IPv6

6
Domains

7
Subdomains

7
IPs

2
Countries

1103 kB
Transfer

3670 kB
Size

9
Cookies

105 HTTP transactions
2 data transactions