manulife.thecrown.workers.dev Open in urlscan Pro
2606:4700:3037::6815:512 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://manulife.thecrown.workers.dev/
Effective URL:
https://manulife.thecrown.workers.dev/
Submission: On October 17 via manual (October 17th 2022, 6:25:41 pm UTC) from US — Scanned from DE

Summary HTTP 96 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 17 IPs in 6 countries across 22 domains to perform 96 HTTP transactions. The main IP is 2606:4700:3037::6815:512, located in United States and belongs to CLOUDFLARENET, US. The main domain is manulife.thecrown.workers.dev.
TLS certificate: Issued by GTS CA 1P5 on October 4th 2022. Valid for: 3 months.

This is the only time manulife.thecrown.workers.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
66	2606:4700:303... 2606:4700:3037::6815:512	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a02:26f0:350... 2a02:26f0:3500:591::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
7	52.211.12.99 52.211.12.99	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2606:4700:1::... 2606:4700:1::6813:844e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.250.104.41 34.250.104.41	16509 (AMAZON-02) (AMAZON-02)
1 1	54.74.40.111 54.74.40.111	16509 (AMAZON-02) (AMAZON-02)
2	54.64.81.80 54.64.81.80	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2 2	37.252.173.27 37.252.173.27	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
1	72.251.245.181 72.251.245.181	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2 2	143.204.215.58 143.204.215.58	16509 (AMAZON-02) (AMAZON-02)
1	13.36.218.177 13.36.218.177	16509 (AMAZON-02) (AMAZON-02)
2 2	52.212.128.245 52.212.128.245	16509 (AMAZON-02) (AMAZON-02)
1	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
2	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
96	17

66 2606:4700:3037::6815:512 (United States)

ASN13335 (CLOUDFLARENET, US)

manulife.thecrown.workers.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:3500:591::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.recaptcha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.211.12.99 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-12-99.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:1::6813:844e (United States)

ASN13335 (CLOUDFLARENET, US)

a.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.250.104.41 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-104-41.eu-west-1.compute.amazonaws.com

manulife.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.74.40.111 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-74-40-111.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.64.81.80 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-64-81-80.ap-northeast-1.compute.amazonaws.com

track.rentracksw.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.173.27 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.245.181 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.215.58 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-58.fra53.r.cloudfront.net

ads.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.36.218.177 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

manulifefinancial.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.212.128.245 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-128-245.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.241.14 (United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
66	workers.dev manulife.thecrown.workers.dev	3 MB
8	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 214 manulife.demdex.net — Cisco Umbrella Rank: 287173	10 KB
4	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 490	110 KB
2	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 226	1 KB
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 756	587 B
2	scorecardresearch.com 2 redirects ads.scorecardresearch.com — Cisco Umbrella Rank: 2407	606 B
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 96	53 KB
2	doubleclick.net 2 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 215	710 B
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 232	2 KB
2	rentracksw.com track.rentracksw.com — Cisco Umbrella Rank: 593891	16 KB
2	mgid.com a.mgid.com — Cisco Umbrella Rank: 20168	6 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 151	34 KB
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 343	11 KB
1	omtrdc.net manulifefinancial.sc.omtrdc.net — Cisco Umbrella Rank: 279080	429 B
1	gstatic.com www.gstatic.com	157 KB
1	adgrx.com cm.adgrx.com — Cisco Umbrella Rank: 1435	283 B
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 236	540 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	204 B
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1073	517 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	20 KB
1	recaptcha.net www.recaptcha.net — Cisco Umbrella Rank: 2146	1000 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 61	83 KB
96	22

	Domain	Requested by
66	manulife.thecrown.workers.dev	manulife.thecrown.workers.dev
7	dpm.demdex.net	assets.adobedtm.com manulife.thecrown.workers.dev
4	assets.adobedtm.com	manulife.thecrown.workers.dev assets.adobedtm.com
2	bam.nr-data.net	js-agent.newrelic.com manulife.thecrown.workers.dev
2	sync.crwdcntrl.net	2 redirects
2	ads.scorecardresearch.com	2 redirects
2	www.youtube.com	manulife.thecrown.workers.dev www.youtube.com
2	cm.g.doubleclick.net	2 redirects
2	ib.adnxs.com	2 redirects
2	track.rentracksw.com	www.googletagmanager.com track.rentracksw.com
2	a.mgid.com	www.googletagmanager.com manulife.thecrown.workers.dev
2	connect.facebook.net	assets.adobedtm.com connect.facebook.net
1	js-agent.newrelic.com	manulife.thecrown.workers.dev
1	manulifefinancial.sc.omtrdc.net	assets.adobedtm.com
1	www.gstatic.com	www.recaptcha.net
1	cm.adgrx.com	manulife.thecrown.workers.dev
1	c.bing.com	1 redirects
1	www.facebook.com	manulife.thecrown.workers.dev
1	cm.everesttech.net	1 redirects
1	manulife.demdex.net	assets.adobedtm.com
1	www.google-analytics.com	assets.adobedtm.com
1	www.recaptcha.net	manulife.thecrown.workers.dev
1	www.googletagmanager.com	manulife.thecrown.workers.dev
96	23

This site contains links to these domains. Also see Links.

Domain
shop.manulife.com.vn
hopdongcuatoi.manulife.com.vn
boithuongbaohiem.manulife.com.vn
dongphi.manulife.com.vn
www.facebook.com
www.youtube.com
zalo.me

Subject Issuer	Validity	Valid
*.thecrown.workers.dev GTS CA 1P5	`2022-10-04` - `2023-01-02`	3 months	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-19` - `2023-08-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
misc.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-27` - `2022-10-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-11`	a year	crt.sh
*.rentracksw.com Amazon	`2022-03-04` - `2023-04-02`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-01` - `2023-03-28`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.sc.omtrdc.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-17` - `2023-03-07`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-07-10` - `2023-08-11`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://manulife.thecrown.workers.dev/
Frame ID: AD589DD34CE4F5C84642BA80E157E7A7
Requests: 89 HTTP requests in this frame

Frame: https://manulife.demdex.net/dest5.html?d_nsid=0
Frame ID: 8DFEEF34D53CEDA50EF5A6DF228F6AF1
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bảo hiểm Manulife Việt Nam

Page URL History Show full URLs

http://manulife.thecrown.workers.dev/ HTTP 307
https://manulife.thecrown.workers.dev/ Page URL

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

/etc\.clientlibs/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+recaptcha
/recaptcha/api\.js

Page Statistics

96
Requests

94 %
HTTPS

48 %
IPv6

22
Domains

23
Subdomains

17
IPs

6
Countries

3976 kB
Transfer

6538 kB
Size

25
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://shop.manulife.com.vn/bao-hiem-max-khoi-dau-binh-an?utm_source=PWS&utm_medium=banner&utm_campaign=%5BPrenatal_Generic%5D-All
Title: Tham gia ngay

Search URL Search Domain Scan URL

URL: https://hopdongcuatoi.manulife.com.vn/register?utm_source=PWS&utm_medium=banner&utm_campaign=CWSNewFunctions_Apr2022
Title: Trải nghiệm ngay!

Search URL Search Domain Scan URL

URL: https://boithuongbaohiem.manulife.com.vn/
Title: Tại đây eClaims Yêu cầu bồi thường bảo hiểm nay thật đơn giản! Tại đây

Search URL Search Domain Scan URL

URL: https://dongphi.manulife.com.vn/
Title: Tại đây Thanh toán Phí bảo hiểm trực tuyến Tại đây

Search URL Search Domain Scan URL

URL: https://hopdongcuatoi.manulife.com.vn/
Title: ManuConnect

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ManulifeVietnam
Title: facebook

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/Manulifevietnam/featured%20
Title: youtube

Search URL Search Domain Scan URL

URL: https://zalo.me/3305978929914720825
Title: zalo

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://manulife.thecrown.workers.dev/ HTTP 307
https://manulife.thecrown.workers.dev/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 69

https://cm.everesttech.net/cm/dd?d_uuid=02842798948331887740983987168700188387 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y02eHwAAAB7rlgN-

Request Chain 76

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
https://dpm.demdex.net/ibs:dpid=358&dpuuid=5520871624551491158

Request Chain 78

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MDI4NDI3OTg5NDgzMzE4ODc3NDA5ODM5ODcxNjg3MDAxODgzODc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MDI4NDI3OTg5NDgzMzE4ODc3NDA5ODM5ODcxNjg3MDAxODgzODc=&google_tc= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEOzgae4vn6UZAn0idfXywiw&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 80

https://c.bing.com/c.gif?uid=02842798948331887740983987168700188387&Red3=MSAdobe_pd&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=2DBC9490DBF765AD22DD86D0DA86648B

Request Chain 89

https://ads.scorecardresearch.com/p?c1=9&c2=6034944&c3=2&cs_xi=02842798948331887740983987168700188387&rn=1666031135170&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D02842798948331887740983987168700188387 HTTP 302
https://ads.scorecardresearch.com/p2?c1=9&c2=6034944&c3=2&cs_xi=02842798948331887740983987168700188387&rn=1666031135170&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D02842798948331887740983987168700188387 HTTP 302
https://dpm.demdex.net/ibs:dpid=73426&dpuuid=02842798948331887740983987168700188387

Request Chain 91

https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=02842798948331887740983987168700188387?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=02842798948331887740983987168700188387?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=

96 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
manulife.thecrown.workers.dev/
Redirect Chain

http://manulife.thecrown.workers.dev/
https://manulife.thecrown.workers.dev/

133 KB
22 KB

1174ms
810ms

Document
text/html

2606:4700:3037::6815:512
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://manulife.thecrown.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17bb36623329a9ba17be4ab8c60d23c025dc29150a44d6c5538b4c72f9c8e6ec

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-ray: 75bb13dc2e607cd3-LAX
content-encoding: br
content-type: text/html
date: Mon, 17 Oct 2022 18:25:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I9hnKOXEHZJxbWpm6w665xDDvhWK8bDW%2B%2B%2FU%2B2r8TxSsPxXK01MsbsfKGWc0OF63041QyCZSD7oxY5EvpdZNtKQ0xHC1JE7Q47VtT%2FBqD1wqhwQGnpFOmEuEZWGmK5RUsI3Ev%2FoY01SF1p83RWlQoSo%2FXFPdfoKgMQDHjg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://manulife.thecrown.workers.dev/
Non-Authoritative-Reason: HSTS

GET
H2 200 launch-ENb9d69a076d1e47f1903a1c7fcf793edd.min.js Show response
assets.adobedtm.com/ 311 KB
87 KB 81ms
16ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/launch-ENb9d69a076d1e47f1903a1c7fcf793edd.min.js
Requested by: Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 94343da2d0669a14e6065bdfeb861bc1327303a14d9c29bbbde2dbef126dc3b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.thecrown.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:34 GMT
content-encoding: gzip
last-modified: Tue, 13 Sep 2022 08:43:57 GMT
server: AkamaiNetStorage
etag: "3bb4b9611b884832d0c3f54c0ffa6ec4:1663058637.978782"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://manulife.thecrown.workers.dev
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 88668
expires: Mon, 17 Oct 2022 19:25:34 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 243 KB
83 KB 77ms
37ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5ZJ4K6M

Requested by

Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f236267e08c3eb3c1bc4786dc0815ad36f503600cbfb50a95c0824b2dd971f14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.thecrown.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84373
x-xss-protection: 0
last-modified: Mon, 17 Oct 2022 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 17 Oct 2022 18:25:34 GMT

GET
H2 200 jquery.min.js Show response
manulife.thecrown.workers.dev/etc.clientlibs/clientlibs/granite/ 98 KB
36 KB 277ms
272ms Script
application/javascript 2606:4700:3037::6815:512
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://manulife.thecrown.workers.dev/etc.clientlibs/clientlibs/granite/jquery.min.js
Requested by: Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8a75d918ddd574026d721058790dd07fc7424ad500e3d9f5be856e921be08f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.thecrown.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:35 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FWqY9zrnRaE2G1s21mZQA0oeLbGI6NtbD7e7EMRVrsVWQm6PtBmlKtzQLbR6GOz49SVEU3J8INw6x6nClyHqcisqbGgaVU9X17S2PR76RT2OAQTCKd8cgU9vUYcl4bYAc3s5WjJhb5mss8hSrLliZTGFWIOsqsb3C4jIuw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cf-ray: 75bb13e16ae27cd3-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 utils.min.js Show response
manulife.thecrown.workers.dev/etc.clientlibs/clientlibs/granite/ 8 KB
4 KB 238ms
233ms Script
application/javascript 2606:4700:3037::6815:512
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://manulife.thecrown.workers.dev/etc.clientlibs/clientlibs/granite/utils.min.js
Requested by: Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06bff916cefa0e2d5595ee421e0e8652f349e85c0a14a6e6921f4368200a9629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.thecrown.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:35 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QKMUq1vtRw1pHEDBTWA%2Bf5a7NFlBuEES8kd2Dp5oodxA4PN6VCcJpKVwUUDTImMwfn9ZZXot7nGR6Bm5GVJZeujTE%2Fyp3cLjSUuRJ78F3gg6CPGj8CVhUG07m4vyimOcTRvA8JHDjEJm8ftOGr4iNX%2Fuj1BkpZeUh0sYsA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cf-ray: 75bb13e16ae77cd3-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 clientlib-dependencies.min.css
manulife.thecrown.workers.dev/etc.clientlibs/coremfc/clientlibs/ 0
401 B 463ms
458ms Stylesheet
text/css 2606:4700:3037::6815:512
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://manulife.thecrown.workers.dev/etc.clientlibs/coremfc/clientlibs/clientlib-dependencies.min.css
Requested by: Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.thecrown.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gDtxQTsbGhfcfU2Ot1UnYSjuVq7AOTpATt%2BN%2Fkor9v06yeZ2LoMzEABLlO5BZYimYNxNRfdrfGSBy7IeisKxKqy0PzA3%2BH17PZKvjFu%2F7tcjidzZGvIiSURRCzOw9a9yZFO4hJUOYomWAzGAz6ml%2BI63hY30E6uF5nD3XA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cf-ray: 75bb13e16ae37cd3-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 clientlib-base.min.css
manulife.thecrown.workers.dev/etc.clientlibs/coremfc/clientlibs/ 837 KB
93 KB 463ms
459ms Stylesheet
text/css 2606:4700:3037::6815:512
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://manulife.thecrown.workers.dev/etc.clientlibs/coremfc/clientlibs/clientlib-base.min.css
Requested by: Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb1688d5d5f4bce59a2448411dfa2ff37b87f45b48921453bd52cb4e7846909b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.thecrown.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:35 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y4ttIHGl2wPgnUEwZl8l3gxjDfEiDHHlfL7P3g0V%2F4smgis1RRkmQX9LlUSOPOWmNyczuCLhdK613TSHmhiQF7UR8DoobAw51fo2PyNeUvE9N4plQwH0iMV8KtY%2FoN4vDBUYabW%2FDjzRoT4VxMDMpzkC%2Fj7bEsamnBnCnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cf-ray: 75bb13e16ae47cd3-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 clientlib-site.min.css
manulife.thecrown.workers.dev/etc.clientlibs/insurance/clientlibs/ 991 B
625 B 275ms
270ms Stylesheet
text/css 2606:4700:3037::6815:512
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://manulife.thecrown.workers.dev/etc.clientlibs/insurance/clientlibs/clientlib-site.min.css
Requested by: Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d705be584b93839b6ce0a090772dee0c358d0c4fda219b761724d96ead024c02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.thecrown.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:35 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fUNOpOl3qViH1N5HvqgIcdyYEkePPdW%2FbcNZKR2JwPmtS8w47aAi%2FNi4LvmfLBiy6z5DUU78KhTUiGd0KA%2FYTldGWmXEULsqqux8jMeFoe8zHvdsbflIVQPnkQu2oOFAKiqJHNGw9A3npTypevkhUyAOpDJpLLhTbiGUwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cf-ray: 75bb13e16ae67cd3-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 ManulifeJHSans-vn-modified.woff2
manulife.thecrown.workers.dev/etc.clientlibs/coremfc/clientlibs/clientlib-site/resources/fonts/ 34 KB
35 KB 442ms
438ms Font
application/octet-stream 2606:4700:3037::6815:512
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://manulife.thecrown.workers.dev/etc.clientlibs/coremfc/clientlibs/clientlib-site/resources/fonts/ManulifeJHSans-vn-modified.woff2
Requested by: Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c93aeb353f1449ca43fca9fc1f86cc24b0642d163cac57ebc90868bf7ae417a7

Request headers

Referer: https://manulife.thecrown.workers.dev/
Origin: https://manulife.thecrown.workers.dev
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AduoVmmrZVFPnsIpOAkYq941q3JOIXxKMidhxxHmkrNXsM0w%2BHS54G%2BnfTELFNR6wK3Mi4kg1rh1m4AFiQTwDrTfti3AhaDw%2FXEPvLvNk%2BeC0Sa2sFUmucxwxLmOZyLrAoXEYEtvZRl6Cets4J2VBB7S3yicxIk3wV%2FMyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cf-ray: 75bb13e16ae87cd3-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35236

GET
H2 200 ManulifeJHSans-Demibold-vn-modified.woff2
manulife.thecrown.workers.dev/etc.clientlibs/coremfc/clientlibs/clientlib-site/resources/fonts/ 35 KB
35 KB 299ms
295ms Font
application/octet-stream 2606:4700:3037::6815:512
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://manulife.thecrown.workers.dev/etc.clientlibs/coremfc/clientlibs/clientlib-site/resources/fonts/ManulifeJHSans-Demibold-vn-modified.woff2
Requested by: Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 253b1196689fa4c31d414993d0e5431cf5a7f1f0a5e30a2e6a99eebd2c1dc4c4

Request headers

Referer: https://manulife.thecrown.workers.dev/
Origin: https://manulife.thecrown.workers.dev
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UYHQvXWASaI2KR1aoCre5DiATdNh6MJm%2BLe34e7JWWlg6QaWXikxijy8TgW0Yr1puAhMCargUBTZLhS1KftqrHt%2Ba%2BZFL9UNmoaf3DLtUC%2FCeMqzsNHqRMkYqaJcZ%2FPay7AsVAJFRkRX5cuMnCzkA4U3APKJ9%2BTrD6g9uw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cf-ray: 75bb13e16aeb7cd3-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35576

GET
H2 200 ManulifeJHSans-Light-vn-modified.woff2
manulife.thecrown.workers.dev/etc.clientlibs/coremfc/clientlibs/clientlib-site/resources/fonts/ 33 KB
34 KB 442ms
438ms Font
application/octet-stream 2606:4700:3037::6815:512
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://manulife.thecrown.workers.dev/etc.clientlibs/coremfc/clientlibs/clientlib-site/resources/fonts/ManulifeJHSans-Light-vn-modified.woff2
Requested by: Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d121244b899a2c185f8f441777597530f9a4d4e2fc0600fc344b34bff405d9e

Request headers

Referer: https://manulife.thecrown.workers.dev/
Origin: https://manulife.thecrown.workers.dev
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BhIV%2FvmjMerM1KTSIsz2vf9cw7vpy4sDHs%2BuwrYuS8p19qPl60gzGSIya%2FjVs0Ydjo96pdFtGwX7XDV9eGwDcuzccKfAfA%2Bg447kZJ0x5RHTzzGQOdfBhfCI51BN%2FPOzjx7SRj6GP7wOP4CrCg%2FFkHseI66ysesuCBKtAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cf-ray: 75bb13e16aec7cd3-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34284

GET
H2 200 ManulifeJHSans-Bold-vn-modified.woff2
manulife.thecrown.workers.dev/etc.clientlibs/coremfc/clientlibs/clientlib-site/resources/fonts/ 34 KB
34 KB 439ms
435ms Font
application/octet-stream 2606:4700:3037::6815:512
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://manulife.thecrown.workers.dev/etc.clientlibs/coremfc/clientlibs/clientlib-site/resources/fonts/ManulifeJHSans-Bold-vn-modified.woff2
Requested by: Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49a3265c12931e6b8cb588022d4e672bf2ac20a53bfbf3c37283da7cbb5d5a6c

Request headers

Referer: https://manulife.thecrown.workers.dev/
Origin: https://manulife.thecrown.workers.dev
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vlP%2F%2FNN%2BmQ6ZsF9grR5vrwHBnr7fG%2BefIg%2Br%2FsYFUKYd44QjAgOBD1waE9%2BAEdg6%2FGp20PwTyHRYbYjRp7bklEPHIt6QXTMyYhFcwPsNy3aHYbqRmKT7gWp4YriBpiuxZGs3xr8Pmr%2B3b4QsjWlz8O8u6rYmYwftH50VRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cf-ray: 75bb13e16aef7cd3-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34752

GET
H2 200 NotoSans-Regular.woff2
manulife.thecrown.workers.dev/etc.clientlibs/coremfc/clientlibs/clientlib-site/resources/fonts/ 20 KB
20 KB 460ms
457ms Font
application/octet-stream 2606:4700:3037::6815:512
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://manulife.thecrown.workers.dev/etc.clientlibs/coremfc/clientlibs/clientlib-site/resources/fonts/NotoSans-Regular.woff2
Requested by: Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f89638c921a206b987a3308834cf875295ec07d123a2328872c7583855052ea7

Request headers

Referer: https://manulife.thecrown.workers.dev/
Origin: https://manulife.thecrown.workers.dev
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YpUJBjCeRuoj4Pap%2FKGSMPa48Tj2MA%2FP4D6FdBe6on%2Bq0SwguHnoWQ8IMk9bKUbDOQZcyJQsgsCrNIH4WbECwfITugQFV3j4rS5LPc6s59M6AnD57dox6%2Bf5F8AzdhaUB4ZxchN7itIHnHU1%2BXjI69mZR0MlwfP3bowuqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cf-ray: 75bb13e16af17cd3-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20144

GET
H2 200 NotoSerif-Italic.woff2
manulife.thecrown.workers.dev/etc.clientlibs/coremfc/clientlibs/clientlib-site/resources/fonts/ 27 KB
27 KB 465ms
461ms Font
application/octet-stream 2606:4700:3037::6815:512
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://manulife.thecrown.workers.dev/etc.clientlibs/coremfc/clientlibs/clientlib-site/resources/fonts/NotoSerif-Italic.woff2
Requested by: Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f54c3a5c62c4a2f95d868125b0da05b9919e800dfeb84497b3010322fafb24c0

Request headers

Referer: https://manulife.thecrown.workers.dev/
Origin: https://manulife.thecrown.workers.dev
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TB64Mrl2yocYtYwxLr8AQbqG0s7B8L0jqmEewS1abFLIDezATdZqz8A%2BVdzlRwTDHW%2FETYLcJ2VwJTAbIlJOtu4yUbJXp%2BU8nab%2FiQTZ2CxLmsKUiaZ48f470%2B1foU%2BjHkkrZKQk0QU7udRxBXsW6IZfQdXqI1NpaLvwUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cf-ray: 75bb13e26ceb7cd3-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27644

GET
H2 200 NotoSans-Thin.woff2
manulife.thecrown.workers.dev/etc.clientlibs/coremfc/clientlibs/clientlib-site/resources/fonts/ 19 KB
20 KB 466ms
463ms Font
application/octet-stream 2606:4700:3037::6815:512
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://manulife.thecrown.workers.dev/etc.clientlibs/coremfc/clientlibs/clientlib-site/resources/fonts/NotoSans-Thin.woff2
Requested by: Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2534365fb225a3d51f0d10935cc7240a2bf9e42b2063dd8a465fc52fd88db669

Request headers

Referer: https://manulife.thecrown.workers.dev/
Origin: https://manulife.thecrown.workers.dev
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hub0ZlWSwWfVMrMyPev81jqT59pxKFATuDAOpJA6IATkVSJsGym3VGvTLclTgiPtKbN%2BV75HMmaeuFRExGswnPm3AUlZ3kvv6AYg0TliUhLp8OaksQhHK6xQYdYVuGXzoI%2B0iTo7tlR%2FU7M0tU5ry4AaYQ0Cg7RRB79NwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cf-ray: 75bb13e26cef7cd3-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19840

GET
H2 200 NotoSans-Semibold.woff2
manulife.thecrown.workers.dev/etc.clientlibs/coremfc/clientlibs/clientlib-site/resources/fonts/ 20 KB
21 KB 467ms
464ms Font
application/octet-stream 2606:4700:3037::6815:512
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://manulife.thecrown.workers.dev/etc.clientlibs/coremfc/clientlibs/clientlib-site/resources/fonts/NotoSans-Semibold.woff2
Requested by: Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e8104c483c014909d2f3e8782ccdbed46bfa5694c85473fd45948ebb7083da9

Request headers

Referer: https://manulife.thecrown.workers.dev/
Origin: https://manulife.thecrown.workers.dev
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2FRZ57gWSFTo2aPlAUxbUw14SktjpadAErdzrQvIZyCBvBMheADYh1JGYv0%2F9Y6mhamtcFTCKrEdusMsy0ICXn0snEYtTOUkTGJK94B2tdtZm4xAV5wejvNC4B41sbeEgbzzRHsHC1xcEYYbb9%2Bo3Z5r%2Fn6%2Bf0JD27F2Rg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cf-ray: 75bb13e26cf37cd3-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20772

GET
H2 200 NotoSans-Bold.ttf
manulife.thecrown.workers.dev/etc.clientlibs/coremfc/clientlibs/clientlib-site/resources/fonts/ 444 KB
445 KB 652ms
649ms Font
application/x-font-ttf 2606:4700:3037::6815:512
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://manulife.thecrown.workers.dev/etc.clientlibs/coremfc/clientlibs/clientlib-site/resources/fonts/NotoSans-Bold.ttf
Requested by: Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c15ac396d2ce6bc33a3b4efacdbd322c9e46376599a725c6f790d8036052cab

Request headers

Referer: https://manulife.thecrown.workers.dev/
Origin: https://manulife.thecrown.workers.dev
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JN3ls%2B3lll6eW4%2FbMgFdpkReDgZnmuGvPKGcpvN7pkOTYsfg6CpAmzfqDjqDPa4YN28LyNGSlQSntP4bhBGWKsZ%2B3UWyEPXfk2Oj5eZUEt%2FqZyuZVJimGoF00JgE1OlYnaBnZl2NdM8FG4IHgs7qdpIUn5wzRwzcAwU27g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-font-ttf
access-control-allow-origin: *
cf-ray: 75bb13e26cf67cd3-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 455164

GET
H2 200 ManulifeJHSans-Regular.woff2
manulife.thecrown.workers.dev/etc.clientlibs/coremfc/clientlibs/clientlib-site/resources/fonts/ 47 KB
47 KB 465ms
462ms Font
application/octet-stream 2606:4700:3037::6815:512
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://manulife.thecrown.workers.dev/etc.clientlibs/coremfc/clientlibs/clientlib-site/resources/fonts/ManulifeJHSans-Regular.woff2
Requested by: Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 365690660f64c87ecad36962bacce3bb1f810c23697a5d0e52b6a3928ea547ac

Request headers

Referer: https://manulife.thecrown.workers.dev/
Origin: https://manulife.thecrown.workers.dev
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u3ZcdRiAtPOC3wfUXkyQRaSJArIEI6SnsbyeGXQgD5EBvqBLK7T7xwnQaU%2Bfn9pvjqxO2pkt56Z%2F6XqK1wgNWhxQNS0Dp7TqdFyM6FowBEGtVe2CO1HBAHBoaNjGiBgsQGQJC9xWSHegjACJPCuIMo0%2BcTbdN7q1%2FGgnJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cf-ray: 75bb13e26cf87cd3-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 48060

GET
H2 200 static-icons.ttf
manulife.thecrown.workers.dev/etc.clientlibs/coremfc/clientlibs/clientlib-site/resources/fonts/icons/ 7 KB
8 KB 464ms
461ms Font
application/x-font-ttf 2606:4700:3037::6815:512
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://manulife.thecrown.workers.dev/etc.clientlibs/coremfc/clientlibs/clientlib-site/resources/fonts/icons/static-icons.ttf?ikmoi2
Requested by: Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc1dc7caefe258932c393dd881083efceaa913fb10ca460ed38e8de3a4ab3cfc

Request headers

Referer: https://manulife.thecrown.workers.dev/
Origin: https://manulife.thecrown.workers.dev
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fJ02AylUpWyljuCyi0Hy59sUXeYjnOuIsD33RboAr06r9L%2FpVESPpAXrTbGv0390pWBjJ8Z63tJUfdEo36AcsEAeDHoTupKk7XBaZ%2BsIJThSS5BhZawW4QwGba%2B%2BmPs%2F3batxDqJMSzNHCj%2BEiz3IIhgtffyOMu6TL3MMg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-font-ttf
access-control-allow-origin: *
cf-ray: 75bb13e26cfa7cd3-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7560

GET
H2 200 manulife-icons.ttf
manulife.thecrown.workers.dev/etc.clientlibs/coremfc/clientlibs/clientlib-site/resources/fonts/icons/ 167 KB
168 KB 461ms
459ms Font
application/x-font-ttf 2606:4700:3037::6815:512
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://manulife.thecrown.workers.dev/etc.clientlibs/coremfc/clientlibs/clientlib-site/resources/fonts/icons/manulife-icons.ttf?60zyhz
Requested by: Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab03c2db688fa8369d90631f16c3ed9971bd133ac9395feed53d6ce3b1724585

Request headers

Referer: https://manulife.thecrown.workers.dev/
Origin: https://manulife.thecrown.workers.dev
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fo%2BNBBvyrA4FHAh%2F5qqwUpDdHoMyNBkVqo%2BWSUWOTDxI0W3CjZ3SQLCpPL11TwzUZhPk8%2BTUdl7YOzh2bwD19tfbyFunqeksQ359cvv3tfd53%2BbJ6qd0RHOXAl13TaJLYYTG5i9fmOfRMhMIAXk6Ijicx2miQhwxnHWQBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-font-ttf
access-control-allow-origin: *
cf-ray: 75bb13e26cfd7cd3-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 171364

GET
H2 200 ManulifeJHSerif-Italic.woff2
manulife.thecrown.workers.dev/etc.clientlibs/coremfc/clientlibs/clientlib-site/resources/fonts/ 57 KB
58 KB 479ms
476ms Font
application/octet-stream 2606:4700:3037::6815:512
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://manulife.thecrown.workers.dev/etc.clientlibs/coremfc/clientlibs/clientlib-site/resources/fonts/ManulifeJHSerif-Italic.woff2
Requested by: Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 090e534f1d274d1094f453497779d3c8624839c95b45d2cb8f320b3d9134b646

Request headers

Referer: https://manulife.thecrown.workers.dev/
Origin: https://manulife.thecrown.workers.dev
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I9Qgy3nCO1hkWBW6F8iWfgeDH%2BSTB4eGlI18014iRM9pYKcwECTm7HXLw5QLd6SVLI3XW4I9AqbPopZKQSvUSzbwSVVWkYfs78%2Fn3U5fuZz5Y0bPTBxBdKMA1P5JC1JBgufhaZvbP5pvYJm7Yg4%2FNNQiywOgecoD6hqFGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cf-ray: 75bb13e26cff7cd3-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 58528

GET
H2 200 ManulifeJHSans-Demibold.woff2
manulife.thecrown.workers.dev/etc.clientlibs/coremfc/clientlibs/clientlib-site/resources/fonts/ 45 KB
45 KB 463ms
461ms Font
application/octet-stream 2606:4700:3037::6815:512
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://manulife.thecrown.workers.dev/etc.clientlibs/coremfc/clientlibs/clientlib-site/resources/fonts/ManulifeJHSans-Demibold.woff2
Requested by: Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e92ab03190640edfb9979313426abfafbec230fab768df4ed04af7c7369346c

Request headers

Referer: https://manulife.thecrown.workers.dev/
Origin: https://manulife.thecrown.workers.dev
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cPqqIpsefylcariW0QX9lOY6rKVaTYA%2BtC7B9CWQ1EKzuhKk%2FLV5cv8U8fAPKcbgVIAAF1A%2FMqoEb%2B5Lr6NH1ky6B906m4UehW5BV41IzhRbiFR3RRZiFrBEArDnknxnXorMuzAIxUSeZ%2FGNesYFJLe%2FuKl95ycWrAMTRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cf-ray: 75bb13e26d017cd3-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45596

GET
H2 200 ManulifeJHSans-Light.woff2
manulife.thecrown.workers.dev/etc.clientlibs/coremfc/clientlibs/clientlib-site/resources/fonts/ 48 KB
48 KB 479ms
477ms Font
application/octet-stream 2606:4700:3037::6815:512
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://manulife.thecrown.workers.dev/etc.clientlibs/coremfc/clientlibs/clientlib-site/resources/fonts/ManulifeJHSans-Light.woff2
Requested by: Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6997c672bf19d4b55756470340d139d08d9c136cac66c8012c433b1a34c56dd7

Request headers

Referer: https://manulife.thecrown.workers.dev/
Origin: https://manulife.thecrown.workers.dev
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qkMM%2FLz9b%2BJedwge8K9eofsZdTuv8p3M5clHY0WjVfjcIa55tkOkXM9H%2Fv4QyEyf7t1TySQraZc%2FvA5MERpfxATmWE0DRjXI7ZYqkdFtZXd7PdsheqU%2FPeR8fpFZmeDI5qV891YKkxSwr92zahGhud7O03OXWD231GmfZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cf-ray: 75bb13e26d047cd3-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 49020

GET
H2 200 Noto%20Sans%20Bold.woff
manulife.thecrown.workers.dev/etc.clientlibs/coremfc/clientlibs/clientlib-site/resources/fonts/ 26 KB
26 KB 462ms
460ms Font
application/x-font-woff 2606:4700:3037::6815:512
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://manulife.thecrown.workers.dev/etc.clientlibs/coremfc/clientlibs/clientlib-site/resources/fonts/Noto%20Sans%20Bold.woff
Requested by: Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4470baa551c40c1f03fc037492ca8662d3243f19b54f7904fc800e9b18ab4a48

Request headers

Referer: https://manulife.thecrown.workers.dev/
Origin: https://manulife.thecrown.workers.dev
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=to1brM00rC8jQjfArL2c%2F%2Fpqpqrvk4U%2BRPzbTKKPBuMt63eN6Aojh0Z4%2BpX%2Bajeuy7egx9ahK%2B2BT04mTwrR2OMTeRAYEcFLp2QW9HxtxoqjtdB7p6TxI5fhix9XNnRt105WJ9MG7DensgcoEO4Kwx7tQOmSA2MkgkiL0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-font-woff
access-control-allow-origin: *
cf-ray: 75bb13e26d067cd3-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26584

GET
H2 200 Noto%20Sans%20Bold.woff2
manulife.thecrown.workers.dev/etc.clientlibs/coremfc/clientlibs/clientlib-site/resources/fonts/ 20 KB
21 KB 479ms
477ms Font
application/octet-stream 2606:4700:3037::6815:512
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://manulife.thecrown.workers.dev/etc.clientlibs/coremfc/clientlibs/clientlib-site/resources/fonts/Noto%20Sans%20Bold.woff2
Requested by: Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ab43738690a4394f3e0d4999950ef6ac97520d2ae63f9ee18f25bf1fcab5da8

Request headers

Referer: https://manulife.thecrown.workers.dev/
Origin: https://manulife.thecrown.workers.dev
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G8tY5TIqKadbU7x113znIbb6FUpLxY8NFdjiSfqXHmYmC2JijSiRgHOd3MLVsqQCZlZttu2WHNxLYFtPKsmGhI3qjecVWUyFjEWFOWV8jDXzdi2xR4ngcHzK3fiwLZAv29c7vtZ%2F9GUpSs2lzs4df%2F4OxjVXu2rSgrn2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cf-ray: 75bb13e26d087cd3-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20704

GET
H2 200 nav-product.png
manulife.thecrown.workers.dev/content/dam/manulife/img/icons/ 8 KB
8 KB 347ms
335ms Image
image/png 2606:4700:3037::6815:512
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manulife.thecrown.workers.dev/content/dam/manulife/img/icons/nav-product.png
Requested by: Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a61ad4c30cefc78d47836b905658f057e2db58b36f5d287b0e863d8deb764d69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.thecrown.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lHWCahNILvHaVovUHGq4066I2%2BKGbNXYoPd9U3JbkVa4DnxpPyWPwfwgaLO90Y8pPRquDb0RyaYdq56E%2B80nSdSTC1k2OiR3hfllxtglb1OzgbTVY2FJu7wBh1v8fj4%2FxGd8SxMmF5C%2Fezk%2Fo4WPk7gBcJ9hiZXpU12dXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cf-ray: 75bb13e36f7f7cd3-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7731

GET
H2 200 nav-product-mob.png
manulife.thecrown.workers.dev/content/dam/manulife/img/icons/ 8 KB
9 KB 353ms
342ms Image
image/png 2606:4700:3037::6815:512
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manulife.thecrown.workers.dev/content/dam/manulife/img/icons/nav-product-mob.png
Requested by: Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c6a70995d64eae8e0fa60c9d534bf892e2f33680e9244c341eff56fb9608d9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.thecrown.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Iqe62uhlZtlW3KQRH2N1hYln5TnrVvES0Y68BVTfAHvDs4GtqVQHAmnCPTIlGO7%2BQIV%2BXOhbe5WyBBpuaeEHcXA6%2FZh0Y83I0yiFx3Xwl7umlNryV3gjyK1rlsbwZD45zWpHUtdhg3WOTLJ9J0m1TuWcJO2npmZUtORbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cf-ray: 75bb13e36f817cd3-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8408

GET
H2 200 Nav_05_promos.png
manulife.thecrown.workers.dev/content/dam/manulife/img/icons/ 5 KB
6 KB 357ms
346ms Image
image/png 2606:4700:3037::6815:512
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manulife.thecrown.workers.dev/content/dam/manulife/img/icons/Nav_05_promos.png
Requested by: Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58f3488d01cbc1580319faf0d469966e229234e0e5d47824a72ad8db0077eff9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.thecrown.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B8DKhwaCUT19wcgqcEX80BOfW3RLfxS1nvVPR1wW48D22SHFhBKFXWsCSPvZhJ94F%2FAvSFXJB7FsNVDdaoPHeAn%2FOYqz4YRmsDFW88nloYZnU0Yba1AC2juWvfPbK7vvrlYZWEmykP7r9gHKNfOF0SGht1KpIf6EAsqVAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cf-ray: 75bb13e36f847cd3-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5543

GET
H2 200 nav-promos-mob.png
manulife.thecrown.workers.dev/content/dam/manulife/img/icons/ 9 KB
9 KB 352ms
341ms Image
image/png 2606:4700:3037::6815:512
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manulife.thecrown.workers.dev/content/dam/manulife/img/icons/nav-promos-mob.png
Requested by: Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 686a3001f326bdfca93e22cb2276e58c763e0f158e4a1ccd3027c4598e1979b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.thecrown.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J1c5bNjwrxGCynv8acVp9E4VfCsoOtekZCg%2BY%2Blsp24SN%2BrKgWUUGxI0Hc7ObVyXtWbWeE%2FI3464JYorwdn1pvE01yai5z5acynlorDswiHWdrJ9QbJBw5ZRVDbfs580ujM7NHLdythq0B9CSDQ6pJQ4cbxsE6xaQMHA2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cf-ray: 75bb13e36f867cd3-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9131

GET
H2 200 nav-services.png
manulife.thecrown.workers.dev/content/dam/manulife/img/icons/ 8 KB
8 KB 347ms
336ms Image
image/png 2606:4700:3037::6815:512
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manulife.thecrown.workers.dev/content/dam/manulife/img/icons/nav-services.png
Requested by: Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 825b4d124129cd1bf6177276a2756274120cd0d0af028523fab206e982602a1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.thecrown.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PZQQNlZAOsSZmMxnErExLFR9nDXO1MgsqQCliIk4Otbt29fAwB1gTn7FIHl5my53TrA6T6gCvE8%2BZDP0%2FitOr6XrVxmkoloHAf79%2BJU1D4fePak%2FzSC9qHpiexzwAgHcL0DAU7V4YxN7vOKn0pJ5e3ieb7p6Zh4LmPo7Dg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cf-ray: 75bb13e36f887cd3-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7982

GET
H2 200 nav-services-mob.png
manulife.thecrown.workers.dev/content/dam/manulife/img/icons/ 9 KB
9 KB 352ms
342ms Image
image/png 2606:4700:3037::6815:512
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manulife.thecrown.workers.dev/content/dam/manulife/img/icons/nav-services-mob.png
Requested by: Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4165cf9e810d4c0bdb3af043f6f4f48cee75af21438f075d2c873592ed2f2e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.thecrown.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MprAvB1bX21chbZZF15qxpXKmnq6iqx5FW6%2BLkJYxP%2B7%2FxIsj3kZ2cUv9IvOxa89RrVp1c%2Fek%2Bi%2B3IhwmttpnTkwK5s0Zn9a0BRFoKoNt0bwuNbcPJYElT3yaB%2F2%2Ft3JNeUuKbqg3bCjrsiyUJy3triG3Kt8pQcRafILFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cf-ray: 75bb13e36f957cd3-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8717

GET
H2 200 Insights%20nav.svg
manulife.thecrown.workers.dev/content/dam/manulife/img/icons/ 971 B
701 B 350ms
340ms Image
image/svg+xml 2606:4700:3037::6815:512
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manulife.thecrown.workers.dev/content/dam/manulife/img/icons/Insights%20nav.svg
Requested by: Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb94b07ae871b0a4bc60ff722cc43f0cf328ad7d9805d7ba41a7edb3e0dda478

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.thecrown.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:35 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QUY3bK8eoV9ObSqoPiH3nLW27igClE34uRPlzcU9qmnKOoPIcpcTVo5MTMS6b6GjxLjiErI1X%2Bxn1%2FwIiTxEt%2B%2B%2BCHikKKwTa2R83nAvMcFKe5UJixZSmPtqP1UzVT2snVwgIp4SE0FrGOQtt9yh%2BUVTV8%2BCxXp0rxT8qw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 75bb13e36f977cd3-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 Insights%20mobile.svg
manulife.thecrown.workers.dev/content/dam/manulife/img/icons/ 977 B
689 B 353ms
343ms Image
image/svg+xml 2606:4700:3037::6815:512
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manulife.thecrown.workers.dev/content/dam/manulife/img/icons/Insights%20mobile.svg
Requested by: Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ab4c9a0a39de1c9db9381402cb084b98c3d8bfb3d881062b23f55b5a4889452

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.thecrown.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:35 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mDXx7jHxjSG5JcFiqyNTCjTtiNV5GiYHzGr5s%2FaJHfrGSgec6JBRk7M4qh%2F99su9ebs6ZPLzed6EN%2BoHV8Z0oLcD86Qev0VTA2Nsvjb7LrywUAw%2B8AU99XXsdU68kXvj6gOIY%2BeGi5qChNeKgyNNygUkg2UcOOtaHIUhiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 75bb13e36f987cd3-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 active1_80_white.svg
manulife.thecrown.workers.dev/content/dam/manulife/img/icons/80/ 1 KB
884 B 355ms
345ms Image
image/svg+xml 2606:4700:3037::6815:512
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manulife.thecrown.workers.dev/content/dam/manulife/img/icons/80/active1_80_white.svg
Requested by: Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26621c9ea937a96c2c664fa0eff571e50ddc26d1070b0139a1390b618974baa1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.thecrown.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:35 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q230wkZ9DqYsQgAb36VBl6QUQuSfvxUKGWJwhCA3tXzh6Ai51kdKx2E7MtwksAqntmtD%2BqR1CoTk9tUQqnmwil34L4bt0y1h7PPe9JybRkovzrW2STnMXqq6Jcy0%2Fz%2FryGFmsz1qj15G0Sqr404C33eAmTissi2iehDw7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 75bb13e36f9a7cd3-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 active1_80.svg
manulife.thecrown.workers.dev/content/dam/manulife/img/icons/80/ 2 KB
968 B 352ms
342ms Image
image/svg+xml 2606:4700:3037::6815:512
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manulife.thecrown.workers.dev/content/dam/manulife/img/icons/80/active1_80.svg
Requested by: Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01d00d5b77dd0e38eb6f7c30e8c08a7be0a2f2019cfed47d1d0e51f5bfff1161

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.thecrown.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:35 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jpztVePEHrNHBTnc8PrpftmfRDXvRI7MxO0r9Vl9439CTG6TixzUX0MQBUab0%2FcE1hu4tfaibgEGFapWmCxItVwDMr%2B8xFNuua8p%2BJwXIfzdecWoARi8C5cLGFNPjM7ldnc6%2FV%2F8YKG6BT%2BdZoiMA%2B2ITGKg6lt051F4OQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 75bb13e36f9d7cd3-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 About%20Us.png
manulife.thecrown.workers.dev/content/dam/manulife/img/icons/ 6 KB
7 KB 354ms
344ms Image
image/png 2606:4700:3037::6815:512
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manulife.thecrown.workers.dev/content/dam/manulife/img/icons/About%20Us.png
Requested by: Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72bc8b905483ce7eb607415d426f7a5b40bfb6b07f1abcbb8c4c0692c5ebd273

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.thecrown.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tce3Gst7ggLYsGLeMYm8rP5JJg6wRB8owXagxgiUGzdq64aW381WelcudzDPW%2FW4the7LnubfjZM5zUB3E7IqIbgY5bRxFY3UATywQvIv8Gd%2B6LP5PJgn09AEDILBUiNiVHBYmSF4o4noztoc0nG4iQPUtvGYK7bvd942w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cf-ray: 75bb13e36fa17cd3-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6528

GET
H2 200 nav-about-mob.png
manulife.thecrown.workers.dev/content/dam/manulife/img/icons/ 7 KB
7 KB 450ms
440ms Image
image/png 2606:4700:3037::6815:512
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manulife.thecrown.workers.dev/content/dam/manulife/img/icons/nav-about-mob.png
Requested by: Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6de2cb2e9827508530b860dbef61b30f2dddd88b59063368ea6a0d2258a35aa3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.thecrown.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sz%2F30Scr2iuyO7vGUhn%2B9%2FFO6HLZYGfSpmcQ%2BCIwFWO8VsKqmsuZJRsodSFx9x3pFaOYGJyUkyyXBxE%2BFxtmnVX730EyDlsQBQh9Hg7qJkRHQeiP98Qx2nr%2BBviKfs1281L%2FrENb%2BDVrHqlYy2obBs%2BFoRq6DCME7N6puw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cf-ray: 75bb13e36fa47cd3-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6843

GET
H2 200 nav-contact.png
manulife.thecrown.workers.dev/content/dam/manulife/img/icons/ 5 KB
6 KB 410ms
401ms Image
image/png 2606:4700:3037::6815:512
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manulife.thecrown.workers.dev/content/dam/manulife/img/icons/nav-contact.png
Requested by: Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7278c7f6f16ccc29a8563676999e7aac06001d420f4df4d7d4e695e293a9c2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.thecrown.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F1kz%2F3aKtumutGL5a8lJa%2BI4DKj%2Fo26tVFklp0hxCjwuAjAhWgixYyBa7%2BHjpGZAvmk34ac7oTMCgzfSbdNjX%2BhQA9KYlApiomiCLklXNrYnA15lY%2FEzHUavcdZTUgJUXXQvJr9R0ENanUKPuvxohVxFQI%2BPuTxNmCSxCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cf-ray: 75bb13e36fa67cd3-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5446

GET
H2 200 nav-contact-mob.png
manulife.thecrown.workers.dev/content/dam/manulife/img/icons/ 8 KB
9 KB 371ms
362ms Image
image/png 2606:4700:3037::6815:512
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manulife.thecrown.workers.dev/content/dam/manulife/img/icons/nav-contact-mob.png
Requested by: Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49053a8aef210530947a865cd3dc566ed13a973006aad1324692a48cbca8c1cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.thecrown.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CM1kYMETvONMUEjK6vpGU%2BNwemMSNpI99bN4719PLNN%2BtI5Nk0ioJ%2FCYgKG%2BdIqIpaDTvgFuIQ7oYLR2ZMU1oGNmF0Grj8gmFpR8FnkUvSPN3IHl%2B4dgn0T87Y%2Fc5cy1LN4PRwdVLxfUlNtOT1VIc9MU6tgpte9xwpV%2BTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cf-ray: 75bb13e36fa77cd3-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8458

GET
H2 200 Manulife-logo.svg
manulife.thecrown.workers.dev/etc.clientlibs/coremfc/clientlibs/clientlib-site/resources/ 3 KB
1 KB 370ms
361ms Image
image/svg+xml 2606:4700:3037::6815:512
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manulife.thecrown.workers.dev/etc.clientlibs/coremfc/clientlibs/clientlib-site/resources/Manulife-logo.svg
Requested by: Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99fc68142815ce8a705285672571f5c689ce4f67c4fb7bb94938e433372db49a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.thecrown.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:35 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FsDurwMjF2FLjITz6R2CBBfnEhYGVqLj%2FlB7v%2FNOtQ5J2CLxukLvdxKRk3QMQ36PwASgHvjF8JSDLCuRkNvfF9%2Bcqh%2FAGPbs4TKujvroaMyqnTK9Al8ki87gNYoKXN3ZQ6vzl6nW9%2Bm7VjGiqLC5qN1xUQqEwKWzVIKv0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 75bb13e37fd27cd3-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 Manulife-logo-mobile.svg
manulife.thecrown.workers.dev/etc.clientlibs/coremfc/clientlibs/clientlib-site/resources/ 5 KB
2 KB 354ms
345ms Image
image/svg+xml 2606:4700:3037::6815:512
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manulife.thecrown.workers.dev/etc.clientlibs/coremfc/clientlibs/clientlib-site/resources/Manulife-logo-mobile.svg
Requested by: Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3c3341af33ae17a2624a98d7104dfa22c5a684ee256445501b3e331291a02de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.thecrown.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:35 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s87TDHmjYoZ38sCH9YbepR%2BUYM66gDltncT0N6%2FeWNgg2deVZwrjwlgGbVrl%2FoIMgohw1zpGAH8Ls9n1Aa7R%2BcwB5CxEeIjpSLE8wxSx8LwKeGjq3qgyq8S8vLNw1eXFCWhCi%2FyC%2FW6aGeRnAJ%2BbT%2FJcvOTAgTMnOvkTSw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 75bb13e37fd67cd3-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 logo-white.svg
manulife.thecrown.workers.dev/content/dam/manulife/img/icons/ 2 KB
1 KB 353ms
344ms Image
image/svg+xml 2606:4700:3037::6815:512
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manulife.thecrown.workers.dev/content/dam/manulife/img/icons/logo-white.svg
Requested by: Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0dcc97d257f5d4801d95f5608a93a24c1f2ec7268a8690798b2a5f4e9e53a818

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.thecrown.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:35 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DipIeejLLmhkiyMiQaLZ4ZkTAJ7tRUz6IUA4DYGSXx%2BJc4umvWs%2BIbc0lCT3lWZ52LijMuyLeEZLAjQJP7rRFcg9xGMrZkjlY62zzvsK9R5h%2BOSd0mFev%2FtatViEM7SNobA8hQYVqC7Acnk4xrd60rp9UxpSoxa5CzJsDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 75bb13e37fd77cd3-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 cq5dam.web.1280.1280.jpeg
manulife.thecrown.workers.dev/content/dam/insurance/vn/images/move/PWS_Desktop.jpg/jcr:content/renditions/ 71 KB
72 KB 370ms
361ms Image
image/jpeg 2606:4700:3037::6815:512
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manulife.thecrown.workers.dev/content/dam/insurance/vn/images/move/PWS_Desktop.jpg/jcr:content/renditions/cq5dam.web.1280.1280.jpeg
Requested by: Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fde05be6a80b0cc628454e88f371f34891cb4ba1f70bd357c1bb105df53fa34f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.thecrown.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1GYa9kKlcJBb7ZGZQZjCWrTGoTDoy8HwFTsz5vF63a8eDZPcE0PlW4BiBEFhXuPgsksvY9A0H5zIKnsab98IMb8xGqhaDN3s5%2BFZ3BM9bDk75nkt6D%2FK5ITNS4iBjPdzldlaTU2hB5bNh5CTB9JZr26x7SVWW1jA94sOmg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cf-ray: 75bb13e37fda7cd3-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 73076

GET
H2 200 cq5dam.web.1280.1280.jpeg
manulife.thecrown.workers.dev/content/dam/insurance/vn/images/move/PWS_Mobile.jpg/jcr:content/renditions/ 56 KB
57 KB 352ms
344ms Image
image/jpeg 2606:4700:3037::6815:512
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manulife.thecrown.workers.dev/content/dam/insurance/vn/images/move/PWS_Mobile.jpg/jcr:content/renditions/cq5dam.web.1280.1280.jpeg
Requested by: Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 050d5ae691e3be8f8cd9459a91e96b553d6fac0fa95e4581fb5c418ddb49d2e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.thecrown.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IZNGdUX4qCHpHQO%2FprHABvNcPg0tU9uKqtofPdyY75qmDix63RltSUQ35R7rmADAtGSoV9GcgeZ8ODOyxF894gSL857XN4S1N18j3w2zdBoiydVKGweYYP53dFUCduoXOVVRH8CeVJMGJl%2Fmoa6ckjfAxDqVKS0qUVrZMg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cf-ray: 75bb13e37fde7cd3-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 57490

GET
H2 200 cq5dam.web.1280.1280.png
manulife.thecrown.workers.dev/content/dam/insurance/vn/images/carousel/prenatal-desktop.png/jcr:content/renditions/ 772 KB
773 KB 449ms
441ms Image
image/png 2606:4700:3037::6815:512
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manulife.thecrown.workers.dev/content/dam/insurance/vn/images/carousel/prenatal-desktop.png/jcr:content/renditions/cq5dam.web.1280.1280.png
Requested by: Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ee3b3259174484d4d92f0f7183ffa718e1f11b8aac1502dc9802e6fc44ca1a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.thecrown.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PjP0TE4vBobpAPmo0kUR%2BYRqQtTPN41aw8NFGg81ruwn3ajbqKxX03wCrjWtOnlXnl6mrhjhhG009tj3VE0NAnEMKeTSMsuSdUlPg6xJrz1YwluM0H6Kg9t7UrzcYObsL0hyh5BPhuOchGp4WxTzH2u%2BiMZD9Z%2Fo9yOrjw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cf-ray: 75bb13e37fe17cd3-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 790216

GET
H2 200 cq5dam.web.1280.1280.png
manulife.thecrown.workers.dev/content/dam/insurance/vn/images/carousel/Prenatal-mobile.png/jcr:content/renditions/ 213 KB
214 KB 410ms
402ms Image
image/png 2606:4700:3037::6815:512
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manulife.thecrown.workers.dev/content/dam/insurance/vn/images/carousel/Prenatal-mobile.png/jcr:content/renditions/cq5dam.web.1280.1280.png
Requested by: Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 568d0bdcb86607b826099ea009ebf73a4f16256c5ddd75705c2e0a7ea792c145

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.thecrown.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K0hZRQIOyMwZ0zJEhz1EEdI%2B1YUYfQMf3dFiTiIuIlV3p5WuhMVbFXCoOWMob5puV58u0BfZ3ky4l4i39p16pAh18d7pZs6tlUQmgXsPRFpxPdszzr%2FmUlW0X06pwk8%2FyaXV9xlzGBgYazPAY2BsMUTCJlJSKHngU9Yq6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cf-ray: 75bb13e37fe67cd3-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 218229

GET
H2 200 cq5dam.web.1280.1280.jpeg
manulife.thecrown.workers.dev/content/dam/insurance/vn/images/carousel/cws-new-function-pc.jpg/jcr:content/renditions/ 144 KB
144 KB 411ms
403ms Image
image/jpeg 2606:4700:3037::6815:512
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manulife.thecrown.workers.dev/content/dam/insurance/vn/images/carousel/cws-new-function-pc.jpg/jcr:content/renditions/cq5dam.web.1280.1280.jpeg
Requested by: Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab6fd0a7d868e8ed3ddb6fb8acc35659a857f070acda0d504ff0f2e41173e7f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.thecrown.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ka1nCGOiP92XGerf%2FLs0N7YcIPFUK4aXr1CIYwxByiTcjlbzyvPryB8UguDzmcilCf9F5LShRwUEbY%2BkAlEyYH4jfDd%2Fnpy3VsiFrfnk0qIq9L4g%2FFim6UuT4IMZJW%2BXEu84qZFEWcMEzPDMNmtBFSuYCwfUPNulqoiQhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cf-ray: 75bb13e37fea7cd3-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 147076

GET
H2 200 cq5dam.web.1280.1280.jpeg
manulife.thecrown.workers.dev/content/dam/insurance/vn/images/carousel/cws-new-function-mobile.jpg/jcr:content/renditions/ 90 KB
90 KB 351ms
343ms Image
image/jpeg 2606:4700:3037::6815:512
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manulife.thecrown.workers.dev/content/dam/insurance/vn/images/carousel/cws-new-function-mobile.jpg/jcr:content/renditions/cq5dam.web.1280.1280.jpeg
Requested by: Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e529ff3cc48e454e62091b78b2a7a9faf2c71d9a7fc68f112ce643b1236908ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.thecrown.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B7FNbsOiWcKwSvYIvmJDMfk57AVn5V6aSDwcQETLAinpMyxkNeiOr0fbqn%2BnjWlfDieQVensV0rJwkr2RCknH8Vt2agrO8hN2G8xRhwtEkuGWNX%2FqdxQuhCgXCPRQ68wdOyuTC7m0OVxYA7rW9V%2FPfpjh%2BOq7ymtqDzYKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cf-ray: 75bb13e37fed7cd3-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 91960

GET
H2 200 cq5dam.web.1280.1280.jpeg
manulife.thecrown.workers.dev/content/dam/insurance/vn/images/carousel/momo-bic-desktop.jpg/jcr:content/renditions/ 121 KB
122 KB 410ms
402ms Image
image/jpeg 2606:4700:3037::6815:512
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manulife.thecrown.workers.dev/content/dam/insurance/vn/images/carousel/momo-bic-desktop.jpg/jcr:content/renditions/cq5dam.web.1280.1280.jpeg
Requested by: Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4d4376ed96154511707200f76a6cd524abc389aa11407e82867f0c1bd07d20e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.thecrown.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kXTfS78xxuOAbD0SR5XZW39a%2FD8XAwaSsKElgAhoLZyU8I9UmehYHJqApWYebtLpMxFsRq2gGi72mWXWKTgVm5d80THA1upxMcxBSBPo3rmmXEDQdC2VtR%2BplcZEO96cqQjVXCi13P86AwbVxm1bGqCBHoA5MNYFehFFZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cf-ray: 75bb13e37fef7cd3-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 124265

GET
H2 200 cq5dam.web.1280.1280.jpeg
manulife.thecrown.workers.dev/content/dam/insurance/vn/images/carousel/momo-bic-mobile.jpg/jcr:content/renditions/ 58 KB
59 KB 353ms
346ms Image
image/jpeg 2606:4700:3037::6815:512
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manulife.thecrown.workers.dev/content/dam/insurance/vn/images/carousel/momo-bic-mobile.jpg/jcr:content/renditions/cq5dam.web.1280.1280.jpeg
Requested by: Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ee7adbe0f6bd7ee5892db2365382985f7f8630c20b9718de601a3cf06a28869

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.thecrown.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fpUJp2IOPP4QeXD512hVKcTA1mi%2BaNRKCgxsYeqXkoOr5DUDQ7ka5XgZHUdFTkyFfu7RszjUxn1DVBJfB%2Bm7LcJ8CS089QJ7yiJAEz3%2F8KOVHw%2BbM1nx3YYmHecjr8pQnHJYMj3QXlpn%2FO60g76xioGpG05fApYSoom0kw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cf-ray: 75bb13e37ff27cd3-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 59810

GET
H2 200 dn-form-check-up-30.svg
manulife.thecrown.workers.dev/content/dam/manulife/img/icons/ 499 B
597 B 448ms
441ms Image
image/svg+xml 2606:4700:3037::6815:512
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manulife.thecrown.workers.dev/content/dam/manulife/img/icons/dn-form-check-up-30.svg
Requested by: Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6135f41bab6df448c15af0becce481e802565d67105c638509e8d49befd7b188

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.thecrown.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:35 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CWGpqXCnUp%2BUeqOwroyG%2BTz7rpV1zP6QqymV3nsdVrYUedW0CFWwKtkoxVOeHU3qi1loglMonztDJFugxvzOeE7c5X2Kb%2F42QZn3xDw4r6noeP8WTRVMeEguarefmZY4q8mlJYcfAeuGCfPhcippoZTylCzk41MsiJT6TA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 75bb13e37ff47cd3-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 Product_01.svg
manulife.thecrown.workers.dev/content/dam/manulife/img/icons/ 2 KB
1 KB 351ms
344ms Image
image/svg+xml 2606:4700:3037::6815:512
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manulife.thecrown.workers.dev/content/dam/manulife/img/icons/Product_01.svg
Requested by: Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fab4f46650dc8899bf18ab73f28d41d7b7094be66c8dbd8d78020a7aec47f5e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.thecrown.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:35 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q8aU1zd6eS6oP8gdzDVz5%2BDnsu9IGgETK%2BO%2BCTqQhoScRi4dWOWLbp3j59aO5LAlH4TZdKkkkKFQSdWdL%2BMwKvnCG90dtzhYvv1mDhnZM%2BWwVofWYYrQfHoF0l%2FsKOIujpj1qq%2FmqVZ%2BQhQgX0XU0j%2FtJl9kseKEZn9xaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 75bb13e37ff97cd3-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 Se_05.svg
manulife.thecrown.workers.dev/content/dam/manulife/img/icons/ 2 KB
1 KB 351ms
344ms Image
image/svg+xml 2606:4700:3037::6815:512
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manulife.thecrown.workers.dev/content/dam/manulife/img/icons/Se_05.svg
Requested by: Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63ccbd69f31ab96cfdca1abf2f10ec61a25cad7baa19a33485fcdcd3c54409d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.thecrown.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:35 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OZHzbLyezrXJbYr6mSpEhVqiBD%2BttJivX%2B0GkaA4GIvLczhN%2FAjZ7Knr9DsClmvY6%2Ffuz1U8S4cc%2B5HTURnxMPyQTrW62lhYO%2BZup1WZXKyXxK%2FXTDFCt7E9FdnjPP3a1yNWVFaRzUGZLdjzjqq9dEsjmCYs7s%2BuI9SP5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 75bb13e37ffc7cd3-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 i-facebook.svg
manulife.thecrown.workers.dev/content/dam/manulife/img/icons/social-media/ 2 KB
958 B 352ms
345ms Image
image/svg+xml 2606:4700:3037::6815:512
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manulife.thecrown.workers.dev/content/dam/manulife/img/icons/social-media/i-facebook.svg
Requested by: Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5254ec23bbf174bee99ad0dbef921f9f7bcd5d1f1cba4f6b93ad023ce3e7b018

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.thecrown.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:35 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d2XXcqySx2MCzw4HbEPunpzU2PyYJ%2Fjw2Py1RMkeRDS93mfTCHsOlbCZVuajUadACD69jNpHTrAYeuACHtcn2surNYgg3iIeRgoeu2kzf1OPNvjOuyRwCjt9%2BMKadDSWEQsp8qgmDwEqt336j9dgdYLS6vMGB5RZJNo7Zg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 75bb13e37ffe7cd3-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 i-youtube.svg
manulife.thecrown.workers.dev/content/dam/manulife/img/icons/social-media/ 2 KB
1 KB 474ms
467ms Image
image/svg+xml 2606:4700:3037::6815:512
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manulife.thecrown.workers.dev/content/dam/manulife/img/icons/social-media/i-youtube.svg
Requested by: Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc55d554e9b60306e9048b578e324c3298a28515fc5f9c3f51b75ce7bf9f368a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.thecrown.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:35 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QbqvOpgWaTvvZmoiGvqMSQGXUXxLW%2FT5Osbu2ivsvZyJ7Z7eKDY82UZLSaXdWx435fslki4fgPJ1AQk3uR3DbAr7srrUOTt5q%2B5KrwCSKqCeuN98vsClywBQP%2BkPDBsUmarTyC3n9q8ytIKy2eFBJje%2BtmAWAZGz8dOXxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 75bb13e378007cd3-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 zalo.svg
manulife.thecrown.workers.dev/content/dam/insurance/vietnam/icons/ 2 KB
1 KB 367ms
361ms Image
image/svg+xml 2606:4700:3037::6815:512
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manulife.thecrown.workers.dev/content/dam/insurance/vietnam/icons/zalo.svg
Requested by: Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68ae3f088395792f2d0ff86a62a222e542915b9dd92cb88a880ae69138d7c904

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.thecrown.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:35 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OvrjXgiHDBAsArkdegNwdhJKSTCpr4iBsOPShFL%2BB7MzSV8E3xpnyRQl%2FGzaUh8pdrPoOV2qGyM77qXnXC0DdN0VX8AaQ7YJkHh7xCFg8hHkMwdpKVFR1FKkPskcA8ss4%2Fn8Up%2Bmlzn6uzSAhnn%2BK0TbUmqP38dyEF3%2BkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 75bb13e378037cd3-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 sublogo-mobile.svg
manulife.thecrown.workers.dev/content/experience-fragments/insurance/vietnam/footer-exp-fragment/master/_jcr_content/root/responsivegrid_247502717/responsivegrid/image.coreimg.svg/1544512007810/ 2 KB
1 KB 349ms
343ms Image
image/svg+xml 2606:4700:3037::6815:512
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manulife.thecrown.workers.dev/content/experience-fragments/insurance/vietnam/footer-exp-fragment/master/_jcr_content/root/responsivegrid_247502717/responsivegrid/image.coreimg.svg/1544512007810/sublogo-mobile.svg
Requested by: Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f353dbff2d36745685d0a144e990ce577f3dd5734bbf4d19bfdece5b956cf308

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.thecrown.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:35 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E1HWuBYvUM1tbUE%2BNIlpyO4g9FnHXWK%2F49f8tyhumg11Ow1LFbAt8F8K6HUIuLHhKslWGWZZoZj0snRuEzusWKvVZ0KDtHt0rO534X6B%2BZl%2B%2BHzUIifCXLHE00cI3hvspU6KpEmiN%2BIVrpZiBrUFb9gcHvjJfCPnDdn%2BQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 75bb13e378097cd3-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 clientlib-dependencies.min.js Show response
manulife.thecrown.workers.dev/etc.clientlibs/coremfc/clientlibs/ 235 KB
82 KB 373ms
362ms Script
application/javascript 2606:4700:3037::6815:512
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://manulife.thecrown.workers.dev/etc.clientlibs/coremfc/clientlibs/clientlib-dependencies.min.js
Requested by: Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07155360c4c291a2124e6b4f1ff19556feb57981b956d5fed9904d69644938a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.thecrown.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:35 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qfRVCJ9PV9cdmHF7F9Zaf7N2vV4UpxBc5vHHokyuwoKRzjYyu1utfQgOuOyQ44gtRJASgEQXW7jWATHeH8tUgA4xMx784xArqWst%2F2MwXjCeXk6n2XP0jHnGFTVGLsWVzaJpnIcE8s7eHtteogPUEYz77ERB8pvmj2922w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cf-ray: 75bb13e35f647cd3-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 clientlib-vendor.min.js Show response
manulife.thecrown.workers.dev/etc.clientlibs/coremfc/clientlibs/ 111 KB
29 KB 354ms
342ms Script
application/javascript 2606:4700:3037::6815:512
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://manulife.thecrown.workers.dev/etc.clientlibs/coremfc/clientlibs/clientlib-vendor.min.js
Requested by: Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6558520c219c3064173e30056121aeb6f1dcee1c74ceb666c8204791b373cf3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.thecrown.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:35 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=88EXSTi8kMNPXOqB%2Fk5ducoaH%2BvLrbhPyDJOtvqHLMkThaD8X2ffiEZecJQ5v4QIt%2FISpAYS1hCkhx2TSCpX8dfvFvsvcFxptfPAXUYOaOsvgCNnPed8tb5xLhQiJXUdOM6GXJFLSliRMNoAhWedy%2BAh2gJ9LBw7IN8Ugg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cf-ray: 75bb13e36f777cd3-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 clientlib-base.min.js Show response
manulife.thecrown.workers.dev/etc.clientlibs/coremfc/clientlibs/ 700 KB
192 KB 357ms
345ms Script
application/javascript 2606:4700:3037::6815:512
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://manulife.thecrown.workers.dev/etc.clientlibs/coremfc/clientlibs/clientlib-base.min.js
Requested by: Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f906edf515d5bece441fb103b86810818728d7220f9ffa4b64027fab22812ce4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.thecrown.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:35 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6H1pop%2BYk7ksEXEIVPli88DVq1M1eU6yJr0%2BQfr%2BdCZjQlPTnIAalelM8rDJVlpaTW9tLaEbSrtWAT0LXWk4zL2kWCVLpFIEeynvnFxXR8m96AA%2Bj4geWrJ7nYZSZNS1LKpzTmylk5YR77mNdSTpm%2F1xrk6daX6blf2rJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cf-ray: 75bb13e36f7c7cd3-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 clientlib-site.min.js Show response
manulife.thecrown.workers.dev/etc.clientlibs/insurance/clientlibs/ 0
428 B 353ms
341ms Script
application/javascript 2606:4700:3037::6815:512
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://manulife.thecrown.workers.dev/etc.clientlibs/insurance/clientlibs/clientlib-site.min.js
Requested by: Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.thecrown.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DCdgRdXGGEN7kPOKHI%2FXjUPFj79jlRVJGL68ymuvgJmA4XTOPm0pTB9XvI%2BF8Y04bpbYnkIB79M%2BHbFxgFPyCIeeZ6u0tHI0KXLR9hws62QzK7WT1yzFCB4m6iwcIUo7VFMmL1Bb%2FKD5hBvsJjlieUs1MfdkvzxadLrKiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cf-ray: 75bb13e36f7d7cd3-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 api.js Show response
www.recaptcha.net/recaptcha/ 921 B
1000 B 188ms
63ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api.js?hl=en&render=explicit&onload=onRecaptchaLoadCallback

Requested by

Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

73936dd49f66c6ae894648f18fd5e742b0c0940894c8ab5ef489847bebc75573

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.thecrown.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 587
x-xss-protection: 1; mode=block
expires: Mon, 17 Oct 2022 18:25:35 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 2 KB
2 KB 213ms
46ms XHR
application/json 52.211.12.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=37B127E253DB11F10A490D4E%40AdobeOrg&d_nsid=0&ts=1666031134973

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENb9d69a076d1e47f1903a1c7fcf793edd.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.211.12.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-12-99.eu-west-1.compute.amazonaws.com

Software

Resource Hash

90bb4e4c5c5ab1cb14ef55c27a67b95fc47c0c499cc541d96415dff2503362e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://manulife.thecrown.workers.dev/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-2-v044-022c8a2e6.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: bEY/ZAF2SOM=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://manulife.thecrown.workers.dev
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 718
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPb56e12d7054b4acea984e91c910051cc/ 33 KB
12 KB 24ms
18ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPb56e12d7054b4acea984e91c910051cc/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENb9d69a076d1e47f1903a1c7fcf793edd.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 04d439e000eb278a036c741b3a0b3ddb4b22087ff0bbb9342a6be5dc7d1ab60a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.thecrown.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:35 GMT
content-encoding: gzip
last-modified: Mon, 18 Oct 2021 21:37:16 GMT
server: AkamaiNetStorage
etag: "820eb42f3120ddf65e303b24a8285815:1634593036.305122"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://manulife.thecrown.workers.dev
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12200
expires: Mon, 17 Oct 2022 19:25:35 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EPb56e12d7054b4acea984e91c910051cc/ 3 KB
2 KB 25ms
19ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPb56e12d7054b4acea984e91c910051cc/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENb9d69a076d1e47f1903a1c7fcf793edd.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 99affd7a1c868ecf15a0789fc85e87ca23ae783e7916aee316e6282d9777369c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.thecrown.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:35 GMT
content-encoding: gzip
last-modified: Mon, 18 Oct 2021 21:37:16 GMT
server: AkamaiNetStorage
etag: "abbe69e5c8f385f00652c3d0c2bba347:1634593036.557115"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://manulife.thecrown.workers.dev
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1594
expires: Mon, 17 Oct 2022 19:25:35 GMT

GET
H2 200 AppMeasurement_Module_AudienceManagement.min.js Show response
assets.adobedtm.com/extensions/EPb56e12d7054b4acea984e91c910051cc/ 25 KB
9 KB 26ms
21ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPb56e12d7054b4acea984e91c910051cc/AppMeasurement_Module_AudienceManagement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENb9d69a076d1e47f1903a1c7fcf793edd.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 44495f451ea005302e82089cb8c166acd5e909b5862efc2fcba7f8249ff4469f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.thecrown.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

unused62: 8096267
date: Mon, 17 Oct 2022 18:25:35 GMT
content-encoding: gzip
last-modified: Mon, 18 Oct 2021 21:37:16 GMT
server: AkamaiNetStorage
etag: "66be6e24d6b0c77126d28b9abcd4eb38:1634593036.81505"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://manulife.thecrown.workers.dev
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 8761
expires: Mon, 17 Oct 2022 19:25:35 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 138ms
18ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENb9d69a076d1e47f1903a1c7fcf793edd.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.thecrown.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 17 Oct 2022 17:15:57 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 4178
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Mon, 17 Oct 2022 19:15:57 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 102 KB
27 KB 142ms
20ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENb9d69a076d1e47f1903a1c7fcf793edd.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

df95c359e3559c219087fcb7d390b577cbd6577c0338d18644bd275149c62a86

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.thecrown.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 17 Oct 2022 18:25:35 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 27029
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: Wn9Qgz4zvsp+NKkvtry6I0u2Ay7Fn0eIMzJD0bvO8z3rX6HWnTSNXhj3fncwILLGcFl9KrWDR4J96TZMps6goA==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 mgsensor.js Show response
a.mgid.com/ 15 KB
5 KB 259ms
136ms Script
application/javascript 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.mgid.com/mgsensor.js?d=1666031135026&source=gtm
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5ZJ4K6M
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f7599ba1e84432f7f3319c7ed71b84ed24ffbb9741bea6b3ec61ec370707541

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.thecrown.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:35 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: cbe45eb4-1ceb-453d-ab94-f6309b53ec1d
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 75bb13e3ad4b910a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK dest5.html Show response
manulife.demdex.net/ Frame 8DFE 7 KB
3 KB 308ms
70ms Document
text/html 34.250.104.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://manulife.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENb9d69a076d1e47f1903a1c7fcf793edd.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.250.104.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-250-104-41.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://manulife.thecrown.workers.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-1-v044-0f1bb4e60.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: /6boQRxYTQA=
content-encoding: gzip
date: Mon, 17 Oct 2022 18:25:35 GMT
last-modified: Mon, 17 Oct 2022 12:35:30 GMT
vary: accept-encoding

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=Y02eHwAAAB7rlgN-
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=02842798948331887740983987168700188387
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y02eHwAAAB7rlgN-

42 B
942 B

52ms
52ms

Image
image/gif

52.211.12.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y02eHwAAAB7rlgN-

Requested by

Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/

Protocol

HTTP/1.1

Server

52.211.12.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-12-99.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.thecrown.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v044-077cfb62e.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: zLP/M4waTwc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y02eHwAAAB7rlgN-
Date: Mon, 17 Oct 2022 18:25:35 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 rt.sdk.js Show response
track.rentracksw.com/js/ 1 KB
1 KB 765ms
236ms Script
text/javascript 54.64.81.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.rentracksw.com/js/rt.sdk.js?type=multi
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5ZJ4K6M
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.64.81.80 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-64-81-80.ap-northeast-1.compute.amazonaws.com
Software: Apache/2.4.27 (Amazon) OpenSSL/1.0.1e-fips PHP/5.6.35 /
Resource Hash: a46c212fbcf18e685389984b94d4b17c2c95820ae13f375690b6b63ceb440908

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.thecrown.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:35 GMT
last-modified: Wed, 08 Dec 2021 07:04:06 GMT
server: Apache/2.4.27 (Amazon) OpenSSL/1.0.1e-fips PHP/5.6.35
accept-ranges: bytes
etag: "4a7-5d29d187c3709"
content-length: 1191
content-type: text/javascript

GET
H3 200 1836692286580354 Show response
connect.facebook.net/signals/config/ 25 KB
7 KB 80ms
56ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1836692286580354?v=2.9.85&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e1cbfc17a5381bba66a543b0f1663062f6ea31d110310af5333876c7036ad6dd

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.thecrown.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 17 Oct 2022 18:25:35 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: aNilfL/wLDVqj+CHtQgGc1f0z0HbsdpHS7VvqWsdxRtUB2KtOf5EBTjon+8dWN9ZWk+Jnp7pm6d2OdSO+U6kNw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 1x1.gif
a.mgid.com/ 43 B
207 B 186ms
146ms Image
image/gif 2606:4700:1::6813:844e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.mgid.com/1x1.gif?id=612438&type=c&tg=&r=https%3A%2F%2Fmanulife.thecrown.workers.dev%2F&utmc=0&utmt=0&nv=1&utms=&utmcp=&utmm=&clid=&clidv=0&cmgid=0&cmtid=0&cmtuid=0&d=1666031135441
Requested by: Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:844e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.thecrown.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:35 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 75bb13e4dd13697b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
content-type: image/gif

GET
H2 200 /
www.facebook.com/tr/ 0
204 B 143ms
38ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1836692286580354&ev=PageView&dl=https%3A%2F%2Fmanulife.thecrown.workers.dev%2F&rl=&if=false&ts=1666031135457&sw=1600&sh=1200&v=2.9.85&r=stable&a=tmgoogletagmanager&ec=0&o=28&fbp=fb.2.1666031135456.1724218359&it=1666031135370&coo=false&rqm=GET

Requested by

Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.thecrown.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 17 Oct 2022 18:25:35 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H3 200 manulife-icons.ttf
manulife.thecrown.workers.dev/etc.clientlibs/coremfc/clientlibs/clientlib-site/resources/fonts/icons/ 167 KB
168 KB 506ms
505ms Font
application/x-font-ttf 2606:4700:3037::6815:512
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://manulife.thecrown.workers.dev/etc.clientlibs/coremfc/clientlibs/clientlib-site/resources/fonts/icons/manulife-icons.ttf?3jjwc2
Requested by: Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/etc.clientlibs/coremfc/clientlibs/clientlib-base.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab03c2db688fa8369d90631f16c3ed9971bd133ac9395feed53d6ce3b1724585

Request headers

Referer: https://manulife.thecrown.workers.dev/etc.clientlibs/coremfc/clientlibs/clientlib-base.min.css
Origin: https://manulife.thecrown.workers.dev
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X0HaJIvBolLJnQwPyx8YSpC%2FirZV6huE9QZx%2BvCewS5bgUOo2i4xKmo0qRpUYag75LoALtk742VwWSKXW3%2BypNTahzOYajcVf3k0E9Skq2PE23qdDx3%2FxmecddeUN1UFpU3z5mF5ToCwyFLPmcxITuuLoUgb%2B1ofMjnrtA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-font-ttf
access-control-allow-origin: *
cf-ray: 75bb13e61de07e50-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 171364

GET
H3 200 ManulifeJHSerif-Italic-vn-modified.woff2
manulife.thecrown.workers.dev/etc.clientlibs/coremfc/clientlibs/clientlib-site/resources/fonts/ 43 KB
43 KB 1101ms
1100ms Font
application/octet-stream 2606:4700:3037::6815:512
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://manulife.thecrown.workers.dev/etc.clientlibs/coremfc/clientlibs/clientlib-site/resources/fonts/ManulifeJHSerif-Italic-vn-modified.woff2
Requested by: Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/etc.clientlibs/coremfc/clientlibs/clientlib-base.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c97be647c6d0ffe950f7f885e64c6d6e221fbd9c61cba1f75bc19791dc0043c

Request headers

Referer: https://manulife.thecrown.workers.dev/etc.clientlibs/coremfc/clientlibs/clientlib-base.min.css
Origin: https://manulife.thecrown.workers.dev
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mC3drPOXCpGgcku%2F3E%2FRp3L4oM3qmktAfX%2FG1Esq32BRfNgT6S6DbmckAOPZs5fR%2BKXUYhizqb279byng63NCgSkdh4ZRXujhzt73Dkq%2Fn%2Bix57LfOXZMY%2FXB28BwM7FrkeJIWfUm7kHOWINKMCQ8546BnE8XS0bLaHfZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cf-ray: 75bb13e61de17e50-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43944

GET
H/1.1

200
OK

ibs:dpid=358&dpuuid=5520871624551491158
dpm.demdex.net/ Frame 8DFE
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID
https://dpm.demdex.net/ibs:dpid=358&dpuuid=5520871624551491158

42 B
942 B

41ms
41ms

Image
image/gif

52.211.12.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=358&dpuuid=5520871624551491158

Requested by

Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/

Protocol

HTTP/1.1

Server

52.211.12.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-12-99.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v044-016996127.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 5seiSkaZQLE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma: no-cache
Date: Mon, 17 Oct 2022 18:25:35 GMT
AN-X-Request-Uuid: ec8b95cf-595d-4819-be70-f6ff80db5ce9
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://dpm.demdex.net/ibs:dpid=358&dpuuid=5520871624551491158
Connection: keep-alive
X-Proxy-Origin: 146.70.117.78; 146.70.117.78; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 static-icons.ttf
manulife.thecrown.workers.dev/etc.clientlibs/coremfc/clientlibs/clientlib-site/resources/fonts/icons/ 7 KB
8 KB 307ms
306ms Font
application/x-font-ttf 2606:4700:3037::6815:512
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://manulife.thecrown.workers.dev/etc.clientlibs/coremfc/clientlibs/clientlib-site/resources/fonts/icons/static-icons.ttf?r0zl90
Requested by: Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/etc.clientlibs/coremfc/clientlibs/clientlib-base.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc1dc7caefe258932c393dd881083efceaa913fb10ca460ed38e8de3a4ab3cfc

Request headers

Referer: https://manulife.thecrown.workers.dev/etc.clientlibs/coremfc/clientlibs/clientlib-base.min.css
Origin: https://manulife.thecrown.workers.dev
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VOtVgBZTT3v76Jf8Ca6blMIhJIOdaweqAQ%2Bpi3LytqoXd9OQd0yuo0UOi%2BtxsZfrTubWSnAXBymrST1u9m5JMaGPRo8Q%2FbN68fASFmexpsTrqYHNtM5ZYZNWGsIw1XXibzVGuzSF%2FcWi%2FHmFFn7jiZP1bTjhnDvtrPRUww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-font-ttf
access-control-allow-origin: *
cf-ray: 75bb13e6fefc7e50-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7560

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEOzgae4vn6UZAn0idfXywiw&google_cver=1
dpm.demdex.net/ Frame 8DFE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MDI4NDI3OTg5NDgzMzE4ODc3NDA5ODM5ODcxNjg3MDAxODgzODc=
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MDI4NDI3OTg5NDgzMzE4ODc3NDA5ODM5ODcxNjg3MDAxODgzODc=&google_tc=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEOzgae4vn6UZAn0idfXywiw&google_cver=1?gdpr=0&gdpr_consent=

42 B
942 B

42ms
42ms

Image
image/gif

52.211.12.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEOzgae4vn6UZAn0idfXywiw&google_cver=1?gdpr=0&gdpr_consent=

Requested by

Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/

Protocol

HTTP/1.1

Server

52.211.12.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-12-99.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v044-057fd01b2.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: n9QMuJknRyw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Mon, 17 Oct 2022 18:25:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEOzgae4vn6UZAn0idfXywiw&google_cver=1?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 token.json Show response
manulife.thecrown.workers.dev/libs/granite/csrf/ 2 B
460 B 831ms
830ms XHR
application/json 2606:4700:3037::6815:512
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://manulife.thecrown.workers.dev/libs/granite/csrf/token.json
Requested by: Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.thecrown.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dFbnjdN6PYpqSJn3TawdKLCcATdnJhgRB9XmidDfQp4IxSRwN8IH%2BMpGwMu%2BL46Eiva%2F3iAcZCBpYmO2yPlkiY8LvKrNncx%2FWIYU7mYKhLvIg8aOnnadUNwAzts4jkGoksVpn8%2BIuXvkN8L%2F805sLCP3wl1YQG05GnRJhA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=iso-8859-1
access-control-allow-origin: *
cf-ray: 75bb13e8291f7e50-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2

GET
H/1.1

200
OK

ibs:dpid=1957&dpuuid=2DBC9490DBF765AD22DD86D0DA86648B
dpm.demdex.net/ Frame 8DFE
Redirect Chain

https://c.bing.com/c.gif?uid=02842798948331887740983987168700188387&Red3=MSAdobe_pd&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=2DBC9490DBF765AD22DD86D0DA86648B

42 B
942 B

87ms
86ms

Image
image/gif

52.211.12.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=1957&dpuuid=2DBC9490DBF765AD22DD86D0DA86648B

Requested by

Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/

Protocol

HTTP/1.1

Server

52.211.12.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-12-99.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v044-0d06541aa.edge-irl1.demdex.com 5 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: mchWBe8eTD8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Mon, 17 Oct 2022 18:25:35 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FAE85F4BC7644EC7809E534A7B75871E Ref B: FRAEDGE1113 Ref C: 2022-10-17T18:25:36Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://dpm.demdex.net/ibs:dpid=1957&dpuuid=2DBC9490DBF765AD22DD86D0DA86648B
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 rt.all.jsx Show response
track.rentracksw.com/js/ 15 KB
15 KB 237ms
237ms Script
application/javascript 54.64.81.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.rentracksw.com/js/rt.all.jsx?type=multi&t=1665878400000
Requested by: Host: track.rentracksw.com
URL: https://track.rentracksw.com/js/rt.sdk.js?type=multi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.64.81.80 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-64-81-80.ap-northeast-1.compute.amazonaws.com
Software: Apache/2.4.27 (Amazon) OpenSSL/1.0.1e-fips PHP/5.6.35 / PHP/5.6.35
Resource Hash: af02dc9e4df3d3bb90f2ea91bb46a0ef709f0c8a00110e26750fd43c01254dff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.thecrown.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: cache
date: Mon, 17 Oct 2022 18:25:36 GMT
last-modified: Wed, 08 Dec 2021 07:04:58 GMT
server: Apache/2.4.27 (Amazon) OpenSSL/1.0.1e-fips PHP/5.6.35
x-powered-by: PHP/5.6.35
etag: 9e93d9c8a198f7813d428be0da631301
p3p: CP='UNI CUR OUR'
content-type: application/javascript
cache-control: public, max-age=604800
expires: Mon, 24 Oct 2022 18:25:36 GMT

GET
H2 200 player_api Show response
www.youtube.com/ 992 B
2 KB 91ms
36ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/player_api

Requested by

Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/etc.clientlibs/coremfc/clientlibs/clientlib-base.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

afb565bd3ab9d35050ad68dc0b0c0982e9978a4a135bafaf7e4a8d733a348c32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.thecrown.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:36 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Mon, 17 Oct 2022 18:25:36 GMT

GET
H2 200 bridge
cm.adgrx.com/ Frame 8DFE 43 B
283 B 133ms
26ms Image
image/gif 72.251.245.181
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adgrx.com/bridge?AG_PID=adobe_aam&AG_SETCOOKIE
Requested by: Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.251.245.181 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 18:25:36 GMT
server: Cowboy
content-type: image/gif
p3p: CP="NOI OTC OTP OUR NOR"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx: ams-delivery-8
content-length: 43
expires: Thu, 23 Sep 2004 17:42:04 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ 392 KB
157 KB 61ms
15ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__en.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?hl=en&render=explicit&onload=onRecaptchaLoadCallback

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

396c964c85a9b2e9a380bb18b1f6d51960f2bc7f7d4fd2bcf4754fc0ac443cd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://manulife.thecrown.workers.dev/
Origin: https://manulife.thecrown.workers.dev
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 12:13:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22299
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 159789
x-xss-protection: 0
last-modified: Sun, 02 Oct 2022 20:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 17 Oct 2023 12:13:57 GMT

GET
H3 200 cac-loai-bao-hiem-cho-ba-bau-tot-nhat-ve-quyen-loi-thai-san.jpeg
manulife.thecrown.workers.dev/vi/_jcr_content/root/responsivegrid_1841728991/responsivegrid_23935_1714543101/responsivegrid/contentteaser_723587.coreimg.82.500.jpeg/1610759662754/ 17 KB
17 KB 465ms
463ms Image
image/jpeg 2606:4700:3037::6815:512
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manulife.thecrown.workers.dev/vi/_jcr_content/root/responsivegrid_1841728991/responsivegrid_23935_1714543101/responsivegrid/contentteaser_723587.coreimg.82.500.jpeg/1610759662754/cac-loai-bao-hiem-cho-ba-bau-tot-nhat-ve-quyen-loi-thai-san.jpeg
Requested by: Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1df89e9be8203b3c36b94347fe6d08d84449d9af531c3eb551ec8716567ffe68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.thecrown.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FhOhUaxnq%2FkeGK8LL90XFmXerAAVdfOWwfJRMsY5QM4ghpdBWla%2F0HI9ROHL2miQUlb2ZfQNs00HVyQeVKUqU9Vc52BIgETWiA%2B5CE5QLI97jdWF71K2GRpxNbpZkBEfcG%2BEarviyFZHh6hyz6UiLMK9Vmu0Dyskf0NdIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cf-ray: 75bb13ea6c617e50-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17057

GET
H3 200 mua-bao-hiem-nhan-tho-nhu-the-nao-cho-dung-va-du-buoc.jpeg
manulife.thecrown.workers.dev/vi/_jcr_content/root/responsivegrid_1841728991/responsivegrid_23935_1714543101/responsivegrid/contentteaser_copy_c.coreimg.82.500.jpeg/1654077606836/ 35 KB
36 KB 484ms
482ms Image
image/jpeg 2606:4700:3037::6815:512
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manulife.thecrown.workers.dev/vi/_jcr_content/root/responsivegrid_1841728991/responsivegrid_23935_1714543101/responsivegrid/contentteaser_copy_c.coreimg.82.500.jpeg/1654077606836/mua-bao-hiem-nhan-tho-nhu-the-nao-cho-dung-va-du-buoc.jpeg
Requested by: Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a409d59346a1b3f0fb3e7c6aa7c983d4118364d4b57dfd3a37e9c4f870aaa18d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.thecrown.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0bWyipVMCvnH%2FLJxmeFPPAu2f3gUOv0e0k9dBczcA5tDT4AMIQY1qlpZv%2F7yqYNUoFymkbCRP5V6AkCX6fQx%2Fw5K9G%2BH4l%2BFI0CEoN8opYPhY6gVqsFyifVkymKtJR8szjpmzPCImRtLoQCQ8HwI17dWV0vMDZJa25mDlw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cf-ray: 75bb13ea7c647e50-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36211

GET
H3 200 meo-tiet-kiem-5-ly-do-tai-sao-ban-khong-the-tiet-kiem-tien.jpeg
manulife.thecrown.workers.dev/vi/_jcr_content/root/responsivegrid_1841728991/responsivegrid_23935_1714543101/responsivegrid/contentteaser_146334_720282310.coreimg.82.500.jpeg/1610759325070/ 28 KB
28 KB 512ms
509ms Image
image/jpeg 2606:4700:3037::6815:512
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://manulife.thecrown.workers.dev/vi/_jcr_content/root/responsivegrid_1841728991/responsivegrid_23935_1714543101/responsivegrid/contentteaser_146334_720282310.coreimg.82.500.jpeg/1610759325070/meo-tiet-kiem-5-ly-do-tai-sao-ban-khong-the-tiet-kiem-tien.jpeg
Requested by: Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81a7501e213a6ca29d289010c68c1af906a445ac45d515ed4c39f5a953a017ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.thecrown.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:25:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dm6Cm43xzrbqs1ZWWQ0JoZ%2FBvloG06lTVa%2Fo6WoITI4AUvOVl4X%2BSKHiUF6B1gj3fb11XlKqxICBbMu0FVpL12U8r3rL6FN%2Bgq2s%2BtzfPQjALiOUqE6daVtw%2FydRNB2%2FOX088kJwRHUqtvJwXMftgOOqyhM8ep8eu5Vi8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cf-ray: 75bb13ea7c677e50-LAX
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28505

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/1f77e565/www-widgetapi.vflset/ 157 KB
52 KB 49ms
15ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1f77e565/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/player_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfc183a3b8afd5ba661c8f21b7dc87b22b2b7b6266b10a238334777964d9efcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.thecrown.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 18:11:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 819
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52749
x-xss-protection: 0
last-modified: Thu, 13 Oct 2022 00:21:58 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 17 Oct 2023 18:11:57 GMT

GET
H/1.1

200
OK

ibs:dpid=73426&dpuuid=02842798948331887740983987168700188387
dpm.demdex.net/ Frame 8DFE
Redirect Chain

https://ads.scorecardresearch.com/p?c1=9&c2=6034944&c3=2&cs_xi=02842798948331887740983987168700188387&rn=1666031135170&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D028427989483318...
https://ads.scorecardresearch.com/p2?c1=9&c2=6034944&c3=2&cs_xi=02842798948331887740983987168700188387&rn=1666031135170&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D02842798948331...
https://dpm.demdex.net/ibs:dpid=73426&dpuuid=02842798948331887740983987168700188387

42 B
942 B

53ms
52ms

Image
image/gif

52.211.12.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=73426&dpuuid=02842798948331887740983987168700188387

Requested by

Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/

Protocol

HTTP/1.1

Server

52.211.12.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-12-99.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v044-0c22dc413.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: q4PBVVn6SXg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=73426&dpuuid=02842798948331887740983987168700188387
date: Mon, 17 Oct 2022 18:25:36 GMT
via: 1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
content-length: 0
x-amz-cf-id: 78Suy8ZEx2qReBilnWOSvDE_LVGGdeM8ciq3s9N8tIm5gWuhQyGHrQ==
x-cache: Miss from cloudfront

GET
H2 200 s21926175344079 Show response
manulifefinancial.sc.omtrdc.net/b/ss/manufin-manulifecomvn-stg/10/JS-2.22.3-LCUM/ 117 B
429 B 577ms
174ms Script
application/x-javascript 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://manulifefinancial.sc.omtrdc.net/b/ss/manufin-manulifecomvn-stg/10/JS-2.22.3-LCUM/s21926175344079?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=17%2F9%2F2022%2018%3A25%3A36%201%200&d.&nsid=0&jsonv=1&.d&mid=02860129431592213660985790594356925747&aamlh=6&ce=UTF-8&cdp=3&pageName=manulife.thecrown.workers.dev&g=https%3A%2F%2Fmanulife.thecrown.workers.dev%2F&cc=VND&server=manulife.thecrown.workers.dev&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&v16=https%3A%2F%2Fmanulife.thecrown.workers.dev%2F&v18=B%E1%BA%A3o%20hi%E1%BB%83m%20Manulife%20Vi%E1%BB%87t%20Nam&c37=https%3A%2F%2Fmanulife.thecrown.workers.dev%2F&v75=02860129431592213660985790594356925747&v193=%7C%7C&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=37B127E253DB11F10A490D4E%40AdobeOrg&AQE=1

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/extensions/EPb56e12d7054b4acea984e91c910051cc/AppMeasurement.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

374dbe6b75a63c8f041fef41f925bdc57e1f0808f7340950da237baec9b14ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.thecrown.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Oct 2022 18:25:36 GMT
x-content-type-options: nosniff
last-modified: Tue, 18 Oct 2022 18:25:36 GMT
server: jag
etag: 3577774622856970240-4619984472453890154
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: application/x-javascript;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 117
x-xss-protection: 1; mode=block
expires: Sun, 16 Oct 2022 18:25:36 GMT

GET
H/1.1

200
OK

ibs:dpid=121998&dpuuid=
dpm.demdex.net/ Frame 8DFE
Redirect Chain

https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=02842798948331887740983987168700188387?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=02842798948331887740983987168700188387?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=

42 B
960 B

41ms
41ms

Image
image/gif

52.211.12.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=121998&dpuuid=

Requested by

Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/

Protocol

HTTP/1.1

Server

52.211.12.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-12-99.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v044-020c6b503.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: zsT6Vp1BRvw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error: 104,300
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

expires: 0
pragma: no-cache
date: Mon, 17 Oct 2022 18:25:36 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://dpm.demdex.net/ibs:dpid=121998&dpuuid=
cache-control: no-cache
x-server: 10.45.29.29
content-length: 0
x-consent: absent

GET
H2 200 nr-1184.min.js Show response
js-agent.newrelic.com/ 27 KB
11 KB 99ms
29ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1184.min.js
Requested by: Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 780861f2ab29c0144055244696561fb0306c8cb3cb7f548f9105c763b0e91f77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.thecrown.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 varnish
date: Mon, 17 Oct 2022 18:25:37 GMT
x-amz-request-id: GRC3DMXGQZ2564ZZ
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 10624
x-amz-id-2: ylmu71pDt9r5oxQqejfnBGcrRMz3dxa9DtUrJc2GrwLkWdXJmJOXKjN2q0q9fFhOoC8Y+lNK2w8=
x-served-by: cache-hhn4035-HHN
last-modified: Mon, 28 Sep 2020 16:34:45 GMT
server: AmazonS3
x-timer: S1666031137.041500,VS0,VE0
etag: "3d7f312be60d08a2568e311e4762f3af"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 145

GET
H/1.1 200
OK af9b922721 Show response
bam.nr-data.net/1/ 49 B
616 B 1124ms
555ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/af9b922721?a=216446863&sa=1&v=1184.ab39b52&t=Unnamed%20Transaction&rst=3398&ck=1&ref=https://manulife.thecrown.workers.dev/&be=1352&fe=3292&dc=2600&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1666031133657,%22n%22:0,%22f%22:1,%22dn%22:1,%22dne%22:18,%22c%22:18,%22s%22:186,%22ce%22:365,%22rq%22:365,%22rp%22:1175,%22rpe%22:1186,%22dl%22:1178,%22di%22:2597,%22ds%22:2597,%22de%22:2649,%22dc%22:3291,%22l%22:3291,%22le%22:3302%7D,%22navigation%22:%7B%7D%7D&fp=2022&fcp=2022&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1184.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a83848cf5c3d96caefe490c19e41659609b3691dd4c531cf925016c084d8e1b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://manulife.thecrown.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 17 Oct 2022 18:25:38 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
access-control-allow-credentials: true
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
CF-Ray: 75bb13f34c68563b-SIN

POST
H/1.1 200
OK af9b922721 Show response
bam.nr-data.net/resources/1/ 36 B
430 B 830ms
830ms XHR
text/plain 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/resources/1/af9b922721?a=216446863&sa=1&v=1184.ab39b52&t=Unnamed%20Transaction&rst=4529&ck=1&ref=https://manulife.thecrown.workers.dev/&st=1666031133657
Requested by: Host: manulife.thecrown.workers.dev
URL: https://manulife.thecrown.workers.dev/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2408419a1b1163bf72890751f03bfee9cfb9d7f8faa4ac880a5ca06a786c7bce

Request headers

Referer: https://manulife.thecrown.workers.dev/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
content-type: text/plain

Response headers

Date: Mon, 17 Oct 2022 18:25:38 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: https://manulife.thecrown.workers.dev
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 75bb13f6cf1d563b-SIN
Content-Length: 36

Verdicts & Comments Add Verdict or Comment

255 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.thecrown.workers.dev/	1970-01-20 08:56:47	Name: _gcl_au Value: 1.1.1945574288.1666031135
.demdex.net/	1970-01-20 11:06:23	Name: demdex Value: 02842798948331887740983987168700188387
.manulife.thecrown.workers.dev/	1969-12-31 23:59:59	Name: AMCVS_37B127E253DB11F10A490D4E%40AdobeOrg Value: 1
.manulife.thecrown.workers.dev/	1970-01-20 16:23:11	Name: _ga Value: GA1.4.180630157.1666031135
.manulife.thecrown.workers.dev/	1970-01-20 06:48:37	Name: _gid Value: GA1.4.289422665.1666031135
.everesttech.net/	1970-01-20 15:32:47	Name: everest_g_v2 Value: g_surferid~Y02eHwAAAB7rlgN-
.mgid.com/	1970-01-20 06:47:12	Name: __cf_bm Value: 7pZxbtbxu3N.r5LVJa.IrLuGKiytgR.hPPFNF_zR5Mo-1666031135-0-Aej6NMmrfwkR6q6v1+VIn9ob1d4tJ4e4W+8kil+hFcPmJh1cV2qRWWNOixs+DRkPfyApF7tUfGFReQe03Ei0eBE=
manulife.thecrown.workers.dev/	1970-01-20 08:56:47	Name: MgidSensorNVis Value: 1
manulife.thecrown.workers.dev/	1970-01-20 08:56:47	Name: MgidSensorHref Value: https://manulife.thecrown.workers.dev/
.thecrown.workers.dev/	1970-01-20 08:56:47	Name: _fbp Value: fb.2.1666031135456.1724218359
.dpm.demdex.net/	1970-01-20 11:06:23	Name: dpm Value: 02842798948331887740983987168700188387
.manulife.thecrown.workers.dev/	1970-01-20 16:23:11	Name: AMCV_37B127E253DB11F10A490D4E%40AdobeOrg Value: -2121179033%7CMCIDTS%7C19283%7CMCMID%7C02860129431592213660985790594356925747%7CMCAAMLH-1666635935%7C6%7CMCAAMB-1666635935%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1666038335s%7CNONE%7CMCSYNCSOP%7C411-19290%7CvVersion%7C5.3.0
.adnxs.com/	1970-01-20 08:56:47	Name: uuid2 Value: 5520871624551491158
.doubleclick.net/	1970-01-20 16:08:47	Name: IDE Value: AHWqTUnFDvZy3BbKd-7a7L0yK1FGcDM_pl7yHL09l4UZJuemvWq5hFILnoDDPBeIVaA
manulife.thecrown.workers.dev/	1969-12-31 23:59:59	Name: external_id Value: https://manulife.thecrown.workers.dev/
.bing.com/	1970-01-20 16:08:47	Name: MUID Value: 2DBC9490DBF765AD22DD86D0DA86648B
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: IgKzJE5rBrs
.youtube.com/	1970-01-20 11:06:23	Name: VISITOR_INFO1_LIVE Value: Uo-krFC3djI
.thecrown.workers.dev/	1969-12-31 23:59:59	Name: s_ips Value: 1200
.thecrown.workers.dev/	1969-12-31 23:59:59	Name: s_tp Value: 2843
.thecrown.workers.dev/	1969-12-31 23:59:59	Name: s_ppv Value: manulife.thecrown.workers.dev%2C42%2C42%2C1200%2C1%2C2
.thecrown.workers.dev/	1969-12-31 23:59:59	Name: s_cc Value: true
.demdex.net/	1970-01-20 11:06:23	Name: dextp Value: 358-1-1666031135739\|771-1-1666031135843\|1957-1-1666031135978\|58342-1-1666031136230\|73426-1-1666031136331\|121998-1-1666031136433
.crwdcntrl.net/	1969-12-31 23:59:59	Name: _cc_cc Value: ctst
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 59a55b39e3d040a6

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.mgid.com
ads.scorecardresearch.com
assets.adobedtm.com
bam.nr-data.net
c.bing.com
cm.adgrx.com
cm.everesttech.net
cm.g.doubleclick.net
connect.facebook.net
dpm.demdex.net
ib.adnxs.com
js-agent.newrelic.com
manulife.demdex.net
manulife.thecrown.workers.dev
manulifefinancial.sc.omtrdc.net
sync.crwdcntrl.net
track.rentracksw.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
www.recaptcha.net
www.youtube.com
13.36.218.177
142.250.185.130
143.204.215.58
151.101.130.137
162.247.241.14
2606:4700:1::6813:844e
2606:4700:3037::6815:512
2620:1ec:c11::200
2a00:1450:4001:802::200e
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2008
2a00:1450:4001:830::200e
2a02:26f0:3500:591::1e80
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
34.250.104.41
37.252.173.27
52.211.12.99
52.212.128.245
54.64.81.80
54.74.40.111
72.251.245.181
01d00d5b77dd0e38eb6f7c30e8c08a7be0a2f2019cfed47d1d0e51f5bfff1161
04d439e000eb278a036c741b3a0b3ddb4b22087ff0bbb9342a6be5dc7d1ab60a
050d5ae691e3be8f8cd9459a91e96b553d6fac0fa95e4581fb5c418ddb49d2e7
06bff916cefa0e2d5595ee421e0e8652f349e85c0a14a6e6921f4368200a9629
07155360c4c291a2124e6b4f1ff19556feb57981b956d5fed9904d69644938a0
090e534f1d274d1094f453497779d3c8624839c95b45d2cb8f320b3d9134b646
0dcc97d257f5d4801d95f5608a93a24c1f2ec7268a8690798b2a5f4e9e53a818
17bb36623329a9ba17be4ab8c60d23c025dc29150a44d6c5538b4c72f9c8e6ec
1c97be647c6d0ffe950f7f885e64c6d6e221fbd9c61cba1f75bc19791dc0043c
1df89e9be8203b3c36b94347fe6d08d84449d9af531c3eb551ec8716567ffe68
2408419a1b1163bf72890751f03bfee9cfb9d7f8faa4ac880a5ca06a786c7bce
2534365fb225a3d51f0d10935cc7240a2bf9e42b2063dd8a465fc52fd88db669
253b1196689fa4c31d414993d0e5431cf5a7f1f0a5e30a2e6a99eebd2c1dc4c4
26621c9ea937a96c2c664fa0eff571e50ddc26d1070b0139a1390b618974baa1
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f7599ba1e84432f7f3319c7ed71b84ed24ffbb9741bea6b3ec61ec370707541
365690660f64c87ecad36962bacce3bb1f810c23697a5d0e52b6a3928ea547ac
374dbe6b75a63c8f041fef41f925bdc57e1f0808f7340950da237baec9b14ec1
396c964c85a9b2e9a380bb18b1f6d51960f2bc7f7d4fd2bcf4754fc0ac443cd0
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44495f451ea005302e82089cb8c166acd5e909b5862efc2fcba7f8249ff4469f
4470baa551c40c1f03fc037492ca8662d3243f19b54f7904fc800e9b18ab4a48
49053a8aef210530947a865cd3dc566ed13a973006aad1324692a48cbca8c1cd
49a3265c12931e6b8cb588022d4e672bf2ac20a53bfbf3c37283da7cbb5d5a6c
4c6a70995d64eae8e0fa60c9d534bf892e2f33680e9244c341eff56fb9608d9c
4e8104c483c014909d2f3e8782ccdbed46bfa5694c85473fd45948ebb7083da9
5254ec23bbf174bee99ad0dbef921f9f7bcd5d1f1cba4f6b93ad023ce3e7b018
568d0bdcb86607b826099ea009ebf73a4f16256c5ddd75705c2e0a7ea792c145
58f3488d01cbc1580319faf0d469966e229234e0e5d47824a72ad8db0077eff9
5e92ab03190640edfb9979313426abfafbec230fab768df4ed04af7c7369346c
5ee3b3259174484d4d92f0f7183ffa718e1f11b8aac1502dc9802e6fc44ca1a0
5ee7adbe0f6bd7ee5892db2365382985f7f8630c20b9718de601a3cf06a28869
6135f41bab6df448c15af0becce481e802565d67105c638509e8d49befd7b188
63ccbd69f31ab96cfdca1abf2f10ec61a25cad7baa19a33485fcdcd3c54409d1
686a3001f326bdfca93e22cb2276e58c763e0f158e4a1ccd3027c4598e1979b3
68ae3f088395792f2d0ff86a62a222e542915b9dd92cb88a880ae69138d7c904
6997c672bf19d4b55756470340d139d08d9c136cac66c8012c433b1a34c56dd7
6d121244b899a2c185f8f441777597530f9a4d4e2fc0600fc344b34bff405d9e
6de2cb2e9827508530b860dbef61b30f2dddd88b59063368ea6a0d2258a35aa3
72bc8b905483ce7eb607415d426f7a5b40bfb6b07f1abcbb8c4c0692c5ebd273
73936dd49f66c6ae894648f18fd5e742b0c0940894c8ab5ef489847bebc75573
780861f2ab29c0144055244696561fb0306c8cb3cb7f548f9105c763b0e91f77
7ab43738690a4394f3e0d4999950ef6ac97520d2ae63f9ee18f25bf1fcab5da8
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c15ac396d2ce6bc33a3b4efacdbd322c9e46376599a725c6f790d8036052cab
81a7501e213a6ca29d289010c68c1af906a445ac45d515ed4c39f5a953a017ff
825b4d124129cd1bf6177276a2756274120cd0d0af028523fab206e982602a1a
8ab4c9a0a39de1c9db9381402cb084b98c3d8bfb3d881062b23f55b5a4889452
90bb4e4c5c5ab1cb14ef55c27a67b95fc47c0c499cc541d96415dff2503362e1
94343da2d0669a14e6065bdfeb861bc1327303a14d9c29bbbde2dbef126dc3b7
99affd7a1c868ecf15a0789fc85e87ca23ae783e7916aee316e6282d9777369c
99fc68142815ce8a705285672571f5c689ce4f67c4fb7bb94938e433372db49a
a409d59346a1b3f0fb3e7c6aa7c983d4118364d4b57dfd3a37e9c4f870aaa18d
a46c212fbcf18e685389984b94d4b17c2c95820ae13f375690b6b63ceb440908
a4d4376ed96154511707200f76a6cd524abc389aa11407e82867f0c1bd07d20e
a61ad4c30cefc78d47836b905658f057e2db58b36f5d287b0e863d8deb764d69
a83848cf5c3d96caefe490c19e41659609b3691dd4c531cf925016c084d8e1b0
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab03c2db688fa8369d90631f16c3ed9971bd133ac9395feed53d6ce3b1724585
ab6fd0a7d868e8ed3ddb6fb8acc35659a857f070acda0d504ff0f2e41173e7f4
af02dc9e4df3d3bb90f2ea91bb46a0ef709f0c8a00110e26750fd43c01254dff
afb565bd3ab9d35050ad68dc0b0c0982e9978a4a135bafaf7e4a8d733a348c32
b3c3341af33ae17a2624a98d7104dfa22c5a684ee256445501b3e331291a02de
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
c4165cf9e810d4c0bdb3af043f6f4f48cee75af21438f075d2c873592ed2f2e5
c93aeb353f1449ca43fca9fc1f86cc24b0642d163cac57ebc90868bf7ae417a7
cb94b07ae871b0a4bc60ff722cc43f0cf328ad7d9805d7ba41a7edb3e0dda478
cc55d554e9b60306e9048b578e324c3298a28515fc5f9c3f51b75ce7bf9f368a
cfc183a3b8afd5ba661c8f21b7dc87b22b2b7b6266b10a238334777964d9efcf
d705be584b93839b6ce0a090772dee0c358d0c4fda219b761724d96ead024c02
d8a75d918ddd574026d721058790dd07fc7424ad500e3d9f5be856e921be08f1
dc1dc7caefe258932c393dd881083efceaa913fb10ca460ed38e8de3a4ab3cfc
df95c359e3559c219087fcb7d390b577cbd6577c0338d18644bd275149c62a86
e1cbfc17a5381bba66a543b0f1663062f6ea31d110310af5333876c7036ad6dd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e529ff3cc48e454e62091b78b2a7a9faf2c71d9a7fc68f112ce643b1236908ab
e7278c7f6f16ccc29a8563676999e7aac06001d420f4df4d7d4e695e293a9c2f
eb1688d5d5f4bce59a2448411dfa2ff37b87f45b48921453bd52cb4e7846909b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f236267e08c3eb3c1bc4786dc0815ad36f503600cbfb50a95c0824b2dd971f14
f353dbff2d36745685d0a144e990ce577f3dd5734bbf4d19bfdece5b956cf308
f54c3a5c62c4a2f95d868125b0da05b9919e800dfeb84497b3010322fafb24c0
f6558520c219c3064173e30056121aeb6f1dcee1c74ceb666c8204791b373cf3
f89638c921a206b987a3308834cf875295ec07d123a2328872c7583855052ea7
f906edf515d5bece441fb103b86810818728d7220f9ffa4b64027fab22812ce4
fab4f46650dc8899bf18ab73f28d41d7b7094be66c8dbd8d78020a7aec47f5e5
fde05be6a80b0cc628454e88f371f34891cb4ba1f70bd357c1bb105df53fa34f

manulife.thecrown.workers.dev Open in urlscan Pro 2606:4700:3037::6815:512 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

96 Requests

94 %HTTPS

48 %IPv6

22 Domains

23 Subdomains

17 IPs

6 Countries

3976 kBTransfer

6538 kBSize

25 Cookies

8 Outgoing links

Page URL History

Redirected requests

96 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

manulife.thecrown.workers.dev Open in urlscan Pro
2606:4700:3037::6815:512 Public Scan

Screenshot
Live screenshot

Full Image

96
Requests

94 %
HTTPS

48 %
IPv6

22
Domains

23
Subdomains

17
IPs

6
Countries

3976 kB
Transfer

6538 kB
Size

25
Cookies

96 HTTP transactions
0 data transactions