urlscan.io logo urlscan.io
SecurityTrails logo

manulife.everythingcard.ca Open in urlscan Pro
172.67.73.12  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://manulife.everythingcard.ca/
Effective URL: https://manulife.everythingcard.ca/welcome/code
Submission: On October 15 via manual from HK — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 1 countries across 10 domains to perform 44 HTTP transactions. The main IP is 172.67.73.12, located in United States and belongs to CLOUDFLARENET, US. The main domain is manulife.everythingcard.ca.
TLS certificate: Issued by WE1 on September 14th 2024. Valid for: 3 months.
This is the only time manulife.everythingcard.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 16 172.67.73.12 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2607:f8b0:400... 15169 (GOOGLE)
6 2606:4700::68... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
4 2a04:4e42::485 54113 (FASTLY)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
1 172.67.209.71 13335 (CLOUDFLAR...)
44 12
16    172.67.73.12 (United States)

ASN13335 (CLOUDFLARENET, US)
manulife.everythingcard.ca
1    2606:4700::6812:1fea (United States)

ASN13335 (CLOUDFLARENET, US)
app.termly.io
4    2607:f8b0:400d:c0c::5f (Morganton, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
ajax.googleapis.com
6    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2607:f8b0:400d:c0b::93 (Morganton, United States)

ASN15169 (GOOGLE, US)
www.google.com
4    2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    2606:4700:3031::ac43:d36b (United States)

ASN13335 (CLOUDFLARENET, US)
fraud.esiance.com
1    2607:f8b0:400d:c0f::5e (Morganton, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    2607:f8b0:4004:c09::64 (Washington, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2607:f8b0:400d:c0b::5e (Morganton, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2607:f8b0:400d:c0b::6a (Morganton, United States)

ASN15169 (GOOGLE, US)
www.google.com
1    172.67.209.71 (United States)

ASN13335 (CLOUDFLARENET, US)
fraud.cardswap.ca
Apex Domain
Subdomains		 Transfer
16 everythingcard.ca
manulife.everythingcard.ca
4 MB
6 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 220
124 KB
5 gstatic.com
www.gstatic.com
fonts.gstatic.com
317 KB
4 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 311
76 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 3
1 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
ajax.googleapis.com — Cisco Umbrella Rank: 412
153 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
23 KB
1 cardswap.ca
fraud.cardswap.ca
815 B
1 esiance.com
fraud.esiance.com
3 KB
1 termly.io
app.termly.io — Cisco Umbrella Rank: 14616
158 KB
44 10
Domain Requested by
16 manulife.everythingcard.ca 1 redirects manulife.everythingcard.ca
6 cdnjs.cloudflare.com manulife.everythingcard.ca
cdnjs.cloudflare.com
fraud.esiance.com
4 fonts.gstatic.com fonts.googleapis.com
4 cdn.jsdelivr.net manulife.everythingcard.ca
4 www.google.com manulife.everythingcard.ca
www.gstatic.com
3 www.google-analytics.com manulife.everythingcard.ca
www.google-analytics.com
3 fonts.googleapis.com manulife.everythingcard.ca
1 fraud.cardswap.ca fraud.esiance.com
1 www.gstatic.com www.google.com
1 fraud.esiance.com manulife.everythingcard.ca
1 ajax.googleapis.com manulife.everythingcard.ca
1 app.termly.io manulife.everythingcard.ca
44 12

This site contains links to these domains. Also see Links.

Domain
www.everythingcard.ca
Subject Issuer Validity Valid
everythingcard.ca
WE1		 2024-09-14 -
2024-12-13		 3 months crt.sh
app.termly.io
Sectigo RSA Domain Validation Secure Server CA		 2024-05-28 -
2025-06-28		 a year crt.sh
upload.video.google.com
WR2		 2024-09-24 -
2024-12-17		 3 months crt.sh
cdnjs.cloudflare.com
WE1		 2024-09-28 -
2024-12-27		 3 months crt.sh
www.google.com
WR2		 2024-09-24 -
2024-12-17		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3		 2024-07-30 -
2025-08-31		 a year crt.sh
esiance.com
WE1		 2024-10-12 -
2025-01-10		 3 months crt.sh
*.gstatic.com
WR2		 2024-09-24 -
2024-12-17		 3 months crt.sh
*.google-analytics.com
WR2		 2024-09-24 -
2024-12-17		 3 months crt.sh
*.google.com
WR2		 2024-09-24 -
2024-12-17		 3 months crt.sh
cardswap.ca
WE1		 2024-09-23 -
2024-12-22		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://manulife.everythingcard.ca/welcome/code
Frame ID: 4A542052D778E934B70696F0F02174D4
Requests: 41 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcujKsnAAAAAP8wCkPIOUUcLe6g4wGp_FvyOe2f&co=aHR0cHM6Ly9tYW51bGlmZS5ldmVyeXRoaW5nY2FyZC5jYTo0NDM.&hl=en&v=aR-zv8WjtWx4lAw-tRCA-zca&size=invisible&cb=ks968epy6s3j
Frame ID: 34C26567DC1E75672FC1EFBBC4568241
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le07woUAAAAAHwx_Ff8P-SMEXn6Ah2wkCvv4Nz-&co=aHR0cHM6Ly9tYW51bGlmZS5ldmVyeXRoaW5nY2FyZC5jYTo0NDM.&hl=en&v=aR-zv8WjtWx4lAw-tRCA-zca&size=normal&cb=k6ggzgg32dmi
Frame ID: BD52756D2DDCA5CA8568E443C1348B2B
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=aR-zv8WjtWx4lAw-tRCA-zca&k=6Le07woUAAAAAHwx_Ff8P-SMEXn6Ah2wkCvv4Nz-
Frame ID: 210F3B0201CFA54F5D988EF5FA0D3AA4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

EverythingCard

Page URL History Show full URLs

  1. http://manulife.everythingcard.ca/ HTTP 307
    https://manulife.everythingcard.ca/ HTTP 302
    https://manulife.everythingcard.ca/welcome/code Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • handlebars(?:\.runtime)?(?:-v([\d.]+?))?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • fingerprint(\d)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

44
Requests

100 %
HTTPS

83 %
IPv6

10
Domains

12
Subdomains

12
IPs

1
Countries

5270 kB
Transfer

7340 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://manulife.everythingcard.ca/ HTTP 307
    https://manulife.everythingcard.ca/ HTTP 302
    https://manulife.everythingcard.ca/welcome/code Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

44 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request code
manulife.everythingcard.ca/welcome/
Redirect Chain
  • http://manulife.everythingcard.ca/
  • https://manulife.everythingcard.ca/
  • https://manulife.everythingcard.ca/welcome/code
53 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://manulife.everythingcard.ca/welcome/code
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0d70963e6f859882a067652d9f0abc6a7cc0ad58c70c1f8bd9d8c4c123be1e7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8d2e8b641ac142ce-EWR
content-encoding
gzip
content-length
11408
content-type
text/html; charset=UTF-8
date
Tue, 15 Oct 2024 08:47:27 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=46588%2BkyZ7QVKd3dQV0jEvmOgUI0C5PmdWUThtuRpO%2BKrVCjx0KNqMUMvKXMacXnanewLWRS9h5jtzwgPll%2BCvksql6RFK8sJJffvLWuJnbqfIbaegDtqyD6Q4ppUEmztSsEfc2cm26uMSwZ"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=63072000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff nosniff
x-frame-options
SAMEORIGIN SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8d2e8b6249d242ce-EWR
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 15 Oct 2024 08:47:27 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
/welcome/code
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v2tjeyv%2BOCOByWVWB%2FuYZgSzEQObChqsZ5hbL2qNnihoqkNLeESu6SY9LvZAWGy96aQY9G%2B%2Fzw8ndHwDQ8QKRGhAfXk3chH4VaGv7PK9Hdfo71oBq%2FJiu4KdOfsfup0BLAsutI3%2Bc3VkU9QX"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff nosniff
x-frame-options
SAMEORIGIN SAMEORIGIN
x-xss-protection
1; mode=block
8b731d86-7181-41ab-9405-fb1844f57a9a
app.termly.io/resource-blocker/ 		502 KB
158 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.termly.io/resource-blocker/8b731d86-7181-41ab-9405-fb1844f57a9a?autoBlock=on
Requested by
Host: manulife.everythingcard.ca
URL: https://manulife.everythingcard.ca/welcome/code
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1fea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6571ac0ed89251521aa6ddf8377e408e962dfaa5704ca900387c7c1cfdef9021

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://manulife.everythingcard.ca/

Response headers

cache-control
max-age=14400, public
content-encoding
br
etag
W/"details::b736b4b858424a71865b6d860e895f9b||embed::6709981a-7b8cb"
cf-ray
8d2e8b68dddd437f-EWR
alt-svc
h3=":443"; ma=86400
date
Tue, 15 Oct 2024 08:47:28 GMT
content-type
text/javascript;charset=UTF-8
vary
Accept-Encoding
server
cloudflare
css2
fonts.googleapis.com/ 		468 KB
121 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@100;300;400;700&family=Raleway:wght@100;200;300;400;600&family=Roboto:wght@100;300;400;700&display=swap
Requested by
Host: manulife.everythingcard.ca
URL: https://manulife.everythingcard.ca/welcome/code
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0c::5f Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
de584eaa64f2e5e0aea9e816fa1468f5d97b88131ea8dfdd1578832124df6f52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://manulife.everythingcard.ca/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 15 Oct 2024 08:47:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 15 Oct 2024 08:47:28 GMT
content-type
text/css; charset=utf-8
last-modified
Tue, 15 Oct 2024 08:47:28 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css2
fonts.googleapis.com/ 		820 B
453 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Baskervville:ital@1&display=swap
Requested by
Host: manulife.everythingcard.ca
URL: https://manulife.everythingcard.ca/welcome/code
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0c::5f Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
57061c5be2221c59e6122a7ede5f8d614e728b08765a0c3618f40c879b4a08b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://manulife.everythingcard.ca/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 15 Oct 2024 08:47:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 15 Oct 2024 08:47:28 GMT
content-type
text/css; charset=utf-8
last-modified
Tue, 15 Oct 2024 08:47:28 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css2
fonts.googleapis.com/ 		5 KB
723 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Tajawal:wght@300;400;500;700&display=swap
Requested by
Host: manulife.everythingcard.ca
URL: https://manulife.everythingcard.ca/welcome/code
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0c::5f Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3a06502cfdf4f8e4208b1b9a33bc8643e3f80cf41df0e96582106d97487629fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://manulife.everythingcard.ca/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 15 Oct 2024 08:47:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 15 Oct 2024 08:47:28 GMT
content-type
text/css; charset=utf-8
last-modified
Tue, 15 Oct 2024 07:12:46 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/ 		58 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Requested by
Host: manulife.everythingcard.ca
URL: https://manulife.everythingcard.ca/welcome/code
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://manulife.everythingcard.ca/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"613fa20b-28de"
age
392685
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dnmxx3FIXbcem648qt3LPGWxJjWEJQYCDe%2FD9tYkiJDSKxQO%2BmU1okQKCPcwMlsJbXl5UWtXhKTFBfx0oxy7qyulEyRIRdtMiXslbUANyVXA%2FYNnO6dhH3Lq8QJHzOaWPnBB5h2TL45lRluDq0ubCXzM"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 05 Oct 2025 08:47:28 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 15 Oct 2024 08:47:28 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 13 Sep 2021 19:10:03 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8d2e8b683ead0fa4-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
10462
server
cloudflare
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LcujKsnAAAAAP8wCkPIOUUcLe6g4wGp_FvyOe2f&onload=onReCaptchaLoad
Requested by
Host: manulife.everythingcard.ca
URL: https://manulife.everythingcard.ca/welcome/code
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0b::93 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fa6cb7e9295f0e275ed9071876c22c6132870233c63fd7a1801d4b6bf4ace447
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://manulife.everythingcard.ca/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Tue, 15 Oct 2024 08:47:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Tue, 15 Oct 2024 08:47:28 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: manulife.everythingcard.ca
URL: https://manulife.everythingcard.ca/welcome/code
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0c::5f Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://manulife.everythingcard.ca/

Response headers

content-encoding
gzip
age
480797
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Thu, 09 Oct 2025 19:14:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 09 Oct 2024 19:14:11 GMT
last-modified
Fri, 08 May 2020 07:05:03 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
31021
x-xss-protection
0
server
sffe
popper.min.js
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js
Requested by
Host: manulife.everythingcard.ca
URL: https://manulife.everythingcard.ca/welcome/code
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://manulife.everythingcard.ca
Referer
https://manulife.everythingcard.ca/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
age
1794963
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Tue, 15 Oct 2024 08:47:28 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-etou8220021-FRA, cache-ewr-kewr1740054-EWR
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
7198
x-jsd-version
1.16.1
bootstrap.min.js
cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/ 		62 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.min.js
Requested by
Host: manulife.everythingcard.ca
URL: https://manulife.everythingcard.ca/welcome/code
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
edd03b96ae4ff7886406c59d7dfeeaa1b624a7da297bf2f92d0cb6b7f9633cba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://manulife.everythingcard.ca
Referer
https://manulife.everythingcard.ca/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"f7eb-O+7WjtfXU8a/T2HCY4bd15KboDA"
age
1816046
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Tue, 15 Oct 2024 08:47:28 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-eddf8230140-FRA, cache-ewr-kewr1740054-EWR
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
14220
x-jsd-version
4.6.0
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/ 		158 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css
Requested by
Host: manulife.everythingcard.ca
URL: https://manulife.everythingcard.ca/welcome/code
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://manulife.everythingcard.ca
Referer
https://manulife.everythingcard.ca/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"27681-LKxK/BIJg5IUESlr1Oj9ipS6I34"
age
3037501
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Tue, 15 Oct 2024 08:47:28 GMT
content-type
text/css; charset=utf-8
x-served-by
cache-fra-etou8220126-FRA, cache-ewr-kewr1740054-EWR
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
26291
x-jsd-version
4.6.0
coreui.min.css
cdn.jsdelivr.net/npm/@coreui/coreui@4.2.4/dist/css/ 		235 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@coreui/coreui@4.2.4/dist/css/coreui.min.css
Requested by
Host: manulife.everythingcard.ca
URL: https://manulife.everythingcard.ca/welcome/code
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b45cb5577596e44e85a8a8aedf00fbe40432ad5b9000d1ea223cbee6753ae600
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://manulife.everythingcard.ca
Referer
https://manulife.everythingcard.ca/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"3ad2f-7/coZ1gPp7EoRI7mnJzFL/v5RPk"
age
2135712
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Tue, 15 Oct 2024 08:47:28 GMT
content-type
text/css; charset=utf-8
x-served-by
cache-fra-etou8220080-FRA, cache-ewr-kewr1740054-EWR
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
29395
x-jsd-version
4.2.4
coreui.css
manulife.everythingcard.ca/css/ 		356 KB
44 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://manulife.everythingcard.ca/css/coreui.css
Requested by
Host: manulife.everythingcard.ca
URL: https://manulife.everythingcard.ca/welcome/code
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2e5a40765e640bfcf81d24169a264bfa94933349cc407dca15b686ec979a76c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://manulife.everythingcard.ca/welcome/code

Response headers

content-encoding
gzip
cf-cache-status
EXPIRED
etag
"58eb2-5facc3f30fa00-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dTGdbigJv2m%2BJdlTkojIWrZxeqNjmRUVJp0r4dIcnoUbWIp9JtvZkb3%2FajeMRqXs3QHGjdy1O61KO4cmYaEreWppmUd6vzCrBpTQ3%2Bsqkgt5kCLV2oMVmTFxmhv2wREWYJLhilOMZ0Hqbazh"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff, nosniff
date
Tue, 15 Oct 2024 08:47:28 GMT
content-type
text/css
last-modified
Wed, 03 May 2023 16:07:04 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d2e8b67ccea42ce-EWR
accept-ranges
bytes
content-length
44831
x-xss-protection
1; mode=block
server
cloudflare
handlebars.min.js
cdnjs.cloudflare.com/ajax/libs/handlebars.js/4.0.11/ 		74 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/handlebars.js/4.0.11/handlebars.min.js
Requested by
Host: manulife.everythingcard.ca
URL: https://manulife.everythingcard.ca/welcome/code
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f89307b17472793b30b3fb736c887960743145d282b8d8e6bcd71316d63a0cb7
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://manulife.everythingcard.ca/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03e72-12630"
age
468378
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cTm%2Bw%2BktjBY5Oxd%2F3MjWTfwui2GhT8iy9%2BGvqogK45tx61eS%2B7CMCa7%2F2qOLejK9LCF%2FYf52nIAgw0h5L1j7r8SK642wwktT2hG%2Bsgeo1r92opBuDNSzj7zZxzPfKefgerXKEdcLZ%2BBlzeirtEOIcjeh"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 05 Oct 2025 08:47:28 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 15 Oct 2024 08:47:28 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 May 2020 16:10:26 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8d2e8b683eb00fa4-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
18628
server
cloudflare
app_utility.js
manulife.everythingcard.ca/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://manulife.everythingcard.ca/js/app_utility.js
Requested by
Host: manulife.everythingcard.ca
URL: https://manulife.everythingcard.ca/welcome/code
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bae38c06e2a19ee092ac6009ff76cf064b4cf5e72e996cfc3df6f4a42bb7bc6d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://manulife.everythingcard.ca/welcome/code

Response headers

content-encoding
gzip
cf-cache-status
EXPIRED
etag
"37ab-573025f352300-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Em8ElCoVJ6KFNW43nxiL%2Fc8jQT9ciZ7sXaA0PMWNj%2Fv%2FlHRfFoSjNwG5xFNSrn%2F1B9P6bHtemUY5MFO%2Bua%2Fz%2FZ6Vv9KXAW9FOoW%2BYDGsO6eC1Auli4oeMql8JJqhlHK4ZPspl7LiqKX%2BQXlA"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff, nosniff
date
Tue, 15 Oct 2024 08:47:28 GMT
content-type
text/javascript
last-modified
Thu, 09 Aug 2018 15:35:08 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d2e8b67dcf442ce-EWR
accept-ranges
bytes
content-length
3977
x-xss-protection
1; mode=block
server
cloudflare
ie_unsupported.js
manulife.everythingcard.ca/js/ 		562 B
750 B 		Script
General
Check archive.org
Download Go to
Full URL
https://manulife.everythingcard.ca/js/ie_unsupported.js
Requested by
Host: manulife.everythingcard.ca
URL: https://manulife.everythingcard.ca/welcome/code
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5462ecdbdafad12a2548c271302f89f3473587e1239dcbd661309f4c2482d99
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://manulife.everythingcard.ca/welcome/code

Response headers

content-encoding
gzip
cf-cache-status
EXPIRED
etag
"232-5593b34b87680-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K1%2BzYctfBBWlBgrCRXadiwSeyibWpsl5lx0LeR7TuBQ0SM3zPMqG9UIGx5YFdErOJp7eJOm%2FBPRDsvZWIZ5b0TsMGXD26I%2FqTXqM502TOBaHDmyBy7J0%2B45lyyEMTCwj7RT6BYcSQOUpSw%2Bk"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff, nosniff
date
Tue, 15 Oct 2024 08:47:28 GMT
content-type
text/javascript
last-modified
Fri, 15 Sep 2017 14:28:26 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d2e8b67dcf542ce-EWR
accept-ranges
bytes
content-length
353
x-xss-protection
1; mode=block
server
cloudflare
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.7.2/ 		57 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.7.2/animate.min.css
Requested by
Host: manulife.everythingcard.ca
URL: https://manulife.everythingcard.ca/welcome/code
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c770e90f98eb21b0c042fafb49755af93306fbaf42e449524f94fae9fc83295
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://manulife.everythingcard.ca/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03d2a-e311"
age
572085
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CF4ZAK2cBdQLZdAsysZocV0kehlVqz333TNM4HNA4RzT1etoABSuYUrpHMJL6sGPptAFcQ%2F1bIDiH0IyfqY%2BYVNbaDkX7M1b38%2F9P3t0w%2FColPxAgts5%2FlqjXYybt5wAlNXNZm3B69Iacj5mhnr8Jf8h"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 05 Oct 2025 08:47:28 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 15 Oct 2024 08:47:28 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 04 May 2020 16:04:58 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8d2e8b683eb10fa4-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
3511
server
cloudflare
app_default.css
manulife.everythingcard.ca/css/ 		12 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://manulife.everythingcard.ca/css/app_default.css
Requested by
Host: manulife.everythingcard.ca
URL: https://manulife.everythingcard.ca/welcome/code
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e41d42c4b7e94ea5d21c87e1711bb9a8ee4834899afe8b849de8c4dd9c5d121a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://manulife.everythingcard.ca/welcome/code

Response headers

content-encoding
gzip
cf-cache-status
EXPIRED
etag
"2f45-5cc1e082ff880-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L2yagMgxcJMj1gpcDbObEqzEC9mlsrs56g%2BA2pHtPHR5%2ByzWlC83xpOmI5s%2BpayLwVIA44CxJtopL7H45amFsjAFY6vyRuYn%2FR8w8nJHBVgVpix%2BiPQBpvQ2R%2BJBIDoiyiuL1HCGDmOoF53o"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff, nosniff
date
Tue, 15 Oct 2024 08:47:28 GMT
content-type
text/css
last-modified
Thu, 16 Sep 2021 14:57:22 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d2e8b67cceb42ce-EWR
accept-ranges
bytes
content-length
1911
x-xss-protection
1; mode=block
server
cloudflare
pulse.css
manulife.everythingcard.ca/css/ 		4 KB
871 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://manulife.everythingcard.ca/css/pulse.css?v=5
Requested by
Host: manulife.everythingcard.ca
URL: https://manulife.everythingcard.ca/welcome/code
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c603761a5772e41801cb385593ba1e321cd372ff24ce836816701fb982a60d7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://manulife.everythingcard.ca/welcome/code

Response headers

content-encoding
gzip
cf-cache-status
EXPIRED
etag
"ec3-5af975aeda700-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZmOfaptsRqHU7En9iK0YdjxAUkCy%2BQsaeEmyEs8kPydc6BGw7HZHTe9erVYlWITdzs3duzA8glQi6qRTwJ9r4W04FrJrzXtAlKIR6N07aU11WAZllAMfSixLubkbReNSKHSyLV3IUW%2Bd00CP"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff, nosniff
date
Tue, 15 Oct 2024 08:47:28 GMT
content-type
text/css
last-modified
Fri, 18 Sep 2020 14:31:24 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d2e8b67ccec42ce-EWR
accept-ranges
bytes
content-length
543
x-xss-protection
1; mode=block
server
cloudflare
surface4.png
manulife.everythingcard.ca/img/v3/envelope/ 		924 KB
925 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://manulife.everythingcard.ca/img/v3/envelope/surface4.png
Requested by
Host: manulife.everythingcard.ca
URL: https://manulife.everythingcard.ca/welcome/code
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35da7cfc9ae9ec3a61683ebfb77e4958ee42783d997dbfd6cee8decae5407f49
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://manulife.everythingcard.ca/welcome/code

Response headers

cf-cache-status
REVALIDATED
etag
"e6e6a-5ef1688ae5a40"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ny5CIV39WSUzVTVqivNTZofKAGXdSsqG1o8wm4hHlsTRZXMQO4Ks%2BIltv8yZYLGMgMi6icR%2FebPcle24avyj79puRkZGvJEz%2FDOau8IU7Hk%2BN4jTwoMtqnV3aURSVkTvtLxtbxjV7aZbRJ1E"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff, nosniff
date
Tue, 15 Oct 2024 08:47:28 GMT
content-type
image/png
last-modified
Mon, 05 Dec 2022 15:42:25 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d2e8b67dcf642ce-EWR
accept-ranges
bytes
content-length
945770
x-xss-protection
1; mode=block
server
cloudflare
box-circles-box.png
manulife.everythingcard.ca/img/v3/envelope/ 		3 MB
3 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://manulife.everythingcard.ca/img/v3/envelope/box-circles-box.png
Requested by
Host: manulife.everythingcard.ca
URL: https://manulife.everythingcard.ca/welcome/code
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7bd0c92535d0b508df767448419a9ddbb4069d7f33b4900030fe20b6470478ee
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://manulife.everythingcard.ca/welcome/code

Response headers

cf-cache-status
REVALIDATED
etag
"303344-5cbfb7729a100"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1q0%2Bur1U%2BWU1%2BwkMnrzejKID891AUs8lB82Kjph6RILO5Kk%2Bo4jELaQ63QF3blKefRjTqnHCRbSCik5%2FT1fRLsS%2FN%2Fo0RPjV8%2FB4KsVNpPWBvZ4rNIfspZaEgW3eISOnOzmeZZq07F90k%2FMC"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff, nosniff
date
Tue, 15 Oct 2024 08:47:28 GMT
content-type
image/png
last-modified
Tue, 14 Sep 2021 21:43:00 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d2e8b67dcf842ce-EWR
accept-ranges
bytes
content-length
3158852
x-xss-protection
1; mode=block
server
cloudflare
ribbon-v2.png
manulife.everythingcard.ca/img/v3/envelope/ 		230 KB
231 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://manulife.everythingcard.ca/img/v3/envelope/ribbon-v2.png
Requested by
Host: manulife.everythingcard.ca
URL: https://manulife.everythingcard.ca/welcome/code
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a91c2bbb40f36455b4cdcf6c517a578265d66412931e107fa0ce59b4c858a610
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://manulife.everythingcard.ca/welcome/code

Response headers

cf-cache-status
REVALIDATED
etag
"39935-5cf8118c75240"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qmSeXyXPtdW7CJfb29UDEoC0N%2BnLeEIIifzanlERAtOhrRWSSKcn3DgKjg1N5f73UsrQ0mPoFWAX81X1bLuUpUqV6it04kxtdxwRhqq7kyciToaC6fOsVqTan0gHpVSD8QIzHemVAxrEXa3V"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff, nosniff
date
Tue, 15 Oct 2024 08:47:28 GMT
content-type
image/png
last-modified
Fri, 29 Oct 2021 17:24:17 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d2e8b69dde942ce-EWR
accept-ranges
bytes
content-length
235829
x-xss-protection
1; mode=block
server
cloudflare
box-top-shadow.png
manulife.everythingcard.ca/img/v3/envelope/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://manulife.everythingcard.ca/img/v3/envelope/box-top-shadow.png
Requested by
Host: manulife.everythingcard.ca
URL: https://manulife.everythingcard.ca/welcome/code
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af1b45a4778c10e149aec57c11eb69455f9afcb173324db6d0bffce2cb90ad04
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://manulife.everythingcard.ca/welcome/code

Response headers

cf-cache-status
REVALIDATED
etag
"2826-5cf8117e27080"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BdXj8lLZn79ti0jbs5u%2FVhw%2BcQ1tvJmTWjdLyPp4msKVOR1HBvhZ%2BLHm2mEvJROjdX3Eah4TVmgKbV%2BC6N8avTJHPD32vKmJSRQkAYQNZFLKdyj1w6LxEG7C7B%2FdU3rQ2at9S2pWFVQPq3RD"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff, nosniff
date
Tue, 15 Oct 2024 08:47:28 GMT
content-type
image/png
last-modified
Fri, 29 Oct 2021 17:24:02 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d2e8b6ade5d42ce-EWR
accept-ranges
bytes
content-length
10278
x-xss-protection
1; mode=block
server
cloudflare
envelope-front.png
manulife.everythingcard.ca/img/v3/envelope/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://manulife.everythingcard.ca/img/v3/envelope/envelope-front.png
Requested by
Host: manulife.everythingcard.ca
URL: https://manulife.everythingcard.ca/welcome/code
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b19a9d768257b7e0d0390a107551e382335096cc1f9bf27b0f18b1618e5add8d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://manulife.everythingcard.ca/welcome/code

Response headers

cf-cache-status
REVALIDATED
etag
"bab1-5ef16a7bc2e80"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hqtYAUX%2F52Kv4uRgj1T3v2fME4hv%2B3oXDL2aiL7ypjqhcIP2UpC6lWgKeBtHiQ7Zy1uui0C7rNGXZmKlHt7gNCc7WGMlSskC8YxzzaoppnMbx0Edvh4BzqqVKbJBH%2BmaFJpkVjWDSZp1ZGzp"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff, nosniff
date
Tue, 15 Oct 2024 08:47:28 GMT
content-type
image/png
last-modified
Mon, 05 Dec 2022 15:51:06 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d2e8b6b2e7642ce-EWR
accept-ranges
bytes
content-length
47793
x-xss-protection
1; mode=block
server
cloudflare
logo_500.png
manulife.everythingcard.ca/img/client/17069-06904-f7e4-d52c/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://manulife.everythingcard.ca/img/client/17069-06904-f7e4-d52c/logo_500.png?v=1706907136
Requested by
Host: manulife.everythingcard.ca
URL: https://manulife.everythingcard.ca/welcome/code
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77afdc0cf1c74e8fd5b8d1216bb3fb391e522a39ebdafb67bf5923e1d48f622b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://manulife.everythingcard.ca/welcome/code

Response headers

cf-cache-status
REVALIDATED
etag
"6248-6106c498ef702"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WiocqvWWfhFjABFE3bZV4kZ462pojgphwg9clnY3mnHf2veTjxxhLaYRmk2o2bwFCiVjm6OKqZ51Dl%2Ftlbul91u%2Bj1E8zFZ1xn5EFclthih%2FrufrgktsObSSOHZ2CDrbAeOS3Qnf8%2FwKW6B8"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff, nosniff
date
Tue, 15 Oct 2024 08:47:29 GMT
content-type
image/png
last-modified
Fri, 02 Feb 2024 20:52:16 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d2e8b6b2e7742ce-EWR
accept-ranges
bytes
content-length
25160
x-xss-protection
1; mode=block
server
cloudflare
box-circles-shadow3.png
manulife.everythingcard.ca/img/v3/envelope/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://manulife.everythingcard.ca/img/v3/envelope/box-circles-shadow3.png
Requested by
Host: manulife.everythingcard.ca
URL: https://manulife.everythingcard.ca/welcome/code
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28583af72937cdf235eea726e1524b6e4f3c20d35cadbfc5fc3c6e748c0a252e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://manulife.everythingcard.ca/welcome/code

Response headers

cf-cache-status
REVALIDATED
etag
"37a7-5cf8117d32e40"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=USUT0%2BXXQ8wM1p1MfTydFHN8xBY79%2F%2BjpTxLKibqYYMKxDxSBeYi1qcxT4EGXkHPVsa6AQEu9TW6kT7YgUe%2FVAezc%2BCQpEMDhvzs%2BMTRZ%2FQ%2FNZ%2BldNi6k%2BXPY807l6cbJhstgfVxfQRHcP76"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff, nosniff
date
Tue, 15 Oct 2024 08:47:29 GMT
content-type
image/png
last-modified
Fri, 29 Oct 2021 17:24:01 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d2e8b6b2e7842ce-EWR
accept-ranges
bytes
content-length
14247
x-xss-protection
1; mode=block
server
cloudflare
ec-logo-black-300.png
manulife.everythingcard.ca/img/ec/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://manulife.everythingcard.ca/img/ec/ec-logo-black-300.png
Requested by
Host: manulife.everythingcard.ca
URL: https://manulife.everythingcard.ca/welcome/code
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e33d02ae994107182c418a4c2a4fb23dd4913480d88d85d31942053b7f95d7e7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://manulife.everythingcard.ca/welcome/code

Response headers

cf-cache-status
REVALIDATED
etag
"14a3-59f69b190e9c0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UPQwTJflPwn%2B2NZiRHxUsyUK%2BaYqKOuzn8DB5pCJx9uXC9eSqjiIak2FoFmS3K3jGKjqq6tVEViK8nkKRKa6Vuf5omzc9npVkyeFxIEG4AD6SeoAHgHj1z5oKup3E7CMRJirlnseFqRs5DQJ"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff, nosniff
date
Tue, 15 Oct 2024 08:47:30 GMT
content-type
image/png
last-modified
Tue, 25 Feb 2020 17:19:43 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d2e8b6b2e7942ce-EWR
accept-ranges
bytes
content-length
5283
x-xss-protection
1; mode=block
server
cloudflare
tracker
fraud.esiance.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fraud.esiance.com/tracker?c=15311-68654-a2cc-ff1e&s=bjlloh8unq3bv8ssgintmssaks&u=&b=&r=
Requested by
Host: manulife.everythingcard.ca
URL: https://manulife.everythingcard.ca/welcome/code
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f480e46ec793d15c5c47f773bcc433e49e092d3733641d6901de067af13ff10c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://manulife.everythingcard.ca/

Response headers

content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bHTiqLQUcr5w7VVZIGHpHsImGUCZUYO%2F58JM%2F%2FgBlarCwLAAfl9yfT8%2BIVZDF%2FdEC9kCMjvyXh0MxqXCMg8kKPPJ4NyisG0QwTS29xWmU5i1IIMwG4LerObwhQAWt0gaNTBw3FZ%2B8XPlknF0%2Bx5ZwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 19 Nov 1981 08:52:00 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 15 Oct 2024 08:47:28 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
speculation-rules
"/cdn-cgi/speculation"
cf-ray
8d2e8b6bfa53447a-EWR
server
cloudflare
recaptcha__en.js
www.gstatic.com/recaptcha/releases/aR-zv8WjtWx4lAw-tRCA-zca/ 		546 KB
216 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/aR-zv8WjtWx4lAw-tRCA-zca/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LcujKsnAAAAAP8wCkPIOUUcLe6g4wGp_FvyOe2f&onload=onReCaptchaLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c0f::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f75bfbfbf0c7cac2c87d6ca5de0661aedc188b0900b6cef5efbaea134b53302
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://manulife.everythingcard.ca
Referer
https://manulife.everythingcard.ca/

Response headers

content-encoding
gzip
age
438448
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Fri, 10 Oct 2025 07:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 10 Oct 2024 07:00:00 GMT
last-modified
Mon, 07 Oct 2024 04:02:51 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
220951
x-xss-protection
0
server
sffe
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: manulife.everythingcard.ca
URL: https://manulife.everythingcard.ca/welcome/code
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://manulife.everythingcard.ca/

Response headers

content-encoding
gzip
age
623
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Tue, 15 Oct 2024 10:37:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 15 Oct 2024 08:37:05 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://manulife.everythingcard.ca
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css

Response headers

cf-cdnjs-via
cfworker/kv
cf-cache-status
HIT
etag
"613fa20b-131bc"
age
464552
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Kf6x%2BxEQ8fh8FbupSQqVmhic%2B4HnBW%2FSIqT%2BQKoOVbO%2FNewRVFTEjqm0vZfWuIrkBKEcBgjb6mzx9oC1EJOe7FBrc1%2B7nBVFoaiGnSHAIwNwPiz6E3Hgd233bVryYwvgZ6vD9oLPB29%2Bp%2B1f0FG2%2BngV"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 05 Oct 2025 08:47:28 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 15 Oct 2024 08:47:28 GMT
content-type
application/octet-stream; charset=utf-8
last-modified
Mon, 13 Sep 2021 19:10:03 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8d2e8b6bb88c41ef-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
78268
server
cloudflare
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@100;300;400;700&family=Raleway:wght@100;200;300;400;600&family=Roboto:wght@100;300;400;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c0b::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://manulife.everythingcard.ca
Referer
https://fonts.googleapis.com/

Response headers

age
571431
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 08 Oct 2025 18:03:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 08 Oct 2024 18:03:37 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18536
x-xss-protection
0
server
sffe
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://manulife.everythingcard.ca/

Response headers

content-encoding
br
age
432
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
x-content-type-options
nosniff
expires
Tue, 15 Oct 2024 09:40:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 15 Oct 2024 08:40:16 GMT
last-modified
Tue, 27 Jun 2023 17:28:00 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
content-length
1129
x-xss-protection
0
server
sffe
collect
www.google-analytics.com/j/ 		3 B
429 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=925058124&t=pageview&_s=1&dl=https%3A%2F%2Fmanulife.everythingcard.ca%2Fwelcome%2Fcode&ul=en-us&de=UTF-8&dt=EverythingCard&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEIJAAAAACAAI~&jid=988310931&gjid=693342281&cid=1606123248.1728982049&tid=XXXXXXXXXXXXXXXXXXX&_gid=1319229392.1728982049&_r=1&_slc=1&z=1806907489
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://manulife.everythingcard.ca/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 15 Oct 2024 08:47:28 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://manulife.everythingcard.ca
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
3
server
Golfe2
anchor
www.google.com/recaptcha/api2/ Frame 34C2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcujKsnAAAAAP8wCkPIOUUcLe6g4wGp_FvyOe2f&co=aHR0cHM6Ly9tYW51bGlmZS5ldmVyeXRoaW5nY2FyZC5jYTo0NDM.&hl=en&v=aR-zv8WjtWx4lAw-tRCA-zca&size=invisible&cb=ks968epy6s3j
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/aR-zv8WjtWx4lAw-tRCA-zca/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c0b::6a Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-V8aBC8_v-f1UqdY1juaclA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://manulife.everythingcard.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-V8aBC8_v-f1UqdY1juaclA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Tue, 15 Oct 2024 08:47:28 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
anchor
www.google.com/recaptcha/api2/ Frame BD52 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le07woUAAAAAHwx_Ff8P-SMEXn6Ah2wkCvv4Nz-&co=aHR0cHM6Ly9tYW51bGlmZS5ldmVyeXRoaW5nY2FyZC5jYTo0NDM.&hl=en&v=aR-zv8WjtWx4lAw-tRCA-zca&size=normal&cb=k6ggzgg32dmi
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/aR-zv8WjtWx4lAw-tRCA-zca/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c0b::6a Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-0VaKilMQ74ajIoA6-28nhg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://manulife.everythingcard.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-0VaKilMQ74ajIoA6-28nhg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Tue, 15 Oct 2024 08:47:29 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
fingerprint2.min.js
cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/1.5.1/ 		34 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/1.5.1/fingerprint2.min.js
Requested by
Host: fraud.esiance.com
URL: https://fraud.esiance.com/tracker?c=15311-68654-a2cc-ff1e&s=bjlloh8unq3bv8ssgintmssaks&u=&b=&r=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
973c41770723e02cb80d35336660171f74e31602a63f52fc22165190e94b0a7c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://manulife.everythingcard.ca/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03e5c-8648"
age
465167
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9%2BLEWKV%2B0mCa5eNbLyhJcFMqbnNuRFoynHfTX23MgoF3inl6kdyTtcPJKFS%2FGNb6JmtKALyrIPqXcuKmbGleUwlkRscwf2iq2JE80LRZ%2FQ7bgfI2TILb9klTVb1g0nbl%2B51C7udK1FvuJF%2BwqCa89ZEl"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 05 Oct 2025 08:47:28 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 15 Oct 2024 08:47:28 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 May 2020 16:10:04 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8d2e8b6d48d00fa4-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
9015
server
cloudflare
jstz.min.js
cdnjs.cloudflare.com/ajax/libs/jstimezonedetect/1.0.6/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jstimezonedetect/1.0.6/jstz.min.js
Requested by
Host: fraud.esiance.com
URL: https://fraud.esiance.com/tracker?c=15311-68654-a2cc-ff1e&s=bjlloh8unq3bv8ssgintmssaks&u=&b=&r=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebcb35563ab0d4a54fd83891e6e3629594237feb45e88ad023d3e329363cf273
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://manulife.everythingcard.ca/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03ece-2f2c"
age
18624372
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IQcK8hUDF9vS536xFiQU9s53B9LVklydsboL715D7r5fGMG6IAsRwix423JmTrwPM2Fp%2BlUvRwBvHQ3dc6alEWq8qvJ6LX2DEijQ72Tv0PWDcKik3JmnoGzVeA2ggwJhhM2fMTXS2TRZ33kR7WETjjeO"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 05 Oct 2025 08:47:28 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 15 Oct 2024 08:47:28 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 May 2020 16:11:58 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8d2e8b6d48d20fa4-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
3385
server
cloudflare
beacon
fraud.cardswap.ca/tracker/ 		244 B
815 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fraud.cardswap.ca/tracker/beacon
Requested by
Host: fraud.esiance.com
URL: https://fraud.esiance.com/tracker?c=15311-68654-a2cc-ff1e&s=bjlloh8unq3bv8ssgintmssaks&u=&b=&r=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.209.71 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
173d8b213c2c4f56a41c78e553da0e96fb7f1e470462dbc7c6c1ba2c2b5534fe
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
Referer
https://manulife.everythingcard.ca/

Response headers

content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vFp3h6Sbq3Tw4GNQLcLsZVkNJ2Mn3yXxyQqQeNInf1K9WVQbZVP3n%2F2V5Oje1NhOhNs3yG49K%2BfQYyTfQr21DvOETyUOhtXoMU%2BD%2FAhPCa0pcVZfjbATKnj9ahjKLURAmc6yDw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 19 Nov 1981 08:52:00 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 15 Oct 2024 08:47:29 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
cf-ray
8d2e8b6e8d391760-EWR
access-control-allow-origin
*
server
cloudflare
bframe
www.google.com/recaptcha/api2/ Frame 210F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=aR-zv8WjtWx4lAw-tRCA-zca&k=6Le07woUAAAAAHwx_Ff8P-SMEXn6Ah2wkCvv4Nz-
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/aR-zv8WjtWx4lAw-tRCA-zca/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c0b::6a Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-mGczo9Y61Cn6lHFDHFkI1g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://manulife.everythingcard.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-mGczo9Y61Cn6lHFDHFkI1g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Tue, 15 Oct 2024 08:47:29 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
favicon.png
manulife.everythingcard.ca/img/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://manulife.everythingcard.ca/img/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb196ab66e9861403332f2bbbcbb3ac469dcae3fac79a33e002348fda9a78cf4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://manulife.everythingcard.ca/welcome/code

Response headers

cf-cache-status
REVALIDATED
etag
"862-5c10b19d8e880"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GW7z%2FUJjn%2Fv0cl6K8uMCBwL9blJQgoNCWc%2FkazJ9y95f8Vn03%2Fsri%2FeRLMvEXq27AbHOi4z2%2FqVS09LnBGLmp0C5LhOI5xsNAMiWoDxjFNcomGnwvVMIDyYA1wzoZZQz9G1rLKHa%2Fd%2FMGNMT"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff, nosniff
date
Tue, 15 Oct 2024 08:47:30 GMT
content-type
image/png
last-modified
Wed, 28 Apr 2021 16:45:06 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d2e8b77de2a42ce-EWR
accept-ranges
bytes
content-length
2146
x-xss-protection
1; mode=block
server
cloudflare
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@100;300;400;700&family=Raleway:wght@100;200;300;400;600&family=Roboto:wght@100;300;400;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c0b::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://manulife.everythingcard.ca
Referer
https://fonts.googleapis.com/

Response headers

age
587681
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 08 Oct 2025 13:32:51 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 08 Oct 2024 13:32:51 GMT
last-modified
Thu, 01 Aug 2024 20:41:21 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18596
x-xss-protection
0
server
sffe
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@100;300;400;700&family=Raleway:wght@100;200;300;400;600&family=Roboto:wght@100;300;400;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c0b::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://manulife.everythingcard.ca
Referer
https://fonts.googleapis.com/

Response headers

age
12637
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 15 Oct 2025 05:16:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 15 Oct 2024 05:16:55 GMT
last-modified
Thu, 01 Aug 2024 20:41:19 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18492
x-xss-protection
0
server
sffe
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v34/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v34/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+JP:wght@100;300;400;700&family=Raleway:wght@100;200;300;400;600&family=Roboto:wght@100;300;400;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400d:c0b::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47d477915fa5912616e2dc5df8c5780f9202671678cf275472bd39f3381c0098
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://manulife.everythingcard.ca
Referer
https://fonts.googleapis.com/

Response headers

age
2879
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 15 Oct 2025 07:59:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 15 Oct 2024 07:59:33 GMT
last-modified
Wed, 01 May 2024 20:31:48 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48336
x-xss-protection
0
server
sffe

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| TERMLY_CUSTOM_BLOCKING_MAP object| webpackChunk_termly_web_resource_blocker boolean| TERMLY_RESOURCE_BLOCKER_LOADED object| Termly object| dataLayer object| __REACT_INTL_CONTEXT__ function| trackerCallback object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| $ function| jQuery function| Popper object| bootstrap object| Handlebars function| handleEnterKeys function| preventSubmit function| createRequestString function| getCheckedRadioValue function| collectCheckboxValues function| empty function| findPosX function| findPosY function| numberFormat function| nl2br function| replaceContentWithFade function| fadeNodeOut function| fadeNodeIn function| wipeNodeIn function| wipeNodeOut function| renderDate function| renderTechnicalDate function| renderMediumDate function| renderLongDate function| emailCheck function| rawurlencode function| mchPrepare function| roundToDecimal function| getInternetExplorerVersion string| GoogleAnalyticsObject function| ga function| revealQuestions number| allowpremiumcodes function| startAnimations function| continueToCode function| submitReady function| closeIntroAndGetCode function| closePopoversAndGetCode function| submitDemoGetCode function| closePopovers function| submitAjax object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| recaptcha object| closure_lm_984167 object| _cs_gateway_cfg object| jstz function| Fingerprint2

5 Cookies

Domain/Path Name / Value
manulife.everythingcard.ca/ Name: PHPSESSID
Value: bjlloh8unq3bv8ssgintmssaks
.everythingcard.ca/ Name: _ga
Value: GA1.2.1606123248.1728982049
.everythingcard.ca/ Name: _gid
Value: GA1.2.1319229392.1728982049
.everythingcard.ca/ Name: _gat
Value: 1
manulife.everythingcard.ca/ Name: _fc
Value: 7b083fa909c77c921b3f7ddd8065d4d9

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
app.termly.io
cdn.jsdelivr.net
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
fraud.cardswap.ca
fraud.esiance.com
manulife.everythingcard.ca
www.google-analytics.com
www.google.com
www.gstatic.com
172.67.209.71
172.67.73.12
2606:4700:3031::ac43:d36b
2606:4700::6811:180e
2606:4700::6812:1fea
2607:f8b0:4004:c09::64
2607:f8b0:400d:c0b::5e
2607:f8b0:400d:c0b::6a
2607:f8b0:400d:c0b::93
2607:f8b0:400d:c0c::5f
2607:f8b0:400d:c0f::5e
2a04:4e42::485
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
173d8b213c2c4f56a41c78e553da0e96fb7f1e470462dbc7c6c1ba2c2b5534fe
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
28583af72937cdf235eea726e1524b6e4f3c20d35cadbfc5fc3c6e748c0a252e
35da7cfc9ae9ec3a61683ebfb77e4958ee42783d997dbfd6cee8decae5407f49
3a06502cfdf4f8e4208b1b9a33bc8643e3f80cf41df0e96582106d97487629fa
3c770e90f98eb21b0c042fafb49755af93306fbaf42e449524f94fae9fc83295
47d477915fa5912616e2dc5df8c5780f9202671678cf275472bd39f3381c0098
4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71
4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601
57061c5be2221c59e6122a7ede5f8d614e728b08765a0c3618f40c879b4a08b9
5f75bfbfbf0c7cac2c87d6ca5de0661aedc188b0900b6cef5efbaea134b53302
6571ac0ed89251521aa6ddf8377e408e962dfaa5704ca900387c7c1cfdef9021
77afdc0cf1c74e8fd5b8d1216bb3fb391e522a39ebdafb67bf5923e1d48f622b
7bd0c92535d0b508df767448419a9ddbb4069d7f33b4900030fe20b6470478ee
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8c603761a5772e41801cb385593ba1e321cd372ff24ce836816701fb982a60d7
973c41770723e02cb80d35336660171f74e31602a63f52fc22165190e94b0a7c
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
a91c2bbb40f36455b4cdcf6c517a578265d66412931e107fa0ce59b4c858a610
af1b45a4778c10e149aec57c11eb69455f9afcb173324db6d0bffce2cb90ad04
b19a9d768257b7e0d0390a107551e382335096cc1f9bf27b0f18b1618e5add8d
b45cb5577596e44e85a8a8aedf00fbe40432ad5b9000d1ea223cbee6753ae600
bae38c06e2a19ee092ac6009ff76cf064b4cf5e72e996cfc3df6f4a42bb7bc6d
c0d70963e6f859882a067652d9f0abc6a7cc0ad58c70c1f8bd9d8c4c123be1e7
c5462ecdbdafad12a2548c271302f89f3473587e1239dcbd661309f4c2482d99
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de584eaa64f2e5e0aea9e816fa1468f5d97b88131ea8dfdd1578832124df6f52
e33d02ae994107182c418a4c2a4fb23dd4913480d88d85d31942053b7f95d7e7
e41d42c4b7e94ea5d21c87e1711bb9a8ee4834899afe8b849de8c4dd9c5d121a
ebcb35563ab0d4a54fd83891e6e3629594237feb45e88ad023d3e329363cf273
edd03b96ae4ff7886406c59d7dfeeaa1b624a7da297bf2f92d0cb6b7f9633cba
f2e5a40765e640bfcf81d24169a264bfa94933349cc407dca15b686ec979a76c
f480e46ec793d15c5c47f773bcc433e49e092d3733641d6901de067af13ff10c
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f89307b17472793b30b3fb736c887960743145d282b8d8e6bcd71316d63a0cb7
fa6cb7e9295f0e275ed9071876c22c6132870233c63fd7a1801d4b6bf4ace447
fb196ab66e9861403332f2bbbcbb3ac469dcae3fac79a33e002348fda9a78cf4
fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f