urlscan.io logo urlscan.io
SecurityTrails logo

www.manulife-travel.ca Open in urlscan Pro
23.217.153.66  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.manulife-travel.ca/
Submission: On March 21 via automatic, source certstream-suspicious — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 1 countries across 9 domains to perform 32 HTTP transactions. The main IP is 23.217.153.66, located in New York, United States and belongs to AKAMAI-AS, US. The main domain is www.manulife-travel.ca.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on March 17th 2023. Valid for: a year.
This is the only time www.manulife-travel.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

19    23.217.153.66 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-217-153-66.deploy.static.akamaitechnologies.com
www.manulife-travel.ca
1    2607:f8b0:4006:820::200a (Nutley, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2600:141b:13:792::1e80 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com
3    2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2607:f8b0:4006:80e::2008 (Nutley, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2607:f8b0:4006:807::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    63.140.36.139 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-36-139.data.adobedc.net
manulife.122.2o7.net
1    2607:f8b0:4006:820::2004 (Nutley, United States)

ASN15169 (GOOGLE, US)
www.google.com
1    2607:f8b0:4006:821::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)
www.google.ca
Apex Domain
Subdomains		 Transfer
19 manulife-travel.ca
www.manulife-travel.ca
1 MB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 147
157 KB
3 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 456
79 KB
1 google.ca
www.google.ca — Cisco Umbrella Rank: 8230
455 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
455 B
1 2o7.net
manulife.122.2o7.net
344 B
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 32
2 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 42
66 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 34
954 B
32 9
Domain Requested by
19 www.manulife-travel.ca www.manulife-travel.ca
3 connect.facebook.net assets.adobedtm.com
connect.facebook.net
3 assets.adobedtm.com www.manulife-travel.ca
assets.adobedtm.com
1 www.google.ca www.manulife-travel.ca
1 www.google.com www.manulife-travel.ca
1 manulife.122.2o7.net www.manulife-travel.ca
1 googleads.g.doubleclick.net www.googletagmanager.com
1 www.googletagmanager.com assets.adobedtm.com
1 fonts.googleapis.com www.manulife-travel.ca
32 9
Subject Issuer Validity Valid
manulife.com
Sectigo RSA Organization Validation Secure Server CA		 2023-03-17 -
2024-03-16		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-19 -
2023-08-19		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-01-10 -
2023-03-28		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
*.112.2o7.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-08 -
2023-04-20		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
*.google.ca
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.manulife-travel.ca/
Frame ID: B416F0A89B6F90EF2347D915461C9D96
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Manulife Financial Travel Insurance | SISIP

Detected technologies

Overall confidence: 100%
Detected patterns
  • /etc/designs/
  • /etc\.clientlibs/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

32
Requests

97 %
HTTPS

78 %
IPv6

9
Domains

9
Subdomains

10
IPs

1
Countries

1362 kB
Transfer

2397 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.manulife-travel.ca/ 		54 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.manulife-travel.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.217.153.66 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-153-66.deploy.static.akamaitechnologies.com
Software
Kestrel /
Resource Hash
dca7661781b1395f58620017b2ca5c9356d6ccca9e7e512a3917e27c7c445bff
Security Headers
Name Value
Content-Security-Policy default-src https://connect.facebook.net/ https://jadserve.postrelease.com 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://manulifefinancial.sc.omtrdc.net https://assets.adobedtm.com https://connect.facebook.net https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://bat.bing.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' https://manulife.122.2o7.net https://www.facebook.com https://www.google.com https://www.google.ca https://googleads.g.doubleclick.net https://bat.bing.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://sit.igoinsured.com https://sitmlex.pci.manulife.com https://uat.igoinsured.com https://www.igoinsured.com https://uatmlex.pci.manulife.com https://6104928.fls.doubleclick.net/ https://mlex.pci.manulife.com https://gateway.zscloud.net/ https://www.facebook.com/ https://bid.g.doubleclick.net/;
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Length
8962
Content-Security-Policy
default-src https://connect.facebook.net/ https://jadserve.postrelease.com 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://manulifefinancial.sc.omtrdc.net https://assets.adobedtm.com https://connect.facebook.net https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://bat.bing.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' https://manulife.122.2o7.net https://www.facebook.com https://www.google.com https://www.google.ca https://googleads.g.doubleclick.net https://bat.bing.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://sit.igoinsured.com https://sitmlex.pci.manulife.com https://uat.igoinsured.com https://www.igoinsured.com https://uatmlex.pci.manulife.com https://6104928.fls.doubleclick.net/ https://mlex.pci.manulife.com https://gateway.zscloud.net/ https://www.facebook.com/ https://bid.g.doubleclick.net/;
Content-Type
text/html; charset=utf-8
Date
Tue, 21 Mar 2023 04:22:56 GMT
Expires
-1
Pragma
no-cache
Server
Kestrel
Strict-Transport-Security
max-age=31536000;
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Vcap-Request-Id
997a0d91-e148-41b9-7e29-b579b9032e75
X-Xss-Protection
1
css
fonts.googleapis.com/ 		3 KB
954 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway:400,800
Requested by
Host: www.manulife-travel.ca
URL: https://www.manulife-travel.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9b033e27819e3eb96ecfa417b01445d7600d526e0e284b6b80adcc78c8b0dc07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.manulife-travel.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 21 Mar 2023 04:22:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 21 Mar 2023 04:05:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 21 Mar 2023 04:22:56 GMT
jquery.min.js
www.manulife-travel.ca/etc.clientlibs/cm-travel/clientlibs/ 		91 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.manulife-travel.ca/etc.clientlibs/cm-travel/clientlibs/jquery.min.js
Requested by
Host: www.manulife-travel.ca
URL: https://www.manulife-travel.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.217.153.66 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-153-66.deploy.static.akamaitechnologies.com
Software
Kestrel /
Resource Hash
031038a14850d6c5204ab4310e47602da5d629b0477f3de531f141035c17deb9
Security Headers
Name Value
Content-Security-Policy default-src https://connect.facebook.net/ https://jadserve.postrelease.com 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://manulifefinancial.sc.omtrdc.net https://assets.adobedtm.com https://connect.facebook.net https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://bat.bing.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' https://manulife.122.2o7.net https://www.facebook.com https://www.google.com https://www.google.ca https://googleads.g.doubleclick.net https://bat.bing.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://sit.igoinsured.com https://sitmlex.pci.manulife.com https://uat.igoinsured.com https://www.igoinsured.com https://uatmlex.pci.manulife.com https://6104928.fls.doubleclick.net/ https://mlex.pci.manulife.com https://gateway.zscloud.net/ https://www.facebook.com/ https://bid.g.doubleclick.net/;
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.manulife-travel.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Security-Policy
default-src https://connect.facebook.net/ https://jadserve.postrelease.com 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://manulifefinancial.sc.omtrdc.net https://assets.adobedtm.com https://connect.facebook.net https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://bat.bing.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' https://manulife.122.2o7.net https://www.facebook.com https://www.google.com https://www.google.ca https://googleads.g.doubleclick.net https://bat.bing.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://sit.igoinsured.com https://sitmlex.pci.manulife.com https://uat.igoinsured.com https://www.igoinsured.com https://uatmlex.pci.manulife.com https://6104928.fls.doubleclick.net/ https://mlex.pci.manulife.com https://gateway.zscloud.net/ https://www.facebook.com/ https://bid.g.doubleclick.net/;
Strict-Transport-Security
max-age=31536000;
X-Content-Type-Options
nosniff
Date
Tue, 21 Mar 2023 04:22:56 GMT
Server
Kestrel
Content-Type
text/javascript
X-Vcap-Request-Id
994fa7b5-b19f-405b-42bb-cbad62988f73
Cache-Control
public,max-age=86400
Connection
keep-alive
Content-Length
92783
X-Xss-Protection
1
main.min.css
www.manulife-travel.ca/etc.clientlibs/cm-travel/clientlibs/ 		219 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.manulife-travel.ca/etc.clientlibs/cm-travel/clientlibs/main.min.css
Requested by
Host: www.manulife-travel.ca
URL: https://www.manulife-travel.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.217.153.66 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-153-66.deploy.static.akamaitechnologies.com
Software
Kestrel /
Resource Hash
9bf99d2f202bc33c00523146e4e2ba64d61dd406e6eb4ed87d8438f27253b3a0
Security Headers
Name Value
Content-Security-Policy default-src https://connect.facebook.net/ https://jadserve.postrelease.com 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://manulifefinancial.sc.omtrdc.net https://assets.adobedtm.com https://connect.facebook.net https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://bat.bing.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' https://manulife.122.2o7.net https://www.facebook.com https://www.google.com https://www.google.ca https://googleads.g.doubleclick.net https://bat.bing.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://sit.igoinsured.com https://sitmlex.pci.manulife.com https://uat.igoinsured.com https://www.igoinsured.com https://uatmlex.pci.manulife.com https://6104928.fls.doubleclick.net/ https://mlex.pci.manulife.com https://gateway.zscloud.net/ https://www.facebook.com/ https://bid.g.doubleclick.net/;
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.manulife-travel.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Security-Policy
default-src https://connect.facebook.net/ https://jadserve.postrelease.com 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://manulifefinancial.sc.omtrdc.net https://assets.adobedtm.com https://connect.facebook.net https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://bat.bing.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' https://manulife.122.2o7.net https://www.facebook.com https://www.google.com https://www.google.ca https://googleads.g.doubleclick.net https://bat.bing.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://sit.igoinsured.com https://sitmlex.pci.manulife.com https://uat.igoinsured.com https://www.igoinsured.com https://uatmlex.pci.manulife.com https://6104928.fls.doubleclick.net/ https://mlex.pci.manulife.com https://gateway.zscloud.net/ https://www.facebook.com/ https://bid.g.doubleclick.net/;
Strict-Transport-Security
max-age=31536000;
X-Content-Type-Options
nosniff
Date
Tue, 21 Mar 2023 04:22:56 GMT
Content-Encoding
gzip
Server
Kestrel
Vary
Accept-Encoding
Content-Type
text/css
X-Vcap-Request-Id
8f933b01-aa37-48f2-79fa-050ce7a89e79
Cache-Control
public,max-age=86400
Connection
keep-alive
Content-Length
35615
X-Xss-Protection
1
default.css
www.manulife-travel.ca/etc/designs/ 		0
0
launch-80a681ce3a6b.min.js
assets.adobedtm.com/b84dbf01908c/bfbe003d091e/ 		246 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/b84dbf01908c/bfbe003d091e/launch-80a681ce3a6b.min.js
Requested by
Host: www.manulife-travel.ca
URL: https://www.manulife-travel.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:792::1e80 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
babe044786622d34c01bab6c5555f8656d69a3c70e7176b07889901bdb22921e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.manulife-travel.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 04:22:56 GMT
content-encoding
gzip
last-modified
Mon, 27 Feb 2023 17:44:41 GMT
server
AkamaiNetStorage
etag
"f5b80fe4fbb9fb0060ce55901789de91:1677519881.53721"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.manulife-travel.ca
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
66171
expires
Tue, 21 Mar 2023 05:22:56 GMT
manulife_logo_mobile_en.png
www.manulife-travel.ca/content/dam/cm-travel/b2cshared/sharedimages/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.manulife-travel.ca/content/dam/cm-travel/b2cshared/sharedimages/manulife_logo_mobile_en.png
Requested by
Host: www.manulife-travel.ca
URL: https://www.manulife-travel.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.217.153.66 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-153-66.deploy.static.akamaitechnologies.com
Software
Kestrel /
Resource Hash
e9028059af4cfe8d18897c63241c10a726145cb4ce06558e16cc17576d78d313
Security Headers
Name Value
Content-Security-Policy default-src https://connect.facebook.net/ https://jadserve.postrelease.com 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://manulifefinancial.sc.omtrdc.net https://assets.adobedtm.com https://connect.facebook.net https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://bat.bing.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' https://manulife.122.2o7.net https://www.facebook.com https://www.google.com https://www.google.ca https://googleads.g.doubleclick.net https://bat.bing.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://sit.igoinsured.com https://sitmlex.pci.manulife.com https://uat.igoinsured.com https://www.igoinsured.com https://uatmlex.pci.manulife.com https://6104928.fls.doubleclick.net/ https://mlex.pci.manulife.com https://gateway.zscloud.net/ https://www.facebook.com/ https://bid.g.doubleclick.net/;
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.manulife-travel.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Security-Policy
default-src https://connect.facebook.net/ https://jadserve.postrelease.com 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://manulifefinancial.sc.omtrdc.net https://assets.adobedtm.com https://connect.facebook.net https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://bat.bing.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' https://manulife.122.2o7.net https://www.facebook.com https://www.google.com https://www.google.ca https://googleads.g.doubleclick.net https://bat.bing.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://sit.igoinsured.com https://sitmlex.pci.manulife.com https://uat.igoinsured.com https://www.igoinsured.com https://uatmlex.pci.manulife.com https://6104928.fls.doubleclick.net/ https://mlex.pci.manulife.com https://gateway.zscloud.net/ https://www.facebook.com/ https://bid.g.doubleclick.net/;
Strict-Transport-Security
max-age=31536000;
X-Content-Type-Options
nosniff
Date
Tue, 21 Mar 2023 04:22:56 GMT
Server
Kestrel
Content-Type
image/png
X-Vcap-Request-Id
9983e542-8102-4040-6d26-546ac8fe928a
Cache-Control
public,max-age=86400
Connection
keep-alive
Content-Length
6935
X-Xss-Protection
1
logo_mobile_en.jpg
www.manulife-travel.ca/content/dam/cm-travel/sisip/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.manulife-travel.ca/content/dam/cm-travel/sisip/logo_mobile_en.jpg
Requested by
Host: www.manulife-travel.ca
URL: https://www.manulife-travel.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.217.153.66 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-153-66.deploy.static.akamaitechnologies.com
Software
Kestrel /
Resource Hash
a8f57a13be156511fd80bbcfe4a003189137e324410c985d7e18c087fa807bd8
Security Headers
Name Value
Content-Security-Policy default-src https://connect.facebook.net/ https://jadserve.postrelease.com 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://manulifefinancial.sc.omtrdc.net https://assets.adobedtm.com https://connect.facebook.net https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://bat.bing.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' https://manulife.122.2o7.net https://www.facebook.com https://www.google.com https://www.google.ca https://googleads.g.doubleclick.net https://bat.bing.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://sit.igoinsured.com https://sitmlex.pci.manulife.com https://uat.igoinsured.com https://www.igoinsured.com https://uatmlex.pci.manulife.com https://6104928.fls.doubleclick.net/ https://mlex.pci.manulife.com https://gateway.zscloud.net/ https://www.facebook.com/ https://bid.g.doubleclick.net/;
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.manulife-travel.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Security-Policy
default-src https://connect.facebook.net/ https://jadserve.postrelease.com 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://manulifefinancial.sc.omtrdc.net https://assets.adobedtm.com https://connect.facebook.net https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://bat.bing.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' https://manulife.122.2o7.net https://www.facebook.com https://www.google.com https://www.google.ca https://googleads.g.doubleclick.net https://bat.bing.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://sit.igoinsured.com https://sitmlex.pci.manulife.com https://uat.igoinsured.com https://www.igoinsured.com https://uatmlex.pci.manulife.com https://6104928.fls.doubleclick.net/ https://mlex.pci.manulife.com https://gateway.zscloud.net/ https://www.facebook.com/ https://bid.g.doubleclick.net/;
Strict-Transport-Security
max-age=31536000;
X-Content-Type-Options
nosniff
Date
Tue, 21 Mar 2023 04:22:56 GMT
Server
Kestrel
Content-Type
image/jpeg
X-Vcap-Request-Id
7786a4e6-f436-4397-64be-9d400b7efc3f
Cache-Control
public,max-age=86400
Connection
keep-alive
Content-Length
24429
X-Xss-Protection
1
manulife_logo_desktop_en.png
www.manulife-travel.ca/content/dam/cm-travel/b2cshared/sharedimages/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.manulife-travel.ca/content/dam/cm-travel/b2cshared/sharedimages/manulife_logo_desktop_en.png
Requested by
Host: www.manulife-travel.ca
URL: https://www.manulife-travel.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.217.153.66 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-153-66.deploy.static.akamaitechnologies.com
Software
Kestrel /
Resource Hash
13c932aa883a5383dbc1beea1c30623fa4b2b19377511ee2ea2ef3d2051851c6
Security Headers
Name Value
Content-Security-Policy default-src https://connect.facebook.net/ https://jadserve.postrelease.com 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://manulifefinancial.sc.omtrdc.net https://assets.adobedtm.com https://connect.facebook.net https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://bat.bing.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' https://manulife.122.2o7.net https://www.facebook.com https://www.google.com https://www.google.ca https://googleads.g.doubleclick.net https://bat.bing.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://sit.igoinsured.com https://sitmlex.pci.manulife.com https://uat.igoinsured.com https://www.igoinsured.com https://uatmlex.pci.manulife.com https://6104928.fls.doubleclick.net/ https://mlex.pci.manulife.com https://gateway.zscloud.net/ https://www.facebook.com/ https://bid.g.doubleclick.net/;
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.manulife-travel.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Security-Policy
default-src https://connect.facebook.net/ https://jadserve.postrelease.com 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://manulifefinancial.sc.omtrdc.net https://assets.adobedtm.com https://connect.facebook.net https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://bat.bing.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' https://manulife.122.2o7.net https://www.facebook.com https://www.google.com https://www.google.ca https://googleads.g.doubleclick.net https://bat.bing.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://sit.igoinsured.com https://sitmlex.pci.manulife.com https://uat.igoinsured.com https://www.igoinsured.com https://uatmlex.pci.manulife.com https://6104928.fls.doubleclick.net/ https://mlex.pci.manulife.com https://gateway.zscloud.net/ https://www.facebook.com/ https://bid.g.doubleclick.net/;
Strict-Transport-Security
max-age=31536000;
X-Content-Type-Options
nosniff
Date
Tue, 21 Mar 2023 04:22:57 GMT
Server
Kestrel
Content-Type
image/png
X-Vcap-Request-Id
72ec366d-417b-4c89-60ba-c41c5c09de7b
Cache-Control
public,max-age=86400
Connection
keep-alive
Content-Length
11891
X-Xss-Protection
1
logo_desktop_en.jpg
www.manulife-travel.ca/content/dam/cm-travel/sisip/ 		32 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.manulife-travel.ca/content/dam/cm-travel/sisip/logo_desktop_en.jpg
Requested by
Host: www.manulife-travel.ca
URL: https://www.manulife-travel.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.217.153.66 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-153-66.deploy.static.akamaitechnologies.com
Software
Kestrel /
Resource Hash
e0788c3b913bf80d562e3ba9ebe9cf252567e3f918125c1c0cf7aa6e8b2985e6
Security Headers
Name Value
Content-Security-Policy default-src https://connect.facebook.net/ https://jadserve.postrelease.com 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://manulifefinancial.sc.omtrdc.net https://assets.adobedtm.com https://connect.facebook.net https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://bat.bing.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' https://manulife.122.2o7.net https://www.facebook.com https://www.google.com https://www.google.ca https://googleads.g.doubleclick.net https://bat.bing.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://sit.igoinsured.com https://sitmlex.pci.manulife.com https://uat.igoinsured.com https://www.igoinsured.com https://uatmlex.pci.manulife.com https://6104928.fls.doubleclick.net/ https://mlex.pci.manulife.com https://gateway.zscloud.net/ https://www.facebook.com/ https://bid.g.doubleclick.net/;
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.manulife-travel.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Security-Policy
default-src https://connect.facebook.net/ https://jadserve.postrelease.com 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://manulifefinancial.sc.omtrdc.net https://assets.adobedtm.com https://connect.facebook.net https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://bat.bing.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' https://manulife.122.2o7.net https://www.facebook.com https://www.google.com https://www.google.ca https://googleads.g.doubleclick.net https://bat.bing.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://sit.igoinsured.com https://sitmlex.pci.manulife.com https://uat.igoinsured.com https://www.igoinsured.com https://uatmlex.pci.manulife.com https://6104928.fls.doubleclick.net/ https://mlex.pci.manulife.com https://gateway.zscloud.net/ https://www.facebook.com/ https://bid.g.doubleclick.net/;
Strict-Transport-Security
max-age=31536000;
X-Content-Type-Options
nosniff
Date
Tue, 21 Mar 2023 04:22:57 GMT
Server
Kestrel
Content-Type
image/jpeg
X-Vcap-Request-Id
9288f006-6d13-4f48-490f-aaa99f11502b
Cache-Control
public,max-age=86400
Connection
keep-alive
Content-Length
33218
X-Xss-Protection
1
SISIP_2840x630.jpg
www.manulife-travel.ca/content/dam/cm-travel/sisip/old_banners/ 		368 KB
369 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.manulife-travel.ca/content/dam/cm-travel/sisip/old_banners/SISIP_2840x630.jpg
Requested by
Host: www.manulife-travel.ca
URL: https://www.manulife-travel.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.217.153.66 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-153-66.deploy.static.akamaitechnologies.com
Software
Kestrel /
Resource Hash
2ecab435e452d65a1f7a485d3839d9d42d8ae63b35011c84616d15062f3e632d
Security Headers
Name Value
Content-Security-Policy default-src https://connect.facebook.net/ https://jadserve.postrelease.com 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://manulifefinancial.sc.omtrdc.net https://assets.adobedtm.com https://connect.facebook.net https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://bat.bing.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' https://manulife.122.2o7.net https://www.facebook.com https://www.google.com https://www.google.ca https://googleads.g.doubleclick.net https://bat.bing.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://sit.igoinsured.com https://sitmlex.pci.manulife.com https://uat.igoinsured.com https://www.igoinsured.com https://uatmlex.pci.manulife.com https://6104928.fls.doubleclick.net/ https://mlex.pci.manulife.com https://gateway.zscloud.net/ https://www.facebook.com/ https://bid.g.doubleclick.net/;
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.manulife-travel.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Security-Policy
default-src https://connect.facebook.net/ https://jadserve.postrelease.com 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://manulifefinancial.sc.omtrdc.net https://assets.adobedtm.com https://connect.facebook.net https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://bat.bing.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' https://manulife.122.2o7.net https://www.facebook.com https://www.google.com https://www.google.ca https://googleads.g.doubleclick.net https://bat.bing.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://sit.igoinsured.com https://sitmlex.pci.manulife.com https://uat.igoinsured.com https://www.igoinsured.com https://uatmlex.pci.manulife.com https://6104928.fls.doubleclick.net/ https://mlex.pci.manulife.com https://gateway.zscloud.net/ https://www.facebook.com/ https://bid.g.doubleclick.net/;
Strict-Transport-Security
max-age=31536000;
X-Content-Type-Options
nosniff
Date
Tue, 21 Mar 2023 04:22:56 GMT
Server
Kestrel
Content-Type
image/jpeg
X-Vcap-Request-Id
34034784-b3f6-422c-5d67-35c478435835
Cache-Control
public,max-age=86400
Connection
keep-alive
Content-Length
376848
X-Xss-Protection
1
SISIP_620x240.jpg
www.manulife-travel.ca/content/dam/cm-travel/sisip/old_banners/ 		67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.manulife-travel.ca/content/dam/cm-travel/sisip/old_banners/SISIP_620x240.jpg
Requested by
Host: www.manulife-travel.ca
URL: https://www.manulife-travel.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.217.153.66 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-153-66.deploy.static.akamaitechnologies.com
Software
Kestrel /
Resource Hash
36b4a3028c71964f7dab32ce8a512ccbbc3636f71dbac83f9c0256b9445527c1
Security Headers
Name Value
Content-Security-Policy default-src https://connect.facebook.net/ https://jadserve.postrelease.com 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://manulifefinancial.sc.omtrdc.net https://assets.adobedtm.com https://connect.facebook.net https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://bat.bing.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' https://manulife.122.2o7.net https://www.facebook.com https://www.google.com https://www.google.ca https://googleads.g.doubleclick.net https://bat.bing.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://sit.igoinsured.com https://sitmlex.pci.manulife.com https://uat.igoinsured.com https://www.igoinsured.com https://uatmlex.pci.manulife.com https://6104928.fls.doubleclick.net/ https://mlex.pci.manulife.com https://gateway.zscloud.net/ https://www.facebook.com/ https://bid.g.doubleclick.net/;
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.manulife-travel.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Security-Policy
default-src https://connect.facebook.net/ https://jadserve.postrelease.com 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://manulifefinancial.sc.omtrdc.net https://assets.adobedtm.com https://connect.facebook.net https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://bat.bing.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' https://manulife.122.2o7.net https://www.facebook.com https://www.google.com https://www.google.ca https://googleads.g.doubleclick.net https://bat.bing.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://sit.igoinsured.com https://sitmlex.pci.manulife.com https://uat.igoinsured.com https://www.igoinsured.com https://uatmlex.pci.manulife.com https://6104928.fls.doubleclick.net/ https://mlex.pci.manulife.com https://gateway.zscloud.net/ https://www.facebook.com/ https://bid.g.doubleclick.net/;
Strict-Transport-Security
max-age=31536000;
X-Content-Type-Options
nosniff
Date
Tue, 21 Mar 2023 04:22:57 GMT
Server
Kestrel
Content-Type
image/jpeg
X-Vcap-Request-Id
c79ade85-8171-4945-788b-3ec9badd0be5
Cache-Control
public,max-age=86400
Connection
keep-alive
Content-Length
68575
X-Xss-Protection
1
footer_logo_en.png
www.manulife-travel.ca/content/dam/cm-travel/b2cshared/sharedimages/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.manulife-travel.ca/content/dam/cm-travel/b2cshared/sharedimages/footer_logo_en.png
Requested by
Host: www.manulife-travel.ca
URL: https://www.manulife-travel.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.217.153.66 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-153-66.deploy.static.akamaitechnologies.com
Software
Kestrel /
Resource Hash
865bb96275ce556ef123fb4e2c7b4b5e6a10ffbfa21e264f6f5025770e38e739
Security Headers
Name Value
Content-Security-Policy default-src https://connect.facebook.net/ https://jadserve.postrelease.com 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://manulifefinancial.sc.omtrdc.net https://assets.adobedtm.com https://connect.facebook.net https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://bat.bing.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' https://manulife.122.2o7.net https://www.facebook.com https://www.google.com https://www.google.ca https://googleads.g.doubleclick.net https://bat.bing.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://sit.igoinsured.com https://sitmlex.pci.manulife.com https://uat.igoinsured.com https://www.igoinsured.com https://uatmlex.pci.manulife.com https://6104928.fls.doubleclick.net/ https://mlex.pci.manulife.com https://gateway.zscloud.net/ https://www.facebook.com/ https://bid.g.doubleclick.net/;
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.manulife-travel.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Security-Policy
default-src https://connect.facebook.net/ https://jadserve.postrelease.com 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://manulifefinancial.sc.omtrdc.net https://assets.adobedtm.com https://connect.facebook.net https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://bat.bing.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' https://manulife.122.2o7.net https://www.facebook.com https://www.google.com https://www.google.ca https://googleads.g.doubleclick.net https://bat.bing.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://sit.igoinsured.com https://sitmlex.pci.manulife.com https://uat.igoinsured.com https://www.igoinsured.com https://uatmlex.pci.manulife.com https://6104928.fls.doubleclick.net/ https://mlex.pci.manulife.com https://gateway.zscloud.net/ https://www.facebook.com/ https://bid.g.doubleclick.net/;
Strict-Transport-Security
max-age=31536000;
X-Content-Type-Options
nosniff
Date
Tue, 21 Mar 2023 04:22:57 GMT
Server
Kestrel
Content-Type
image/png
X-Vcap-Request-Id
48dfa41f-8a73-42f4-53ac-7c0ec9302382
Cache-Control
public,max-age=86400
Connection
keep-alive
Content-Length
10796
X-Xss-Protection
1
main.min.js
www.manulife-travel.ca/etc.clientlibs/cm-travel/clientlibs/ 		252 KB
253 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.manulife-travel.ca/etc.clientlibs/cm-travel/clientlibs/main.min.js
Requested by
Host: www.manulife-travel.ca
URL: https://www.manulife-travel.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.217.153.66 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-153-66.deploy.static.akamaitechnologies.com
Software
Kestrel /
Resource Hash
570d069329a7bdcb1b1cbcc35bcdedc91eb5c7ba781f29e262a1ef70d2ddbb21
Security Headers
Name Value
Content-Security-Policy default-src https://connect.facebook.net/ https://jadserve.postrelease.com 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://manulifefinancial.sc.omtrdc.net https://assets.adobedtm.com https://connect.facebook.net https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://bat.bing.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' https://manulife.122.2o7.net https://www.facebook.com https://www.google.com https://www.google.ca https://googleads.g.doubleclick.net https://bat.bing.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://sit.igoinsured.com https://sitmlex.pci.manulife.com https://uat.igoinsured.com https://www.igoinsured.com https://uatmlex.pci.manulife.com https://6104928.fls.doubleclick.net/ https://mlex.pci.manulife.com https://gateway.zscloud.net/ https://www.facebook.com/ https://bid.g.doubleclick.net/;
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.manulife-travel.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Security-Policy
default-src https://connect.facebook.net/ https://jadserve.postrelease.com 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://manulifefinancial.sc.omtrdc.net https://assets.adobedtm.com https://connect.facebook.net https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://bat.bing.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' https://manulife.122.2o7.net https://www.facebook.com https://www.google.com https://www.google.ca https://googleads.g.doubleclick.net https://bat.bing.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://sit.igoinsured.com https://sitmlex.pci.manulife.com https://uat.igoinsured.com https://www.igoinsured.com https://uatmlex.pci.manulife.com https://6104928.fls.doubleclick.net/ https://mlex.pci.manulife.com https://gateway.zscloud.net/ https://www.facebook.com/ https://bid.g.doubleclick.net/;
Strict-Transport-Security
max-age=31536000;
X-Content-Type-Options
nosniff
Date
Tue, 21 Mar 2023 04:22:56 GMT
Server
Kestrel
Content-Type
text/javascript
X-Vcap-Request-Id
2e934c5f-a36c-4a82-7eef-c70337f2e13a
Cache-Control
public,max-age=86400
Connection
keep-alive
Content-Length
257890
X-Xss-Protection
1
UYCSQ
www.manulife-travel.ca/-I7HB83U/jqbmkh6/S-FfQ05/CI/Eww3VX3X7Y/EUxMcWA/PgZKKA/ 		193 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.manulife-travel.ca/-I7HB83U/jqbmkh6/S-FfQ05/CI/Eww3VX3X7Y/EUxMcWA/PgZKKA/UYCSQ
Requested by
Host: www.manulife-travel.ca
URL: https://www.manulife-travel.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.217.153.66 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-153-66.deploy.static.akamaitechnologies.com
Software
Kestrel /
Resource Hash
9e0008cfe39ebdc1f4f9bffd4ac4727850d0c1e6587ac935a2add7e7378da6f1
Security Headers
Name Value
Content-Security-Policy default-src https://connect.facebook.net/ https://jadserve.postrelease.com 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://manulifefinancial.sc.omtrdc.net https://assets.adobedtm.com https://connect.facebook.net https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://bat.bing.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' https://manulife.122.2o7.net https://www.facebook.com https://www.google.com https://www.google.ca https://googleads.g.doubleclick.net https://bat.bing.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://sit.igoinsured.com https://sitmlex.pci.manulife.com https://uat.igoinsured.com https://www.igoinsured.com https://uatmlex.pci.manulife.com https://6104928.fls.doubleclick.net/ https://mlex.pci.manulife.com https://gateway.zscloud.net/ https://www.facebook.com/ https://bid.g.doubleclick.net/;
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.manulife-travel.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src https://connect.facebook.net/ https://jadserve.postrelease.com 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://manulifefinancial.sc.omtrdc.net https://assets.adobedtm.com https://connect.facebook.net https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://bat.bing.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' https://manulife.122.2o7.net https://www.facebook.com https://www.google.com https://www.google.ca https://googleads.g.doubleclick.net https://bat.bing.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://sit.igoinsured.com https://sitmlex.pci.manulife.com https://uat.igoinsured.com https://www.igoinsured.com https://uatmlex.pci.manulife.com https://6104928.fls.doubleclick.net/ https://mlex.pci.manulife.com https://gateway.zscloud.net/ https://www.facebook.com/ https://bid.g.doubleclick.net/;
Strict-Transport-Security
max-age=31536000;
X-Content-Type-Options
nosniff
Date
Tue, 21 Mar 2023 04:22:56 GMT
Content-Encoding
gzip
Server
Kestrel
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8
X-Vcap-Request-Id
08607753-f856-4dbb-5cc7-e72a57ad3be5
Cache-Control
no-store,no-cache
Connection
keep-alive, Transfer-Encoding
X-Xss-Protection
1
ico-nav-arrow.svg
www.manulife-travel.ca/etc/designs/cm-travel/images/layout/ 		436 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.manulife-travel.ca/etc/designs/cm-travel/images/layout/ico-nav-arrow.svg
Requested by
Host: www.manulife-travel.ca
URL: https://www.manulife-travel.ca/etc.clientlibs/cm-travel/clientlibs/main.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.217.153.66 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-153-66.deploy.static.akamaitechnologies.com
Software
Kestrel /
Resource Hash
65ef8a47223237aa4d0041af22ade0e5ebb4cc5387bf74a36ba29f7d9b321329
Security Headers
Name Value
Content-Security-Policy default-src https://connect.facebook.net/ https://jadserve.postrelease.com 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://manulifefinancial.sc.omtrdc.net https://assets.adobedtm.com https://connect.facebook.net https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://bat.bing.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' https://manulife.122.2o7.net https://www.facebook.com https://www.google.com https://www.google.ca https://googleads.g.doubleclick.net https://bat.bing.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://sit.igoinsured.com https://sitmlex.pci.manulife.com https://uat.igoinsured.com https://www.igoinsured.com https://uatmlex.pci.manulife.com https://6104928.fls.doubleclick.net/ https://mlex.pci.manulife.com https://gateway.zscloud.net/ https://www.facebook.com/ https://bid.g.doubleclick.net/;
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.manulife-travel.ca/etc.clientlibs/cm-travel/clientlibs/main.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Security-Policy
default-src https://connect.facebook.net/ https://jadserve.postrelease.com 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://manulifefinancial.sc.omtrdc.net https://assets.adobedtm.com https://connect.facebook.net https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://bat.bing.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' https://manulife.122.2o7.net https://www.facebook.com https://www.google.com https://www.google.ca https://googleads.g.doubleclick.net https://bat.bing.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://sit.igoinsured.com https://sitmlex.pci.manulife.com https://uat.igoinsured.com https://www.igoinsured.com https://uatmlex.pci.manulife.com https://6104928.fls.doubleclick.net/ https://mlex.pci.manulife.com https://gateway.zscloud.net/ https://www.facebook.com/ https://bid.g.doubleclick.net/;
Strict-Transport-Security
max-age=31536000;
X-Content-Type-Options
nosniff
Date
Tue, 21 Mar 2023 04:22:56 GMT
Server
Kestrel
Content-Type
image/svg+xml
X-Vcap-Request-Id
7b3a2246-716d-461c-5246-a2dfab19a9dc
Cache-Control
public,max-age=86400
Connection
keep-alive
Content-Length
436
X-Xss-Protection
1
facebook-icon.svg
www.manulife-travel.ca/etc/designs/cm-travel/images/layout/ 		788 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.manulife-travel.ca/etc/designs/cm-travel/images/layout/facebook-icon.svg
Requested by
Host: www.manulife-travel.ca
URL: https://www.manulife-travel.ca/etc.clientlibs/cm-travel/clientlibs/main.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.217.153.66 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-153-66.deploy.static.akamaitechnologies.com
Software
Kestrel /
Resource Hash
f3c7a0019d334743164d41c3f17d1ad376692a0a43fc772eb45888c054501809
Security Headers
Name Value
Content-Security-Policy default-src https://connect.facebook.net/ https://jadserve.postrelease.com 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://manulifefinancial.sc.omtrdc.net https://assets.adobedtm.com https://connect.facebook.net https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://bat.bing.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' https://manulife.122.2o7.net https://www.facebook.com https://www.google.com https://www.google.ca https://googleads.g.doubleclick.net https://bat.bing.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://sit.igoinsured.com https://sitmlex.pci.manulife.com https://uat.igoinsured.com https://www.igoinsured.com https://uatmlex.pci.manulife.com https://6104928.fls.doubleclick.net/ https://mlex.pci.manulife.com https://gateway.zscloud.net/ https://www.facebook.com/ https://bid.g.doubleclick.net/;
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.manulife-travel.ca/etc.clientlibs/cm-travel/clientlibs/main.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Security-Policy
default-src https://connect.facebook.net/ https://jadserve.postrelease.com 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://manulifefinancial.sc.omtrdc.net https://assets.adobedtm.com https://connect.facebook.net https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://bat.bing.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' https://manulife.122.2o7.net https://www.facebook.com https://www.google.com https://www.google.ca https://googleads.g.doubleclick.net https://bat.bing.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://sit.igoinsured.com https://sitmlex.pci.manulife.com https://uat.igoinsured.com https://www.igoinsured.com https://uatmlex.pci.manulife.com https://6104928.fls.doubleclick.net/ https://mlex.pci.manulife.com https://gateway.zscloud.net/ https://www.facebook.com/ https://bid.g.doubleclick.net/;
Strict-Transport-Security
max-age=31536000;
X-Content-Type-Options
nosniff
Date
Tue, 21 Mar 2023 04:22:57 GMT
Server
Kestrel
Content-Type
image/svg+xml
X-Vcap-Request-Id
d30b2f90-297a-4323-557d-fe3ff9387274
Cache-Control
public,max-age=86400
Connection
keep-alive
Content-Length
788
X-Xss-Protection
1
twitter-icon.svg
www.manulife-travel.ca/etc/designs/cm-travel/images/layout/ 		1 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.manulife-travel.ca/etc/designs/cm-travel/images/layout/twitter-icon.svg
Requested by
Host: www.manulife-travel.ca
URL: https://www.manulife-travel.ca/etc.clientlibs/cm-travel/clientlibs/main.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.217.153.66 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-153-66.deploy.static.akamaitechnologies.com
Software
Kestrel /
Resource Hash
ffde22e733d68d81f4675c55e598eb5c917ee5ac97784f12f91d116a82989c4f
Security Headers
Name Value
Content-Security-Policy default-src https://connect.facebook.net/ https://jadserve.postrelease.com 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://manulifefinancial.sc.omtrdc.net https://assets.adobedtm.com https://connect.facebook.net https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://bat.bing.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' https://manulife.122.2o7.net https://www.facebook.com https://www.google.com https://www.google.ca https://googleads.g.doubleclick.net https://bat.bing.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://sit.igoinsured.com https://sitmlex.pci.manulife.com https://uat.igoinsured.com https://www.igoinsured.com https://uatmlex.pci.manulife.com https://6104928.fls.doubleclick.net/ https://mlex.pci.manulife.com https://gateway.zscloud.net/ https://www.facebook.com/ https://bid.g.doubleclick.net/;
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.manulife-travel.ca/etc.clientlibs/cm-travel/clientlibs/main.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Security-Policy
default-src https://connect.facebook.net/ https://jadserve.postrelease.com 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://manulifefinancial.sc.omtrdc.net https://assets.adobedtm.com https://connect.facebook.net https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://bat.bing.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' https://manulife.122.2o7.net https://www.facebook.com https://www.google.com https://www.google.ca https://googleads.g.doubleclick.net https://bat.bing.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://sit.igoinsured.com https://sitmlex.pci.manulife.com https://uat.igoinsured.com https://www.igoinsured.com https://uatmlex.pci.manulife.com https://6104928.fls.doubleclick.net/ https://mlex.pci.manulife.com https://gateway.zscloud.net/ https://www.facebook.com/ https://bid.g.doubleclick.net/;
Strict-Transport-Security
max-age=31536000;
X-Content-Type-Options
nosniff
Date
Tue, 21 Mar 2023 04:22:57 GMT
Server
Kestrel
Content-Type
image/svg+xml
X-Vcap-Request-Id
6305edf9-2d84-4721-729e-3e839cb7a8be
Cache-Control
public,max-age=86400
Connection
keep-alive
Content-Length
1413
X-Xss-Protection
1
instagram-icon.svg
www.manulife-travel.ca/etc/designs/cm-travel/images/layout/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.manulife-travel.ca/etc/designs/cm-travel/images/layout/instagram-icon.svg
Requested by
Host: www.manulife-travel.ca
URL: https://www.manulife-travel.ca/etc.clientlibs/cm-travel/clientlibs/main.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.217.153.66 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-153-66.deploy.static.akamaitechnologies.com
Software
Kestrel /
Resource Hash
24155e4a03c4f85390f18425c1646cb05fe9d71ff673a9f45f8f4a6d2cac8d0d
Security Headers
Name Value
Content-Security-Policy default-src https://connect.facebook.net/ https://jadserve.postrelease.com 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://manulifefinancial.sc.omtrdc.net https://assets.adobedtm.com https://connect.facebook.net https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://bat.bing.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' https://manulife.122.2o7.net https://www.facebook.com https://www.google.com https://www.google.ca https://googleads.g.doubleclick.net https://bat.bing.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://sit.igoinsured.com https://sitmlex.pci.manulife.com https://uat.igoinsured.com https://www.igoinsured.com https://uatmlex.pci.manulife.com https://6104928.fls.doubleclick.net/ https://mlex.pci.manulife.com https://gateway.zscloud.net/ https://www.facebook.com/ https://bid.g.doubleclick.net/;
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.manulife-travel.ca/etc.clientlibs/cm-travel/clientlibs/main.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Security-Policy
default-src https://connect.facebook.net/ https://jadserve.postrelease.com 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://manulifefinancial.sc.omtrdc.net https://assets.adobedtm.com https://connect.facebook.net https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://bat.bing.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' https://manulife.122.2o7.net https://www.facebook.com https://www.google.com https://www.google.ca https://googleads.g.doubleclick.net https://bat.bing.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://sit.igoinsured.com https://sitmlex.pci.manulife.com https://uat.igoinsured.com https://www.igoinsured.com https://uatmlex.pci.manulife.com https://6104928.fls.doubleclick.net/ https://mlex.pci.manulife.com https://gateway.zscloud.net/ https://www.facebook.com/ https://bid.g.doubleclick.net/;
Strict-Transport-Security
max-age=31536000;
X-Content-Type-Options
nosniff
Date
Tue, 21 Mar 2023 04:22:57 GMT
Server
Kestrel
Content-Type
image/svg+xml
X-Vcap-Request-Id
51c42bb0-95ad-4123-4b0c-6d8f58bb3fc2
Cache-Control
public,max-age=86400
Connection
keep-alive
Content-Length
1095
X-Xss-Protection
1
linkedin-icon.svg
www.manulife-travel.ca/etc/designs/cm-travel/images/layout/ 		876 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.manulife-travel.ca/etc/designs/cm-travel/images/layout/linkedin-icon.svg
Requested by
Host: www.manulife-travel.ca
URL: https://www.manulife-travel.ca/etc.clientlibs/cm-travel/clientlibs/main.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.217.153.66 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-153-66.deploy.static.akamaitechnologies.com
Software
Kestrel /
Resource Hash
845016e7759d25ec8cf6fdd8b5f4c1793fbe6d7574aad2bd5f75d5e6584da0c8
Security Headers
Name Value
Content-Security-Policy default-src https://connect.facebook.net/ https://jadserve.postrelease.com 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://manulifefinancial.sc.omtrdc.net https://assets.adobedtm.com https://connect.facebook.net https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://bat.bing.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' https://manulife.122.2o7.net https://www.facebook.com https://www.google.com https://www.google.ca https://googleads.g.doubleclick.net https://bat.bing.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://sit.igoinsured.com https://sitmlex.pci.manulife.com https://uat.igoinsured.com https://www.igoinsured.com https://uatmlex.pci.manulife.com https://6104928.fls.doubleclick.net/ https://mlex.pci.manulife.com https://gateway.zscloud.net/ https://www.facebook.com/ https://bid.g.doubleclick.net/;
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.manulife-travel.ca/etc.clientlibs/cm-travel/clientlibs/main.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Security-Policy
default-src https://connect.facebook.net/ https://jadserve.postrelease.com 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://manulifefinancial.sc.omtrdc.net https://assets.adobedtm.com https://connect.facebook.net https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://bat.bing.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' https://manulife.122.2o7.net https://www.facebook.com https://www.google.com https://www.google.ca https://googleads.g.doubleclick.net https://bat.bing.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://sit.igoinsured.com https://sitmlex.pci.manulife.com https://uat.igoinsured.com https://www.igoinsured.com https://uatmlex.pci.manulife.com https://6104928.fls.doubleclick.net/ https://mlex.pci.manulife.com https://gateway.zscloud.net/ https://www.facebook.com/ https://bid.g.doubleclick.net/;
Strict-Transport-Security
max-age=31536000;
X-Content-Type-Options
nosniff
Date
Tue, 21 Mar 2023 04:22:57 GMT
Server
Kestrel
Content-Type
image/svg+xml
X-Vcap-Request-Id
7b397fed-1d02-4952-6d09-244d0c831017
Cache-Control
public,max-age=86400
Connection
keep-alive
Content-Length
876
X-Xss-Protection
1
youtube-icon.svg
www.manulife-travel.ca/etc/designs/cm-travel/images/layout/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.manulife-travel.ca/etc/designs/cm-travel/images/layout/youtube-icon.svg
Requested by
Host: www.manulife-travel.ca
URL: https://www.manulife-travel.ca/etc.clientlibs/cm-travel/clientlibs/main.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.217.153.66 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-153-66.deploy.static.akamaitechnologies.com
Software
Kestrel /
Resource Hash
ddc9713023e1dc06c5f200d292771a2acb1dee430b69bd534ce52378e95ff057
Security Headers
Name Value
Content-Security-Policy default-src https://connect.facebook.net/ https://jadserve.postrelease.com 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://manulifefinancial.sc.omtrdc.net https://assets.adobedtm.com https://connect.facebook.net https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://bat.bing.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' https://manulife.122.2o7.net https://www.facebook.com https://www.google.com https://www.google.ca https://googleads.g.doubleclick.net https://bat.bing.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://sit.igoinsured.com https://sitmlex.pci.manulife.com https://uat.igoinsured.com https://www.igoinsured.com https://uatmlex.pci.manulife.com https://6104928.fls.doubleclick.net/ https://mlex.pci.manulife.com https://gateway.zscloud.net/ https://www.facebook.com/ https://bid.g.doubleclick.net/;
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.manulife-travel.ca/etc.clientlibs/cm-travel/clientlibs/main.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Security-Policy
default-src https://connect.facebook.net/ https://jadserve.postrelease.com 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://manulifefinancial.sc.omtrdc.net https://assets.adobedtm.com https://connect.facebook.net https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://bat.bing.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' https://manulife.122.2o7.net https://www.facebook.com https://www.google.com https://www.google.ca https://googleads.g.doubleclick.net https://bat.bing.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://sit.igoinsured.com https://sitmlex.pci.manulife.com https://uat.igoinsured.com https://www.igoinsured.com https://uatmlex.pci.manulife.com https://6104928.fls.doubleclick.net/ https://mlex.pci.manulife.com https://gateway.zscloud.net/ https://www.facebook.com/ https://bid.g.doubleclick.net/;
Strict-Transport-Security
max-age=31536000;
X-Content-Type-Options
nosniff
Date
Tue, 21 Mar 2023 04:22:57 GMT
Server
Kestrel
Content-Type
image/svg+xml
X-Vcap-Request-Id
937d74ad-4956-4933-5ef5-e5bbd263596c
Cache-Control
public,max-age=86400
Connection
keep-alive
Content-Length
1108
X-Xss-Protection
1
MaterialIcons-Regular.woff2
www.manulife-travel.ca/etc.clientlibs/cm-travel/clientlibs/main/resources/fonts/ 		43 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.manulife-travel.ca/etc.clientlibs/cm-travel/clientlibs/main/resources/fonts/MaterialIcons-Regular.woff2
Requested by
Host: www.manulife-travel.ca
URL: https://www.manulife-travel.ca/etc.clientlibs/cm-travel/clientlibs/main.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.217.153.66 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-153-66.deploy.static.akamaitechnologies.com
Software
Kestrel /
Resource Hash
42da7f7d8a64598ab8fd9baa18e88fa09288f43ae4c90e9a47441ee6810da0e3
Security Headers
Name Value
Content-Security-Policy default-src https://connect.facebook.net/ https://jadserve.postrelease.com 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://manulifefinancial.sc.omtrdc.net https://assets.adobedtm.com https://connect.facebook.net https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://bat.bing.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' https://manulife.122.2o7.net https://www.facebook.com https://www.google.com https://www.google.ca https://googleads.g.doubleclick.net https://bat.bing.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://sit.igoinsured.com https://sitmlex.pci.manulife.com https://uat.igoinsured.com https://www.igoinsured.com https://uatmlex.pci.manulife.com https://6104928.fls.doubleclick.net/ https://mlex.pci.manulife.com https://gateway.zscloud.net/ https://www.facebook.com/ https://bid.g.doubleclick.net/;
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://www.manulife-travel.ca/etc.clientlibs/cm-travel/clientlibs/main.min.css
Origin
https://www.manulife-travel.ca
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Security-Policy
default-src https://connect.facebook.net/ https://jadserve.postrelease.com 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://manulifefinancial.sc.omtrdc.net https://assets.adobedtm.com https://connect.facebook.net https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://bat.bing.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' https://manulife.122.2o7.net https://www.facebook.com https://www.google.com https://www.google.ca https://googleads.g.doubleclick.net https://bat.bing.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://sit.igoinsured.com https://sitmlex.pci.manulife.com https://uat.igoinsured.com https://www.igoinsured.com https://uatmlex.pci.manulife.com https://6104928.fls.doubleclick.net/ https://mlex.pci.manulife.com https://gateway.zscloud.net/ https://www.facebook.com/ https://bid.g.doubleclick.net/;
Strict-Transport-Security
max-age=31536000;
X-Content-Type-Options
nosniff
Date
Tue, 21 Mar 2023 04:22:56 GMT
Content-Encoding
gzip
Server
Kestrel
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
text/html
X-Vcap-Request-Id
3c81522f-10bf-4958-49f5-9748e0e8dc39
Cache-Control
public,max-age=86400
Connection
keep-alive, Transfer-Encoding
X-Xss-Protection
1
AppMeasurement.min.js
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/b84dbf01908c/bfbe003d091e/launch-80a681ce3a6b.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:792::1e80 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.manulife-travel.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

unused62
8096267
date
Tue, 21 Mar 2023 04:22:57 GMT
content-encoding
gzip
last-modified
Mon, 14 Feb 2022 16:35:31 GMT
server
AkamaiNetStorage
etag
"d860c16ac938f7d839f0ec158d02d0f0:1644856531.418573"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.manulife-travel.ca
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
12163
expires
Tue, 21 Mar 2023 05:22:57 GMT
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_ActivityMap.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/b84dbf01908c/bfbe003d091e/launch-80a681ce3a6b.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13:792::1e80 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
462a66acbf50e933685e7587e9f1441df8225b2bb4d6b7bc5e757eccf4ff6575

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.manulife-travel.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

unused62
8096267
date
Tue, 21 Mar 2023 04:22:57 GMT
content-encoding
gzip
last-modified
Mon, 14 Feb 2022 16:35:31 GMT
server
AkamaiNetStorage
etag
"2d1382c349d480b6b41574ac0c1af066:1644856531.739514"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.manulife-travel.ca
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
1597
expires
Tue, 21 Mar 2023 05:22:57 GMT
fbevents.js
connect.facebook.net/en_US/ 		107 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/b84dbf01908c/bfbe003d091e/launch-80a681ce3a6b.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0a19fce040b8127f3e2e3ed609f7800153be329d6420b53295fb79a4f40012ec
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.manulife-travel.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 21 Mar 2023 04:22:57 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27907
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
oVRW7/McPOC1mqcs6hAiDfEvBveP9GyUuCz4E1kbl0maY2mDjpa/jBujxt+0ex+84stnJTnTjPPXZhFr+1aDBQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1512268381
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		182 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-10826534458
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/b84dbf01908c/bfbe003d091e/launch-80a681ce3a6b.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2008 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4d3266a2586c636c8425cb0873e2c2422cf619291039e949569309d7cb0d0f10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.manulife-travel.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 04:22:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66943
x-xss-protection
0
last-modified
Tue, 21 Mar 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 21 Mar 2023 04:22:57 GMT
identity.js
connect.facebook.net/signals/plugins/ 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.99
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.manulife-travel.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 21 Mar 2023 04:22:57 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
20722
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
ObmrbjsdGWFL28xTS57Osk+MQfDzCX84ZgNSkw93JG5NGjOyHMHRZ50BqWFUKSZ5AqimjKZTDh0bV+uvGFVLNw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1512268381
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
150026080405999
connect.facebook.net/signals/config/ 		380 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/150026080405999?v=2.9.99&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ccc22cad903d4187edbd6bf27313c726bdf9630f6791f13c656a0785f6983dc3
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.manulife-travel.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 21 Mar 2023 04:22:57 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
111205
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
jCB4B+bPbsIoZGCaO64ar/wk+EX4vpIkGh3R5ujSc+yHjhldBI88WyflCttAGzBO1Vb7Hw2oW0f1yg/ESwtqkQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1512268381
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10826534458/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10826534458/?random=1679372577201&cv=11&fst=1679372577201&bg=ffffff&guid=ON&async=1&gtm=45be33f0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.manulife-travel.ca%2F&tiba=Manulife%20Financial%20Travel%20Insurance%20%7C%20SISIP&auid=186109245.1679372577&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10826534458
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7718d5d63326807ebe726cc06aa899dbc88cf8f287df8bf13b44998774f11337
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.manulife-travel.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Mar 2023 04:22:57 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1230
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
s73344900463335
manulife.122.2o7.net/b/ss/manumfti/1/JS-2.22.4-LDQM/ 		43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://manulife.122.2o7.net/b/ss/manumfti/1/JS-2.22.4-LDQM/s73344900463335?AQB=1&ndh=1&pf=1&t=21%2F2%2F2023%204%3A22%3A57%202%200&mid=70077503715991910805395105219834926828&ce=UTF-8&ns=manulife&pageName=%2F&g=https%3A%2F%2Fwww.manulife-travel.ca%2F&c.&getPreviousValue=3.0&getNewRepeat=3.0&.c&cc=CAD&v2=New&c3=SISIP%20logo&v3=1&c4=mfti&c5=en&v6=SISIP%20logo&v7=mfti&v8=en&c19=manulife%20financial%20travel%20insurance%20%7C%20sisip&v23=manulife%20financial%20travel%20insurance%20%7C%20sisip&c24=manulife%20financial%20travel%20insurance%20%7C%20sisip&v52=manulife%20financial%20travel%20insurance%20%7C%20sisip&v54=www.manulife-travel.ca&v118=https%3A%2F%2Fwww.manulife-travel.ca%2F&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=37B127E253DB11F10A490D4E%40AdobeOrg&AQE=1
Requested by
Host: www.manulife-travel.ca
URL: https://www.manulife-travel.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.36.139 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-63-140-36-139.data.adobedc.net
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.manulife-travel.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Mar 2023 04:22:57 GMT
x-content-type-options
nosniff
last-modified
Wed, 22 Mar 2023 04:22:57 GMT
server
jag
etag
3606425149078011904-4619757648925134439
vary
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
*
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0, no-transform, private
content-length
43
x-xss-protection
1; mode=block
expires
Mon, 20 Mar 2023 04:22:57 GMT
/
www.google.com/pagead/1p-user-list/10826534458/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/10826534458/?random=1679372577201&cv=11&fst=1679371200000&bg=ffffff&guid=ON&async=1&gtm=45be33f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.manulife-travel.ca%2F&tiba=Manulife%20Financial%20Travel%20Insurance%20%7C%20SISIP&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=982259141&rmt_tld=0&ipr=y
Requested by
Host: www.manulife-travel.ca
URL: https://www.manulife-travel.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.manulife-travel.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Mar 2023 04:22:57 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ca/pagead/1p-user-list/10826534458/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-user-list/10826534458/?random=1679372577201&cv=11&fst=1679371200000&bg=ffffff&guid=ON&async=1&gtm=45be33f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.manulife-travel.ca%2F&tiba=Manulife%20Financial%20Travel%20Insurance%20%7C%20SISIP&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=982259141&rmt_tld=1&ipr=y
Requested by
Host: www.manulife-travel.ca
URL: https://www.manulife-travel.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.manulife-travel.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Mar 2023 04:22:57 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.manulife-travel.ca
URL
https://www.manulife-travel.ca/etc/designs/default.css

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| $ function| jQuery function| navbarstate function| setCookie function| thFontSizeCalculate function| stickyHeader function| destroyStickyHeader function| TabClick function| planHeadingHeight function| isExternalLink function| getUrlParameter function| addQueryParam function| addMktParam function| $bu_getBrowser function| $buo function| Tether function| Popper object| bootstrap object| _buorgres object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in function| fbq function| _fbq object| aaPlugins function| cookieWrite function| cookieRead string| g function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq function| getNewRepeat object| google_tag_manager object| google_tag_data object| dataLayer function| gtag object| GooglebQhCsO object| s_i_manumfti

7 Cookies

Domain/Path Name / Value
www.manulife-travel.ca/ Name: .TravelB2C
Value: CfDJ8IqNHRQookZBij9e5LDE74jOSyb%2FKOlYoDQuYrvhALFOqmmbJvvCqNVVCId5IkFVH3wj8LeRgPuMvdZ0POTajBOnD0Vq32Zaw01yd%2FYu88uMYlsYautjtrSXT4X0TPz0RytNfJQvHGo7hYFwcrHEgP4mxr8ccArTpAG6He0MW213
.manulife-travel.ca/ Name: ak_bmsc
Value: FBC819B3A2BDF677FB7376FC5F2FBCDA~000000000000000000000000000000~YAAQRl3bF23uMv2GAQAAoOhnAhMnTWusSt7UPQKOh5cs6g6BQWR1dD5hKNrUf4qfsFehTtRkvb8+SuQ27QNaBIy1Oq2fOahNayxcB2v1lKGB8WX5zCzFinpBvUwPM2OoPV++sxFznuIxWo+auhvCYb2g6C5wZvZ0ODCNRojqF5Uy8Lt9oUepccT51JeO9vFwX8aPhynIfvaQYzj5lFgYkWwasiXR0hrlf6h6hVi1ZG+GmLFZNalWCi+3KAeJa/CZAEqba5oiWLM7m0TC9l8PFwfq4Jw/0woY2SCQESKXywETn4RKlQSxLagXtsoXoGKEogUyzmgW5ZYxIBx0td41Mzron/ad8WOu1gBNfdyOjFwR1WILPxd34OLIx8uPYJ8D1x8hiO1xSDk=
.manulife-travel.ca/ Name: AMCV_37B127E253DB11F10A490D4E%40AdobeOrg
Value: 1176715910%7CMCIDTS%7C19438%7CMCMID%7C70077503715991910805395105219834926828%7CvVersion%7C5.4.0
.manulife-travel.ca/ Name: s_nr30
Value: 1679372577021-New
.manulife-travel.ca/ Name: _gcl_au
Value: 1.1.186109245.1679372577
.manulife-travel.ca/ Name: s_cc
Value: true
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

2 Console Messages

Source Level URL
Text
security error URL: https://www.manulife-travel.ca/
Message:
Refused to apply style from 'https://www.manulife-travel.ca/etc/designs/default.css' because its MIME type ('') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security error URL: https://www.manulife-travel.ca/
Message:
Refused to execute script from 'https://www.manulife-travel.ca/-I7HB83U/jqbmkh6/S-FfQ05/CI/Eww3VX3X7Y/EUxMcWA/PgZKKA/UYCSQ' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src https://connect.facebook.net/ https://jadserve.postrelease.com 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://manulifefinancial.sc.omtrdc.net https://assets.adobedtm.com https://connect.facebook.net https://www.googletagmanager.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://bat.bing.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' https://manulife.122.2o7.net https://www.facebook.com https://www.google.com https://www.google.ca https://googleads.g.doubleclick.net https://bat.bing.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://sit.igoinsured.com https://sitmlex.pci.manulife.com https://uat.igoinsured.com https://www.igoinsured.com https://uatmlex.pci.manulife.com https://6104928.fls.doubleclick.net/ https://mlex.pci.manulife.com https://gateway.zscloud.net/ https://www.facebook.com/ https://bid.g.doubleclick.net/;
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
connect.facebook.net
fonts.googleapis.com
googleads.g.doubleclick.net
manulife.122.2o7.net
www.google.ca
www.google.com
www.googletagmanager.com
www.manulife-travel.ca
www.manulife-travel.ca
23.217.153.66
2600:141b:13:792::1e80
2607:f8b0:4006:807::2002
2607:f8b0:4006:80e::2008
2607:f8b0:4006:820::2004
2607:f8b0:4006:820::200a
2607:f8b0:4006:821::2003
2a03:2880:f012:8:face:b00c:0:1
63.140.36.139
031038a14850d6c5204ab4310e47602da5d629b0477f3de531f141035c17deb9
0a19fce040b8127f3e2e3ed609f7800153be329d6420b53295fb79a4f40012ec
13c932aa883a5383dbc1beea1c30623fa4b2b19377511ee2ea2ef3d2051851c6
24155e4a03c4f85390f18425c1646cb05fe9d71ff673a9f45f8f4a6d2cac8d0d
2ecab435e452d65a1f7a485d3839d9d42d8ae63b35011c84616d15062f3e632d
36b4a3028c71964f7dab32ce8a512ccbbc3636f71dbac83f9c0256b9445527c1
42da7f7d8a64598ab8fd9baa18e88fa09288f43ae4c90e9a47441ee6810da0e3
462a66acbf50e933685e7587e9f1441df8225b2bb4d6b7bc5e757eccf4ff6575
4d3266a2586c636c8425cb0873e2c2422cf619291039e949569309d7cb0d0f10
570d069329a7bdcb1b1cbcc35bcdedc91eb5c7ba781f29e262a1ef70d2ddbb21
65ef8a47223237aa4d0041af22ade0e5ebb4cc5387bf74a36ba29f7d9b321329
7718d5d63326807ebe726cc06aa899dbc88cf8f287df8bf13b44998774f11337
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
845016e7759d25ec8cf6fdd8b5f4c1793fbe6d7574aad2bd5f75d5e6584da0c8
865bb96275ce556ef123fb4e2c7b4b5e6a10ffbfa21e264f6f5025770e38e739
9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c
9b033e27819e3eb96ecfa417b01445d7600d526e0e284b6b80adcc78c8b0dc07
9bf99d2f202bc33c00523146e4e2ba64d61dd406e6eb4ed87d8438f27253b3a0
9e0008cfe39ebdc1f4f9bffd4ac4727850d0c1e6587ac935a2add7e7378da6f1
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a8f57a13be156511fd80bbcfe4a003189137e324410c985d7e18c087fa807bd8
babe044786622d34c01bab6c5555f8656d69a3c70e7176b07889901bdb22921e
ccc22cad903d4187edbd6bf27313c726bdf9630f6791f13c656a0785f6983dc3
dca7661781b1395f58620017b2ca5c9356d6ccca9e7e512a3917e27c7c445bff
ddc9713023e1dc06c5f200d292771a2acb1dee430b69bd534ce52378e95ff057
e0788c3b913bf80d562e3ba9ebe9cf252567e3f918125c1c0cf7aa6e8b2985e6
e9028059af4cfe8d18897c63241c10a726145cb4ce06558e16cc17576d78d313
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3c7a0019d334743164d41c3f17d1ad376692a0a43fc772eb45888c054501809
ffde22e733d68d81f4675c55e598eb5c917ee5ac97784f12f91d116a82989c4f