www.aviva.ca Open in urlscan Pro
104.71.191.34 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://aviva.ca/
Effective URL:
https://www.aviva.ca/en/
Submission: On October 04 via manual (October 4th 2024, 5:16:18 pm UTC) from US — Scanned from CA

Summary HTTP 126 Redirects Links 29 Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 126 HTTP transactions. The main IP is 104.71.191.34, located in Piscataway, United States and belongs to AKAMAI-AS, US. The main domain is www.aviva.ca.
TLS certificate: Issued by Sectigo RSA Extended Validation Secur... on August 9th 2024. Valid for: 9 months.

This is the only time www.aviva.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	76.223.81.247 76.223.81.247	16509 (AMAZON-02) (AMAZON-02)
1 59	104.71.191.34 104.71.191.34	16625 (AKAMAI-AS) (AKAMAI-AS)
11	104.18.86.42 104.18.86.42	13335 (CLOUDFLAR...) (CLOUDFLARENET)
49	23.204.18.149 23.204.18.149	16625 (AKAMAI-AS) (AKAMAI-AS)
5	23.51.57.57 23.51.57.57	16625 (AKAMAI-AS) (AKAMAI-AS)
1	172.64.155.119 172.64.155.119	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	31.13.71.7 31.13.71.7	32934 (FACEBOOK) (FACEBOOK)
126	7

1 76.223.81.247 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a003e149c7ba799c6.awsglobalaccelerator.com

aviva.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

59 104.71.191.34 (Piscataway, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-71-191-34.deploy.static.akamaitechnologies.com

www.aviva.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.18.86.42 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

49 23.204.18.149 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-204-18-149.deploy.static.akamaitechnologies.com

cdn.aviva.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.51.57.57 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-51-57-57.deploy.static.akamaitechnologies.com

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.155.119 (None, )

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.71.7 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-lga3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
60	aviva.ca 2 redirects aviva.ca — Cisco Umbrella Rank: 795857 www.aviva.ca	1 MB
49	aviva.com cdn.aviva.com — Cisco Umbrella Rank: 389038	266 KB
11	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 326	167 KB
5	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 430	135 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	73 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 498	306 B
126	6

	Domain	Requested by
59	www.aviva.ca	1 redirects www.aviva.ca cdn.aviva.com
49	cdn.aviva.com	www.aviva.ca cdn.aviva.com
11	cdn.cookielaw.org	www.aviva.ca cdn.cookielaw.org
5	assets.adobedtm.com	www.aviva.ca assets.adobedtm.com
2	connect.facebook.net	assets.adobedtm.com connect.facebook.net
1	geolocation.onetrust.com	cdn.cookielaw.org
1	aviva.ca	1 redirects
126	7

This site contains links to these domains. Also see Links.

Domain
www.nationalhomewarranty.com
myaviva.avivainsurance.ca
www.insurancebusinessmag.com
www.greatplacetowork.ca
reviews.canadastop100.com
readerschoice.thestar.com
www.hrreporter.com
www.thestar.com
ibawards.ca
www.insurance-canada.ca
www.aviva.com
partner.aviva.ca
www.facebook.com
twitter.com
ca.linkedin.com
www.youtube.com
www.equiteassociation.com
www.onetrust.com

Subject Issuer	Validity	Valid
cert01.ca.aviva.com Sectigo RSA Extended Validation Secure Server CA	`2024-08-09` - `2025-05-08`	9 months	crt.sh
cookielaw.org WE1	`2024-08-13` - `2024-11-11`	3 months	crt.sh
cert02.uk.aviva.com Sectigo RSA Extended Validation Secure Server CA	`2024-09-30` - `2025-09-30`	a year	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-09` - `2025-08-09`	a year	crt.sh
geolocation.onetrust.com WE1	`2024-08-13` - `2024-11-11`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-07-13` - `2024-10-11`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.aviva.ca/en/
Frame ID: 6AAED49E9363E1C4FCF6DB1F3FD06F4B
Requests: 128 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Get Insurance Quotes Online & Compare Auto, Home & More | Aviva Canada

Page URL History Show full URLs

http://aviva.ca/ HTTP 307
https://aviva.ca/ HTTP 301
https://www.aviva.ca/ HTTP 302
https://www.aviva.ca/en/ Page URL

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

/etc/designs/

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

126
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

7
IPs

2
Countries

1761 kB
Transfer

4310 kB
Size

7
Cookies

29 Outgoing links

These are links going to different origins than the main page.

URL: https://www.nationalhomewarranty.com/tools/claims.html
Title: Home Warranty Insurance Claim

Search URL Search Domain Scan URL

URL: https://myaviva.avivainsurance.ca/claims/make-a-claim/landing?pid=pro-per-per-clm&adobe_mc=MCORGID%3D8225575E557166897F000101%2540AdobeOrg%7CTS%3D1728062172
Title: Submit a claim

Search URL Search Domain Scan URL

URL: https://myaviva.avivainsurance.ca/MyAccount/login?adobe_mc=MCORGID%3D8225575E557166897F000101%2540AdobeOrg%7CTS%3D1728062172
Title: Access MyAviva

Search URL Search Domain Scan URL

URL: https://myaviva.avivainsurance.ca/claims/make-a-claim/landing?riskType=auto&adobe_mc=MCORGID%3D8225575E557166897F000101%2540AdobeOrg%7CTS%3D1728062172
Title: Auto claim

Search URL Search Domain Scan URL

URL: https://myaviva.avivainsurance.ca/claims/make-a-claim/landing?riskType=property&adobe_mc=MCORGID%3D8225575E557166897F000101%2540AdobeOrg%7CTS%3D1728062172
Title: Property claim

Search URL Search Domain Scan URL

URL: https://myaviva.avivainsurance.ca/claims/make-a-claim/landing?pid=pro-per-per-clm&_ga=2.76290198.223596760.1606934750-1236993873.1606934750&adobe_mc=MCORGID%3D8225575E557166897F000101%2540AdobeOrg%7CTS%3D1728062172
Title: Learn more

Search URL Search Domain Scan URL

URL: https://www.insurancebusinessmag.com/ca/news/construction/revealed--canadas-top-construction-insurers-for-2024-502844.aspx
Title: top construction insurers

Search URL Search Domain Scan URL

URL: https://www.insurancebusinessmag.com/ca/best-insurance/best-diversity-equity-and-inclusion-in-the-workplace-in-canada-484410.aspx
Title: Click here to read more

Search URL Search Domain Scan URL

URL: https://www.greatplacetowork.ca/en/best-workplaces/recent-list-publications
Title: 2024

Search URL Search Domain Scan URL

URL: https://reviews.canadastop100.com/top-employer-aviva?_gl=1*paj4po*_ga*NDcyMjkxNjQ3LjE3MDA2Njk2NTk.*_ga_H481FDLVWD*MTcwNDc0MjU2OS4xMS4wLjE3MDQ3NDI1NjkuMC4wLjA.#gta
Title: here

Search URL Search Domain Scan URL

URL: https://www.insurancebusinessmag.com/ca/best-insurance/brokers-on-the-top-insurance-carriers--5star-carriers-2023-466941.aspx
Title: Awarded 5-Star Carrier winner

Search URL Search Domain Scan URL

URL: https://readerschoice.thestar.com/readerschoice-toronto/categories/professional-services/subcategories/insurance-company
Title: See Best Insurance Company winners

Search URL Search Domain Scan URL

URL: https://www.hrreporter.com/best-in-hr/best-diversity-equity-and-inclusion-in-the-workplace-in-canada-5-star-dei-employers-2023/377392#winnersListSection
Title: See list of winners

Search URL Search Domain Scan URL

URL: https://www.thestar.com/readerschoice-toronto/categories/professional-services/subcategories/insurance-company
Title: See Best Insurance Company winners

Search URL Search Domain Scan URL

URL: https://www.thestar.com/readerschoice-toronto/categories/professional-services/subcategories/car-insurance-company
Title: See Best Car Insurance Company winners

Search URL Search Domain Scan URL

URL: https://ibawards.ca/winners-excellence-awardees/2022
Title: See list of winners

Search URL Search Domain Scan URL

URL: https://www.insurancebusinessmag.com/ca/best-insurance/5star-carriers-2022-428953.aspx
Title: See list of winners

Search URL Search Domain Scan URL

URL: https://www.insurance-canada.ca/insurance-canada-tech-award/2022-peoples-choice-award/
Title: See list of winners

Search URL Search Domain Scan URL

URL: https://myaviva.avivainsurance.ca/claims/make-a-claim/landing?riskType=auto&pid=pro-per-car-clm&adobe_mc=MCORGID%3D8225575E557166897F000101%2540AdobeOrg%7CTS%3D1728062172
Title: Submit your auto claim

Search URL Search Domain Scan URL

URL: https://myaviva.avivainsurance.ca/claims/make-a-claim/landing?riskType=property&pid=pro-per-hom-clm&adobe_mc=MCORGID%3D8225575E557166897F000101%2540AdobeOrg%7CTS%3D1728062172
Title: Submit your property claim

Search URL Search Domain Scan URL

URL: https://www.aviva.com/
Title: Aviva plc, corporate website

Search URL Search Domain Scan URL

URL: https://partner.aviva.ca/login/
Title: Aviva Partner

Search URL Search Domain Scan URL

URL: https://www.nationalhomewarranty.com/
Title: Home Warranty Insurance

Search URL Search Domain Scan URL

URL: https://www.facebook.com/AvivaCanada/
Title: Follow Us on Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/AvivaCanada
Title: Follow Us on Twitter

Search URL Search Domain Scan URL

URL: https://ca.linkedin.com/company/aviva-canada
Title: Follow Us on LinkedIn

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/avivacanada
Title: Follow Us on Youtube

Search URL Search Domain Scan URL

URL: https://www.equiteassociation.com/

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://aviva.ca/ HTTP 307
https://aviva.ca/ HTTP 301
https://www.aviva.ca/ HTTP 302
https://www.aviva.ca/en/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

126 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.aviva.ca/en/
Redirect Chain

http://aviva.ca/
https://aviva.ca/
https://www.aviva.ca/
https://www.aviva.ca/en/

126 KB
19 KB

364ms
364ms

Document
text/html

104.71.191.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aviva.ca/en/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.191.34 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-71-191-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

c0580f9e1520629b168baf4c5a9b9b10ad01a55ae7845aeeb1aef585c240a046

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .aviva.ca .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com .pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' .aviva.ca cdn.aviva.com .adobedtm.com .amazon.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com .cookielaw.org ajax.aspnetcdn.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com fonts.googleapis.com; connect-src 'self' .amazon.com cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .cookielaw.org .linkedin.com .reddit.com .redditstatic.com .onetrust.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .amazon .aviva.ca .pardot.com; frame-ancestors https://.aviva.ca
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 17598
content-security-policy: default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.aviva.ca *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com *.pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' *.aviva.ca cdn.aviva.com *.adobedtm.com *.amazon.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com *.cookielaw.org ajax.aspnetcdn.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com fonts.googleapis.com; connect-src 'self' *.amazon.com cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.cookielaw.org *.linkedin.com *.reddit.com *.redditstatic.com *.onetrust.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.amazon *.aviva.ca *.pardot.com; frame-ancestors https://*.aviva.ca
content-type: text/html; charset=UTF-8
date: Fri, 04 Oct 2024 17:16:10 GMT
etag: "1f574-623a8ae9a3bfe-gzip"
expires: Thu, 01 Jan 1970 00:00:00 GMT
last-modified: Fri, 04 Oct 2024 15:54:11 GMT
pragma: no-cache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-akamai-transformed: 9 17370 0 pmb=mTOE,2
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-length: 208
content-security-policy: default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.aviva.ca *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com *.pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' *.aviva.ca cdn.aviva.com *.adobedtm.com *.amazon.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com *.cookielaw.org ajax.aspnetcdn.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com fonts.googleapis.com; connect-src 'self' *.amazon.com cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.cookielaw.org *.linkedin.com *.reddit.com *.redditstatic.com *.onetrust.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.amazon *.aviva.ca *.pardot.com; frame-ancestors https://*.aviva.ca
content-type: text/html; charset=iso-8859-1
date: Fri, 04 Oct 2024 17:16:10 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://www.aviva.ca/en/
pragma: no-cache
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 22 KB
8 KB 87ms
31ms Script
application/javascript 104.18.86.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efad755939e511f2bc1feb0d58d6014006e8598a4d431f27a66dd59e14fc19cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

content-md5: uiXk8gw/ehyoMvZ3GeQiaQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCE3AD1BDFE4B6
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 32337
x-content-type-options: nosniff
date: Fri, 04 Oct 2024 17:16:10 GMT
content-type: application/javascript
last-modified: Thu, 03 Oct 2024 13:13:01 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 22c02fad-e01e-0102-4b99-15d725000000
cf-ray: 8cd6d1789ce739e1-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7214
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 normalize.css
cdn.aviva.com/static/core/v.3.3.0/css/vendor/normalize/ 2 KB
1 KB 273ms
119ms Stylesheet
text/css 23.204.18.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/css/vendor/normalize/normalize.css

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/en/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.204.18.149 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-204-18-149.deploy.static.akamaitechnologies.com

Software

Resource Hash

80bc044677cf80929d5d037919a68e2040d0b3632f80340b418a29fc8f5baaff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
content-encoding: gzip
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Sun, 03 Nov 2024 17:16:11 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 897
date: Fri, 04 Oct 2024 17:16:11 GMT
content-type: text/css
last-modified: Mon, 24 May 2021 15:46:45 GMT
vary: Accept-Encoding

GET
H2 200 postcss-split1.css
cdn.aviva.com/static/core/v.3.3.0/css/ 250 KB
21 KB 351ms
197ms Stylesheet
text/css 23.204.18.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split1.css

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/en/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.204.18.149 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-204-18-149.deploy.static.akamaitechnologies.com

Software

Resource Hash

1bc9542c1c8c760c1561163c13a4a74dca5335392f2844c2273f20e8a92e8ed5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
content-encoding: gzip
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Sun, 03 Nov 2024 17:16:11 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 21579
date: Fri, 04 Oct 2024 17:16:11 GMT
content-type: text/css
last-modified: Mon, 24 May 2021 15:46:45 GMT
vary: Accept-Encoding

GET
H2 200 postcss-split2.css
cdn.aviva.com/static/core/v.3.3.0/css/ 309 KB
22 KB 274ms
121ms Stylesheet
text/css 23.204.18.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split2.css

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/en/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.204.18.149 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-204-18-149.deploy.static.akamaitechnologies.com

Software

Resource Hash

1d9addbda55aa12a20367b4afb563f3516b4db50edb4437de62e2704a6dcfa32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
content-encoding: gzip
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Sun, 03 Nov 2024 17:16:11 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 22286
date: Fri, 04 Oct 2024 17:16:11 GMT
content-type: text/css
last-modified: Mon, 24 May 2021 15:46:45 GMT
vary: Accept-Encoding

GET
H2 200 postcss-split.css
cdn.aviva.com/static/core/v.3.3.0/css/ 337 KB
39 KB 312ms
159ms Stylesheet
text/css 23.204.18.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split.css

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/en/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.204.18.149 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-204-18-149.deploy.static.akamaitechnologies.com

Software

Resource Hash

ea681f855f779432a5b2cbb5ff740b95a533c3731d0d66281c8b03567da00a45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
content-encoding: gzip
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Sun, 03 Nov 2024 17:16:11 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 39450
date: Fri, 04 Oct 2024 17:16:11 GMT
content-type: text/css
last-modified: Mon, 24 May 2021 15:46:45 GMT
vary: Accept-Encoding

GET
H2 200 core.min.css
www.aviva.ca/etc/designs/aviva-public/1.49.2/css/ 199 KB
31 KB 172ms
166ms Stylesheet
text/css 104.71.191.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aviva.ca/etc/designs/aviva-public/1.49.2/css/core.min.css?v=2021.02.19

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/en/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.191.34 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-71-191-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec92ce4898b64554e8af26eed6b09024f152008f2f64affe6c300dbfbb8f0e75

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .aviva.ca .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com .pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' .aviva.ca cdn.aviva.com .adobedtm.com .amazon.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com .cookielaw.org ajax.aspnetcdn.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com fonts.googleapis.com; connect-src 'self' .amazon.com cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .cookielaw.org .linkedin.com .reddit.com .redditstatic.com .onetrust.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .amazon .aviva.ca .pardot.com; frame-ancestors https://.aviva.ca
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/

Response headers

content-encoding: gzip
etag: "31a12-6216a25541dd2-gzip"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Sun, 03 Nov 2024 17:16:11 GMT
date: Fri, 04 Oct 2024 17:16:11 GMT
last-modified: Fri, 06 Sep 2024 02:27:16 GMT
content-type: text/css
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.aviva.ca *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com *.pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' *.aviva.ca cdn.aviva.com *.adobedtm.com *.amazon.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com *.cookielaw.org ajax.aspnetcdn.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com fonts.googleapis.com; connect-src 'self' *.amazon.com cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.cookielaw.org *.linkedin.com *.reddit.com *.redditstatic.com *.onetrust.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.amazon *.aviva.ca *.pardot.com; frame-ancestors https://*.aviva.ca
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 30603
x-xss-protection: 1; mode=block

GET
H2 200 aviva-modal.css
www.aviva.ca/etc/designs/aviva/clientlibs/uk/ 19 KB
6 KB 172ms
167ms Stylesheet
text/css 104.71.191.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aviva.ca/etc/designs/aviva/clientlibs/uk/aviva-modal.css?v=2024.09.05-2

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/en/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.191.34 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-71-191-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

1a0948e98160002a3b821cd4cf703fea9eda4b847fc828fee905aeca128c0204

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .aviva.ca .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com .pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' .aviva.ca cdn.aviva.com .adobedtm.com .amazon.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com .cookielaw.org ajax.aspnetcdn.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com fonts.googleapis.com; connect-src 'self' .amazon.com cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .cookielaw.org .linkedin.com .reddit.com .redditstatic.com .onetrust.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .amazon .aviva.ca .pardot.com; frame-ancestors https://.aviva.ca
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/

Response headers

content-encoding: gzip
etag: W/"4db9-6216a1923017f-gzip"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Sun, 03 Nov 2024 17:16:11 GMT
date: Fri, 04 Oct 2024 17:16:11 GMT
last-modified: Fri, 06 Sep 2024 02:23:52 GMT
content-type: text/css
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.aviva.ca *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com *.pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' *.aviva.ca cdn.aviva.com *.adobedtm.com *.amazon.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com *.cookielaw.org ajax.aspnetcdn.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com fonts.googleapis.com; connect-src 'self' *.amazon.com cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.cookielaw.org *.linkedin.com *.reddit.com *.redditstatic.com *.onetrust.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.amazon *.aviva.ca *.pardot.com; frame-ancestors https://*.aviva.ca
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 4919
x-xss-protection: 1; mode=block

GET
H2 200 global-overrides.css
www.aviva.ca/etc/designs/aviva/clientlibs/uk/ 66 KB
10 KB 132ms
128ms Stylesheet
text/css 104.71.191.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aviva.ca/etc/designs/aviva/clientlibs/uk/global-overrides.css?v=2024.09.05-2

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/en/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.191.34 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-71-191-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

98348dab3a9c47f21b6a09f2777e6f35a8063f5190230081fd78723742248ade

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .aviva.ca .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com .pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' .aviva.ca cdn.aviva.com .adobedtm.com .amazon.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com .cookielaw.org ajax.aspnetcdn.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com fonts.googleapis.com; connect-src 'self' .amazon.com cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .cookielaw.org .linkedin.com .reddit.com .redditstatic.com .onetrust.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .amazon .aviva.ca .pardot.com; frame-ancestors https://.aviva.ca
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/

Response headers

content-encoding: gzip
etag: W/"108f3-6216a1928566a-gzip"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Sun, 03 Nov 2024 17:16:11 GMT
date: Fri, 04 Oct 2024 17:16:11 GMT
last-modified: Fri, 06 Sep 2024 02:23:52 GMT
content-type: text/css
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.aviva.ca *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com *.pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' *.aviva.ca cdn.aviva.com *.adobedtm.com *.amazon.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com *.cookielaw.org ajax.aspnetcdn.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com fonts.googleapis.com; connect-src 'self' *.amazon.com cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.cookielaw.org *.linkedin.com *.reddit.com *.redditstatic.com *.onetrust.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.amazon *.aviva.ca *.pardot.com; frame-ancestors https://*.aviva.ca
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9304
x-xss-protection: 1; mode=block

GET
H2 200 modernizr-3.3.1.min.js Show response
www.aviva.ca/etc/designs/aviva-public/vendor/js/core/ 9 KB
5 KB 144ms
135ms Script
text/javascript 104.71.191.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aviva.ca/etc/designs/aviva-public/vendor/js/core/modernizr-3.3.1.min.js?v=2021.02.19

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/en/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.191.34 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-71-191-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

fd46dab6d4bbf6444c64c44318834c53d80fcd0547ed1f88a04576d41aa112ca

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .aviva.ca .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com .pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' .aviva.ca cdn.aviva.com .adobedtm.com .amazon.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com .cookielaw.org ajax.aspnetcdn.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com fonts.googleapis.com; connect-src 'self' .amazon.com cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .cookielaw.org .linkedin.com .reddit.com .redditstatic.com .onetrust.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .amazon .aviva.ca .pardot.com; frame-ancestors https://.aviva.ca
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/

Response headers

content-encoding: gzip
etag: "2468-6216a1926664c"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Fri, 04 Oct 2024 17:17:02 GMT
date: Fri, 04 Oct 2024 17:16:11 GMT
last-modified: Fri, 06 Sep 2024 02:23:52 GMT
content-type: text/javascript
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.aviva.ca *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com *.pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' *.aviva.ca cdn.aviva.com *.adobedtm.com *.amazon.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com *.cookielaw.org ajax.aspnetcdn.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com fonts.googleapis.com; connect-src 'self' *.amazon.com cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.cookielaw.org *.linkedin.com *.reddit.com *.redditstatic.com *.onetrust.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.amazon *.aviva.ca *.pardot.com; frame-ancestors https://*.aviva.ca
cache-control: max-age=51
accept-ranges: bytes
content-length: 3980
x-xss-protection: 1; mode=block

GET
H2 200 launch-76e68f2dde59.min.js Show response
assets.adobedtm.com/cb3f8d042d56/2daa76811d16/ 498 KB
120 KB 121ms
37ms Script
application/x-javascript 23.51.57.57
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/cb3f8d042d56/2daa76811d16/launch-76e68f2dde59.min.js
Requested by: Host: www.aviva.ca
URL: https://www.aviva.ca/en/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.57.57 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-57-57.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 1c391d65fdfecb14749faa25a105c5c05a3fe9832426a70ead84dd76e5bf349f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

cache-control: max-age=3600
timing-allow-origin: *
content-encoding: gzip
etag: "ae07fbf4805008ae3375edd9607342b0:1727805706.156753"
expires: Fri, 04 Oct 2024 18:16:11 GMT
accept-ranges: bytes
access-control-allow-origin: https://www.aviva.ca
content-length: 122261
date: Fri, 04 Oct 2024 17:16:11 GMT
content-type: application/x-javascript
last-modified: Tue, 01 Oct 2024 18:01:46 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

GET
H2 200 73b3b4bf Show response
www.aviva.ca/akam/13/ 26 KB
9 KB 55ms
47ms Script
application/javascript 104.71.191.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aviva.ca/akam/13/73b3b4bf

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/en/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.191.34 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-71-191-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

3a1546a5731cdd2b460d8adbc09e84951ff88eee2a59699837c61f6fc068e9a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=21600
content-encoding: gzip
etag: "f13893b8d4a3a55f8099b5f6a8a988e39116df3e2fdbf057f4c6a14d01a96045"
content-length: 8769
date: Fri, 04 Oct 2024 17:16:11 GMT
stored-attribute-sha-checksum: 3a1546a5731cdd2b460d8adbc09e84951ff88eee2a59699837c61f6fc068e9a3
last-modified: Thu, 22 Feb 2024 19:48:52 GMT
content-type: application/javascript
vary: Accept-Encoding

GET
H2 200 aviva-logo.svg
cdn.aviva.com/static/core/v.3.3.0/images/logo/ 7 KB
2 KB 348ms
196ms Image
image/svg+xml 23.204.18.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/images/logo/aviva-logo.svg

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/en/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.204.18.149 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-204-18-149.deploy.static.akamaitechnologies.com

Software

Resource Hash

4c619c1235dc58e0c64cf814dd6d74fd4b12e36eb6a1a0055b3c8b834af66b68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
content-encoding: gzip
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Sun, 03 Nov 2024 17:16:11 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1648
date: Fri, 04 Oct 2024 17:16:11 GMT
content-type: image/svg+xml
last-modified: Mon, 24 May 2021 15:46:45 GMT
vary: Accept-Encoding

GET
H2 200 hero-img--mother-daughter-rubbing-noses-in-kitchen-at-home.$public_hero_desktop$.png
www.aviva.ca/content/dam/aviva-public/ca/hero/ 98 KB
99 KB 172ms
168ms Image
image/png 104.71.191.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aviva.ca/content/dam/aviva-public/ca/hero/hero-img--mother-daughter-rubbing-noses-in-kitchen-at-home.$public_hero_desktop$.png?$public_hero_desktop$

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/en/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.191.34 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-71-191-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

c8a8a58557568a399a594cfe2def4486d7fd6fabe9ca0d699e63b2628dd09dce

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .five9.com .amazon-adsystem.com .facebook.com .pinterest.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com; script-src 'self' 'unsafe-inline' cdn.aviva.com .adobedtm.com .pinimg.com .amazon-adsystem.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .redditstatic.com .teads.tv .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com; connect-src 'self' cdn.aviva.com .amazon-adsystem.com .mktoresp.com .google.com .google-analytics.com .pinterest.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .teads.tv .redditstatic.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.five9.com *.amazon-adsystem.com *.facebook.com *.pinterest.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com; script-src 'self' 'unsafe-inline' cdn.aviva.com *.adobedtm.com *.pinimg.com *.amazon-adsystem.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.redditstatic.com *.teads.tv *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com; connect-src 'self' cdn.aviva.com *.amazon-adsystem.com *.mktoresp.com *.google.com *.google-analytics.com *.pinterest.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.teads.tv *.redditstatic.com
cache-control: max-age=31536000
etag: "186df-6093111ee2928"
x-content-type-options: nosniff
expires: Sat, 04 Oct 2025 17:16:11 GMT
accept-ranges: bytes
content-length: 100063
x-xss-protection: 1; mode=block
date: Fri, 04 Oct 2024 17:16:11 GMT
last-modified: Thu, 02 Nov 2023 20:16:59 GMT
content-type: image/png
x-edgeconnect-midmile-rtt: 0, 0, 5, 5, 0, 0, 1, 7
x-edgeconnect-origin-mex-latency: 390, 60, 27, 12, 82, 73, 14, 13
x-frame-options: SAMEORIGIN

GET
H2 200 badge-aviva-blue-5339_300-300.svg
www.aviva.ca/content/dam/aviva-public/icons/ 2 KB
3 KB 150ms
150ms Image
image/svg+xml 104.71.191.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aviva.ca/content/dam/aviva-public/icons/badge-aviva-blue-5339_300-300.svg

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/en/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.191.34 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-71-191-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

9650b89821b6c7a9ea4c3452538f8cbe60d296cd4a4c5b2a94f92551cba7c701

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com; script-src 'self' 'unsafe-inline' cdn.aviva.com .adobedtm.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com; connect-src 'self' cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com *.oribi.io
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/

Response headers

content-encoding: gzip
etag: "780-5ec04afbb6ae4"
x-content-type-options: nosniff
expires: Sat, 04 Oct 2025 17:16:11 GMT
date: Fri, 04 Oct 2024 17:16:11 GMT
last-modified: Thu, 27 Oct 2022 14:09:15 GMT
vary: Accept-Encoding
content-type: image/svg+xml
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com; script-src 'self' 'unsafe-inline' cdn.aviva.com *.adobedtm.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com; connect-src 'self' cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 786
x-xss-protection: 1; mode=block
x-edgeconnect-midmile-rtt: 0, 0, 0, 0, 0, 0, 0, 0, 4, 1, 1, 0, 0, 2, 0, 16, 0, 0, 0, 5, 0, 0, 0, 5, 0, 0
x-edgeconnect-origin-mex-latency: 13, 12, 61, 45, 36, 59, 13, 14, 12, 39, 59, 13, 13, 13, 12, 28, 38, 12, 64, 37, 13, 12, 12, 39, 12, 1117

GET
H2 200 badge-aviva-blue-5339_300-300.svg.png
www.aviva.ca/content/dam/aviva-public/icons/ 3 KB
4 KB 137ms
135ms Image
image/png 104.71.191.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aviva.ca/content/dam/aviva-public/icons/badge-aviva-blue-5339_300-300.svg.png

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/en/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.191.34 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-71-191-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

1cd46dc2620ac43849ad52ce62860260143b63aa8500e84840e2c1e739e490e0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .five9.com .amazon-adsystem.com .facebook.com .pinterest.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com; script-src 'self' 'unsafe-inline' cdn.aviva.com .adobedtm.com .pinimg.com .amazon-adsystem.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .redditstatic.com .teads.tv .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com; connect-src 'self' cdn.aviva.com .amazon-adsystem.com .mktoresp.com .google.com .google-analytics.com .pinterest.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .teads.tv .redditstatic.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.five9.com *.amazon-adsystem.com *.facebook.com *.pinterest.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com; script-src 'self' 'unsafe-inline' cdn.aviva.com *.adobedtm.com *.pinimg.com *.amazon-adsystem.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.redditstatic.com *.teads.tv *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com; connect-src 'self' cdn.aviva.com *.amazon-adsystem.com *.mktoresp.com *.google.com *.google-analytics.com *.pinterest.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.teads.tv *.redditstatic.com
cache-control: max-age=31536000
etag: "d15-5ec04b4e32866"
x-content-type-options: nosniff
expires: Sat, 04 Oct 2025 17:16:11 GMT
accept-ranges: bytes
content-length: 3349
x-xss-protection: 1; mode=block
date: Fri, 04 Oct 2024 17:16:11 GMT
last-modified: Thu, 27 Oct 2022 14:10:42 GMT
content-type: image/png
x-edgeconnect-midmile-rtt: 0, 1, 6, 2
x-edgeconnect-origin-mex-latency: 12, 56, 12, 80
x-frame-options: SAMEORIGIN

GET
H2 200 first-time-driver.$public_editorial_card$.jpg
www.aviva.ca/content/dam/aviva-public/ca/ 33 KB
35 KB 154ms
154ms Image
image/jpeg 104.71.191.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aviva.ca/content/dam/aviva-public/ca/first-time-driver.$public_editorial_card$.jpg?$public_editorial_card$

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/en/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.191.34 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-71-191-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

decae05b3edb835dba799defc265cc3bfb0dfc42a1d2f437f3503723accaafa4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com; script-src 'self' 'unsafe-inline' cdn.aviva.com .adobedtm.com .amazon.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com; connect-src 'self' cdn.aviva.com .amazon.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com; script-src 'self' 'unsafe-inline' cdn.aviva.com *.adobedtm.com *.amazon.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com; connect-src 'self' cdn.aviva.com *.amazon.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io
cache-control: max-age=31536000
etag: "851a-5cc14eceb31d7"
x-content-type-options: nosniff
expires: Sat, 04 Oct 2025 17:16:11 GMT
accept-ranges: bytes
content-length: 34074
x-xss-protection: 1; mode=block
date: Fri, 04 Oct 2024 17:16:11 GMT
last-modified: Thu, 16 Sep 2021 04:05:29 GMT
content-type: image/jpeg
x-edgeconnect-midmile-rtt: 0, 0, 0, 0, 33, 0, 1, 0, 20, 0, 1, 0, 3, 0, 0, 2, 0, 0, 6, 1, 4, 1
x-edgeconnect-origin-mex-latency: 143, 43, 12, 60, 9, 65, 38, 16, 5, 61, 13, 17, 13, 12, 108, 38, 12, 38, 68, 45, 12, 13
x-frame-options: SAMEORIGIN

GET
H2 200 we-just-had-a-baby-and-bought-a-house.$public_editorial_card$.jpg
www.aviva.ca/content/dam/aviva-public/ca/ 25 KB
26 KB 144ms
136ms Image
image/jpeg 104.71.191.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aviva.ca/content/dam/aviva-public/ca/we-just-had-a-baby-and-bought-a-house.$public_editorial_card$.jpg?$public_editorial_card$

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/en/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.191.34 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-71-191-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

a8c57c526a584374a29c56537582dc9a33df32c0cd7b059a0f9f992b1df42a9c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .five9.com .amazon-adsystem.com .facebook.com .pinterest.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com; script-src 'self' 'unsafe-inline' cdn.aviva.com .adobedtm.com .pinimg.com .amazon-adsystem.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .redditstatic.com .teads.tv .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com; connect-src 'self' cdn.aviva.com .amazon-adsystem.com .mktoresp.com .google.com .google-analytics.com .pinterest.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .teads.tv .redditstatic.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.five9.com *.amazon-adsystem.com *.facebook.com *.pinterest.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com; script-src 'self' 'unsafe-inline' cdn.aviva.com *.adobedtm.com *.pinimg.com *.amazon-adsystem.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.redditstatic.com *.teads.tv *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com; connect-src 'self' cdn.aviva.com *.amazon-adsystem.com *.mktoresp.com *.google.com *.google-analytics.com *.pinterest.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.teads.tv *.redditstatic.com
cache-control: max-age=31536000
etag: "656d-5cc14e67e3346"
x-content-type-options: nosniff
expires: Sat, 04 Oct 2025 17:16:11 GMT
accept-ranges: bytes
content-length: 25965
x-xss-protection: 1; mode=block
date: Fri, 04 Oct 2024 17:16:11 GMT
last-modified: Thu, 16 Sep 2021 04:03:41 GMT
content-type: image/jpeg
x-edgeconnect-midmile-rtt: 0
x-edgeconnect-origin-mex-latency: 56
x-frame-options: SAMEORIGIN

GET
H2 200 blog-img--couple-pondering-new-design-ideas.$public_editorial_card$.jpg
www.aviva.ca/content/dam/aviva-public/ca/blog-images/ 31 KB
32 KB 246ms
239ms Image
image/jpeg 104.71.191.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aviva.ca/content/dam/aviva-public/ca/blog-images/blog-img--couple-pondering-new-design-ideas.$public_editorial_card$.jpg?$public_editorial_card$

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/en/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.191.34 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-71-191-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

3a78896d17338e4114c6e2348071a23c239bf1b50c41948c269f078450a3db32

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .five9.com .amazon-adsystem.com .facebook.com .pinterest.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com; script-src 'self' 'unsafe-inline' cdn.aviva.com .adobedtm.com .pinimg.com .amazon-adsystem.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .redditstatic.com .teads.tv .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com; connect-src 'self' cdn.aviva.com .amazon-adsystem.com .mktoresp.com .google.com .google-analytics.com .pinterest.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .teads.tv .redditstatic.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.five9.com *.amazon-adsystem.com *.facebook.com *.pinterest.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com; script-src 'self' 'unsafe-inline' cdn.aviva.com *.adobedtm.com *.pinimg.com *.amazon-adsystem.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.redditstatic.com *.teads.tv *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com; connect-src 'self' cdn.aviva.com *.amazon-adsystem.com *.mktoresp.com *.google.com *.google-analytics.com *.pinterest.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.teads.tv *.redditstatic.com
cache-control: max-age=31536000
etag: W/"7b5d-60905a3b17c47"
x-content-type-options: nosniff
expires: Sat, 04 Oct 2025 17:16:11 GMT
accept-ranges: bytes
content-length: 31581
x-xss-protection: 1; mode=block
date: Fri, 04 Oct 2024 17:16:11 GMT
last-modified: Tue, 31 Oct 2023 16:28:06 GMT
content-type: image/jpeg
x-edgeconnect-midmile-rtt: 3, 5, 0
x-edgeconnect-origin-mex-latency: 12, 405, 12
x-frame-options: SAMEORIGIN

GET
H2 200 promo-card--man-planting-tree.png
www.aviva.ca/content/dam/aviva-public/ca/images/ 275 KB
276 KB 182ms
175ms Image
image/png 104.71.191.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aviva.ca/content/dam/aviva-public/ca/images/promo-card--man-planting-tree.png

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/en/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.191.34 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-71-191-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

3741d10b48aff5d2f9952c700fc316b8eddaf95c4eabde0bfc536aef40119c00

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .five9.com .amazon-adsystem.com .facebook.com .pinterest.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com; script-src 'self' 'unsafe-inline' cdn.aviva.com .adobedtm.com .pinimg.com .amazon-adsystem.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .redditstatic.com .teads.tv .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com; connect-src 'self' cdn.aviva.com .amazon-adsystem.com .mktoresp.com .google.com .google-analytics.com .pinterest.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .teads.tv .redditstatic.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.five9.com *.amazon-adsystem.com *.facebook.com *.pinterest.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com; script-src 'self' 'unsafe-inline' cdn.aviva.com *.adobedtm.com *.pinimg.com *.amazon-adsystem.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.redditstatic.com *.teads.tv *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com; connect-src 'self' cdn.aviva.com *.amazon-adsystem.com *.mktoresp.com *.google.com *.google-analytics.com *.pinterest.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.teads.tv *.redditstatic.com
cache-control: max-age=31536000
etag: W/"44a80-60643a55b9e22"
x-content-type-options: nosniff
expires: Sat, 04 Oct 2025 17:16:11 GMT
accept-ranges: bytes
content-length: 281216
x-xss-protection: 1; mode=block
date: Fri, 04 Oct 2024 17:16:11 GMT
last-modified: Tue, 26 Sep 2023 14:11:07 GMT
content-type: image/png
x-edgeconnect-midmile-rtt: 2, 0, 0, 1, 0, 0, 0, 10
x-edgeconnect-origin-mex-latency: 89, 12, 15, 13, 13, 13, 13, 44
x-frame-options: SAMEORIGIN

GET
H2 200 hero-img--father-daughter-looking-at-laptop.$public_editorial_card$.jpg
www.aviva.ca/content/dam/aviva-public/ca/aviva-cyber-insurance/ 34 KB
35 KB 247ms
240ms Image
image/jpeg 104.71.191.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aviva.ca/content/dam/aviva-public/ca/aviva-cyber-insurance/hero-img--father-daughter-looking-at-laptop.$public_editorial_card$.jpg?$public_editorial_card$

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/en/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.191.34 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-71-191-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

dba85183713cafca1e05da343b405f84f52c21f5fc58efc2c3b346feb12682fa

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .five9.com .amazon-adsystem.com .facebook.com .pinterest.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com; script-src 'self' 'unsafe-inline' cdn.aviva.com .adobedtm.com .pinimg.com .amazon-adsystem.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .redditstatic.com .teads.tv .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com; connect-src 'self' cdn.aviva.com .amazon-adsystem.com .mktoresp.com .google.com .google-analytics.com .pinterest.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .teads.tv .redditstatic.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.five9.com *.amazon-adsystem.com *.facebook.com *.pinterest.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com; script-src 'self' 'unsafe-inline' cdn.aviva.com *.adobedtm.com *.pinimg.com *.amazon-adsystem.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.redditstatic.com *.teads.tv *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com; connect-src 'self' cdn.aviva.com *.amazon-adsystem.com *.mktoresp.com *.google.com *.google-analytics.com *.pinterest.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.teads.tv *.redditstatic.com
cache-control: max-age=31536000
etag: "87c8-602e1e9c77279"
x-content-type-options: nosniff
expires: Sat, 04 Oct 2025 17:16:11 GMT
accept-ranges: bytes
content-length: 34760
x-xss-protection: 1; mode=block
date: Fri, 04 Oct 2024 17:16:11 GMT
last-modified: Mon, 14 Aug 2023 13:19:33 GMT
content-type: image/jpeg
x-edgeconnect-midmile-rtt: 5, 0
x-edgeconnect-origin-mex-latency: 564, 37
x-frame-options: SAMEORIGIN

GET
H2 200 aviva-electric-pump-hero.$public_editorial_card$.jpg
www.aviva.ca/content/dam/aviva-public/ca/sustainability/ 21 KB
22 KB 258ms
250ms Image
image/jpeg 104.71.191.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aviva.ca/content/dam/aviva-public/ca/sustainability/aviva-electric-pump-hero.$public_editorial_card$.jpg?$public_editorial_card$

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/en/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.191.34 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-71-191-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

648ca8b81c201e7e44a0c36d5486e38de7a1c302cd52ff7b2259b91260a89e7d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .five9.com .amazon-adsystem.com .facebook.com .pinterest.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com; script-src 'self' 'unsafe-inline' cdn.aviva.com .adobedtm.com .pinimg.com .amazon-adsystem.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .redditstatic.com .teads.tv .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com; connect-src 'self' cdn.aviva.com .amazon-adsystem.com .mktoresp.com .google.com .google-analytics.com .pinterest.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .teads.tv .redditstatic.com; frame-ancestors https://*.aviva.ca
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.five9.com *.amazon-adsystem.com *.facebook.com *.pinterest.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com; script-src 'self' 'unsafe-inline' cdn.aviva.com *.adobedtm.com *.pinimg.com *.amazon-adsystem.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.redditstatic.com *.teads.tv *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com; connect-src 'self' cdn.aviva.com *.amazon-adsystem.com *.mktoresp.com *.google.com *.google-analytics.com *.pinterest.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.teads.tv *.redditstatic.com; frame-ancestors https://*.aviva.ca
cache-control: max-age=31536000
etag: "5267-6165080cbdac3"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Sat, 04 Oct 2025 17:16:11 GMT
accept-ranges: bytes
content-length: 21095
x-xss-protection: 1; mode=block
date: Fri, 04 Oct 2024 17:16:11 GMT
last-modified: Wed, 17 Apr 2024 20:14:34 GMT
content-type: image/jpeg
x-frame-options: SAMEORIGIN

GET
H2 200 editorial-card--mobile-phone-in-hand.$public_editorial_card$.jpg
www.aviva.ca/content/dam/aviva-public/ca/images/ 23 KB
25 KB 266ms
259ms Image
image/jpeg 104.71.191.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aviva.ca/content/dam/aviva-public/ca/images/editorial-card--mobile-phone-in-hand.$public_editorial_card$.jpg?$public_editorial_card$

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/en/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.191.34 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-71-191-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

eecb48d646eb8af6de55b1e800ae165bb3cf7c1360f269be79e4370e520e7e80

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com; script-src 'self' 'unsafe-inline' cdn.aviva.com .adobedtm.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com; connect-src 'self' cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com; script-src 'self' 'unsafe-inline' cdn.aviva.com *.adobedtm.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com; connect-src 'self' cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io
cache-control: max-age=31536000
etag: "5be8-5fb7ffe8c6310"
x-content-type-options: nosniff
expires: Sat, 04 Oct 2025 17:16:11 GMT
accept-ranges: bytes
content-length: 23528
x-xss-protection: 1; mode=block
date: Fri, 04 Oct 2024 17:16:11 GMT
last-modified: Fri, 12 May 2023 14:33:53 GMT
content-type: image/jpeg
x-edgeconnect-midmile-rtt: 2, 1, 1, 2, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 4, 0, 0, 0, 0, 1
x-edgeconnect-origin-mex-latency: 26, 963, 65, 42, 13, 13, 13, 12, 55, 47, 12, 27, 13, 36, 55, 17, 12, 40, 57, 66, 42
x-frame-options: SAMEORIGIN

GET
H2 200 accessibility-windmills.$public_editorial_card$.jpg
www.aviva.ca/content/dam/aviva-public/ca/images/ 45 KB
45 KB 265ms
258ms Image
image/jpeg 104.71.191.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aviva.ca/content/dam/aviva-public/ca/images/accessibility-windmills.$public_editorial_card$.jpg?$public_editorial_card$

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/en/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.191.34 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-71-191-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

01a89789467b928bd0e2536da76229fd488c76d81a514feb5dbac2e85761f584

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=31536000
etag: W/"b29f-5cc14e67fdcb7"
expires: Sat, 04 Oct 2025 17:16:11 GMT
accept-ranges: bytes
content-length: 45727
x-xss-protection: 1; mode=block
date: Fri, 04 Oct 2024 17:16:11 GMT
last-modified: Thu, 16 Sep 2021 04:03:42 GMT
content-type: image/jpeg
x-edgeconnect-midmile-rtt: 0, 0, 1, 0, 0, 0, 4, 6
x-edgeconnect-origin-mex-latency: 6, 18, 34, 15, 2, 6, 2, 4
x-frame-options: SAMEORIGIN

GET
H2 200 hero--abstract-blue-wires.$public_editorial_card$.jpg
www.aviva.ca/content/dam/aviva-public/ca/business/ 25 KB
27 KB 275ms
268ms Image
image/jpeg 104.71.191.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aviva.ca/content/dam/aviva-public/ca/business/hero--abstract-blue-wires.$public_editorial_card$.jpg?$public_editorial_card$

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/en/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.191.34 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-71-191-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

c9650903bb6b48ef93262a7aa56d230bb4511f01e9c31caa4560a6e0637c9923

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .five9.com .amazon-adsystem.com .facebook.com .pinterest.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com; script-src 'self' 'unsafe-inline' cdn.aviva.com .adobedtm.com .pinimg.com .amazon-adsystem.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com; connect-src 'self' cdn.aviva.com .amazon-adsystem.com .mktoresp.com .google.com .google-analytics.com .pinterest.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.five9.com *.amazon-adsystem.com *.facebook.com *.pinterest.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com; script-src 'self' 'unsafe-inline' cdn.aviva.com *.adobedtm.com *.pinimg.com *.amazon-adsystem.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com; connect-src 'self' cdn.aviva.com *.amazon-adsystem.com *.mktoresp.com *.google.com *.google-analytics.com *.pinterest.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io
cache-control: max-age=31536000
etag: W/"6472-601daf8491647"
x-content-type-options: nosniff
expires: Sat, 04 Oct 2025 17:16:11 GMT
accept-ranges: bytes
content-length: 25714
x-xss-protection: 1; mode=block
date: Fri, 04 Oct 2024 17:16:11 GMT
last-modified: Tue, 01 Aug 2023 11:37:20 GMT
content-type: image/jpeg
x-edgeconnect-midmile-rtt: 0, 0, 0, 0, 0, 0, 2, 0, 5, 0, 0, 2, 0, 0
x-edgeconnect-origin-mex-latency: 40, 12, 15, 44, 12, 13, 37, 93, 111, 19, 36, 12, 65, 80
x-frame-options: SAMEORIGIN

GET
H2 200 2020-make-a-claim-your-way.$public_editorial_card$.jpg
www.aviva.ca/content/dam/aviva-public/ca/images/ 23 KB
24 KB 276ms
270ms Image
image/jpeg 104.71.191.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aviva.ca/content/dam/aviva-public/ca/images/2020-make-a-claim-your-way.$public_editorial_card$.jpg?$public_editorial_card$

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/en/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.191.34 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-71-191-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

9ad078da3ac6ece36654fd56050d7d701490052bf9e11adf17b779660db55792

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=31536000
etag: "5ce1-5cc14e67ed758"
expires: Sat, 04 Oct 2025 17:16:11 GMT
accept-ranges: bytes
content-length: 23777
x-xss-protection: 1; mode=block
date: Fri, 04 Oct 2024 17:16:11 GMT
last-modified: Thu, 16 Sep 2021 04:03:42 GMT
content-type: image/jpeg
x-edgeconnect-midmile-rtt: 0, 3, 0, 0, 0, 0, 0, 1, 11, 46, 0
x-edgeconnect-origin-mex-latency: 46, 29, 2, 3, 20, 2, 2, 20, 39, 5, 6
x-frame-options: SAMEORIGIN

GET
H2 200 ibc-brokers-on-construction-2024.$public_editorial_card$.png
www.aviva.ca/content/dam/aviva-public/ca/images/ 19 KB
20 KB 276ms
270ms Image
image/png 104.71.191.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aviva.ca/content/dam/aviva-public/ca/images/ibc-brokers-on-construction-2024.$public_editorial_card$.png?$public_editorial_card$

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/en/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.191.34 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-71-191-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

23eed986f183d55a4e24fbe63be70d4a4bea62cc730f2026e09529b43c574bf6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .aviva.ca .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com .pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' .aviva.ca cdn.aviva.com .adobedtm.com .amazon.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com .cookielaw.org ajax.aspnetcdn.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com fonts.googleapis.com; connect-src 'self' .amazon.com cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .cookielaw.org .linkedin.com .reddit.com .redditstatic.com .onetrust.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .amazon .aviva.ca .pardot.com; frame-ancestors https://.aviva.ca
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.aviva.ca *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com *.pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' *.aviva.ca cdn.aviva.com *.adobedtm.com *.amazon.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com *.cookielaw.org ajax.aspnetcdn.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com fonts.googleapis.com; connect-src 'self' *.amazon.com cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.cookielaw.org *.linkedin.com *.reddit.com *.redditstatic.com *.onetrust.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.amazon *.aviva.ca *.pardot.com; frame-ancestors https://*.aviva.ca
cache-control: max-age=31536000
etag: W/"4a61-6214dc26ce646"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Sat, 04 Oct 2025 17:16:11 GMT
accept-ranges: bytes
content-length: 19041
x-xss-protection: 1; mode=block
date: Fri, 04 Oct 2024 17:16:11 GMT
last-modified: Wed, 04 Sep 2024 16:35:18 GMT
content-type: image/png
x-frame-options: SAMEORIGIN

GET
H2 200 logo--en-chhr-readers-choice-2024.$public_editorial_card$.jpg
www.aviva.ca/content/dam/aviva-public/ca/images/ 14 KB
15 KB 278ms
273ms Image
image/jpeg 104.71.191.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aviva.ca/content/dam/aviva-public/ca/images/logo--en-chhr-readers-choice-2024.$public_editorial_card$.jpg?$public_editorial_card$

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/en/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.191.34 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-71-191-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

e44d0910d95cde11106b25817dec034b2f659dfc68aa67ba1539cc7c0fcd63b6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .five9.com .amazon-adsystem.com .facebook.com .pinterest.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com; script-src 'self' 'unsafe-inline' cdn.aviva.com .adobedtm.com .pinimg.com .amazon-adsystem.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .redditstatic.com .teads.tv .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com .cookielaw.org ajax.aspnetcdn.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com fonts.googleapis.com; connect-src 'self' .amazon.com cdn.aviva.com .amazon-adsystem.com .mktoresp.com .google.com .google-analytics.com .pinterest.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .teads.tv .redditstatic.com .cookielaw.org .onetrust.com .linkedin.com .reddit.com; frame-ancestors https://*.aviva.ca
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/

Response headers

etag: "3812-61bd5963994ba"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Sat, 04 Oct 2025 17:16:11 GMT
date: Fri, 04 Oct 2024 17:16:11 GMT
last-modified: Thu, 27 Jun 2024 02:07:02 GMT
content-type: image/jpeg
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.five9.com *.amazon-adsystem.com *.facebook.com *.pinterest.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com; script-src 'self' 'unsafe-inline' cdn.aviva.com *.adobedtm.com *.pinimg.com *.amazon-adsystem.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.redditstatic.com *.teads.tv *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com *.cookielaw.org ajax.aspnetcdn.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com fonts.googleapis.com; connect-src 'self' *.amazon.com cdn.aviva.com *.amazon-adsystem.com *.mktoresp.com *.google.com *.google-analytics.com *.pinterest.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.teads.tv *.redditstatic.com *.cookielaw.org *.onetrust.com *.linkedin.com *.reddit.com; frame-ancestors https://*.aviva.ca
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 14354
x-xss-protection: 1; mode=block
x-edgeconnect-midmile-rtt: 11
x-edgeconnect-origin-mex-latency: 2

GET
H2 200 logo--en-ibc5star-2024.$public_editorial_card$.jpg
www.aviva.ca/content/dam/aviva-public/ca/images/ 19 KB
20 KB 277ms
271ms Image
image/jpeg 104.71.191.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aviva.ca/content/dam/aviva-public/ca/images/logo--en-ibc5star-2024.$public_editorial_card$.jpg?$public_editorial_card$

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/en/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.191.34 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-71-191-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

9466a63733c35153b880caedd223d70e6618d0f08dd7cc7c7b07242d0fb393b3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .five9.com .amazon-adsystem.com .facebook.com .pinterest.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com; script-src 'self' 'unsafe-inline' cdn.aviva.com .adobedtm.com .pinimg.com .amazon-adsystem.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .redditstatic.com .teads.tv .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com; connect-src 'self' cdn.aviva.com .amazon-adsystem.com .mktoresp.com .google.com .google-analytics.com .pinterest.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .teads.tv .redditstatic.com; frame-ancestors https://*.aviva.ca
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.five9.com *.amazon-adsystem.com *.facebook.com *.pinterest.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com; script-src 'self' 'unsafe-inline' cdn.aviva.com *.adobedtm.com *.pinimg.com *.amazon-adsystem.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.redditstatic.com *.teads.tv *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com; connect-src 'self' cdn.aviva.com *.amazon-adsystem.com *.mktoresp.com *.google.com *.google-analytics.com *.pinterest.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.teads.tv *.redditstatic.com; frame-ancestors https://*.aviva.ca
cache-control: max-age=31536000
etag: "4ba4-6175221c7b2cb"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Sat, 04 Oct 2025 17:16:11 GMT
accept-ranges: bytes
content-length: 19364
x-xss-protection: 1; mode=block
date: Fri, 04 Oct 2024 17:16:11 GMT
last-modified: Tue, 30 Apr 2024 15:36:21 GMT
content-type: image/jpeg
x-frame-options: SAMEORIGIN

GET
H2 200 logo--en-great-place-to-work-2023-2024.$public_editorial_card$.jpg
www.aviva.ca/content/dam/aviva-public/ca/images/ 12 KB
14 KB 288ms
282ms Image
image/jpeg 104.71.191.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aviva.ca/content/dam/aviva-public/ca/images/logo--en-great-place-to-work-2023-2024.$public_editorial_card$.jpg?$public_editorial_card$

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/en/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.191.34 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-71-191-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

c16f44b4e48e7eac88bc75525868a8c0d3ebb2fa4ecf7fd6fe1875423ee491ee

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .five9.com .amazon-adsystem.com .facebook.com .pinterest.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com; script-src 'self' 'unsafe-inline' cdn.aviva.com .adobedtm.com .pinimg.com .amazon-adsystem.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .redditstatic.com .teads.tv .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com; connect-src 'self' cdn.aviva.com .amazon-adsystem.com .mktoresp.com .google.com .google-analytics.com .pinterest.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .teads.tv .redditstatic.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.five9.com *.amazon-adsystem.com *.facebook.com *.pinterest.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com; script-src 'self' 'unsafe-inline' cdn.aviva.com *.adobedtm.com *.pinimg.com *.amazon-adsystem.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.redditstatic.com *.teads.tv *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com; connect-src 'self' cdn.aviva.com *.amazon-adsystem.com *.mktoresp.com *.google.com *.google-analytics.com *.pinterest.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.teads.tv *.redditstatic.com
cache-control: max-age=31536000
etag: "31ab-610dfc4a2a2c2"
x-content-type-options: nosniff
expires: Sat, 04 Oct 2025 17:16:11 GMT
accept-ranges: bytes
content-length: 12715
x-xss-protection: 1; mode=block
date: Fri, 04 Oct 2024 17:16:11 GMT
last-modified: Thu, 08 Feb 2024 14:38:43 GMT
content-type: image/jpeg
x-edgeconnect-midmile-rtt: 1, 1, 2, 0
x-edgeconnect-origin-mex-latency: 12, 37, 1120, 12
x-frame-options: SAMEORIGIN

GET
H2 200 logo--en-greater-toronto-top-employer-2024.$public_editorial_card$.jpg
www.aviva.ca/content/dam/aviva-public/ca/images/ 21 KB
22 KB 290ms
285ms Image
image/jpeg 104.71.191.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aviva.ca/content/dam/aviva-public/ca/images/logo--en-greater-toronto-top-employer-2024.$public_editorial_card$.jpg?$public_editorial_card$

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/en/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.191.34 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-71-191-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

2cbcfff7575e57f9499fb6faeb7815119e67fa70471c11f95239dc4533d05990

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .five9.com .amazon-adsystem.com .facebook.com .pinterest.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com; script-src 'self' 'unsafe-inline' cdn.aviva.com .adobedtm.com .pinimg.com .amazon-adsystem.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .redditstatic.com .teads.tv .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com; connect-src 'self' cdn.aviva.com .amazon-adsystem.com .mktoresp.com .google.com .google-analytics.com .pinterest.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .teads.tv .redditstatic.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.five9.com *.amazon-adsystem.com *.facebook.com *.pinterest.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com; script-src 'self' 'unsafe-inline' cdn.aviva.com *.adobedtm.com *.pinimg.com *.amazon-adsystem.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.redditstatic.com *.teads.tv *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com; connect-src 'self' cdn.aviva.com *.amazon-adsystem.com *.mktoresp.com *.google.com *.google-analytics.com *.pinterest.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.teads.tv *.redditstatic.com
cache-control: max-age=31536000
etag: "536f-610dfd84c7e15"
x-content-type-options: nosniff
expires: Sat, 04 Oct 2025 17:16:11 GMT
accept-ranges: bytes
content-length: 21359
x-xss-protection: 1; mode=block
date: Fri, 04 Oct 2024 17:16:11 GMT
last-modified: Thu, 08 Feb 2024 14:44:12 GMT
content-type: image/jpeg
x-edgeconnect-midmile-rtt: 1, 12
x-edgeconnect-origin-mex-latency: 3929, 36
x-frame-options: SAMEORIGIN

GET
H2 200 logo--en-ib5star-winner.$public_editorial_card$.jpg
www.aviva.ca/content/dam/aviva-public/ca/images/ 19 KB
20 KB 290ms
284ms Image
image/jpeg 104.71.191.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aviva.ca/content/dam/aviva-public/ca/images/logo--en-ib5star-winner.$public_editorial_card$.jpg?$public_editorial_card$

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/en/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.191.34 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-71-191-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

7399be3e6ca1c0ee8fbf3b5dee055886b37297511288b4da5ce49f74439c259e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .five9.com .amazon-adsystem.com .facebook.com .pinterest.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com; script-src 'self' 'unsafe-inline' cdn.aviva.com .adobedtm.com .pinimg.com .amazon-adsystem.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .redditstatic.com .teads.tv .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com; connect-src 'self' cdn.aviva.com .amazon-adsystem.com .mktoresp.com .google.com .google-analytics.com .pinterest.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .teads.tv .redditstatic.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.five9.com *.amazon-adsystem.com *.facebook.com *.pinterest.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com; script-src 'self' 'unsafe-inline' cdn.aviva.com *.adobedtm.com *.pinimg.com *.amazon-adsystem.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.redditstatic.com *.teads.tv *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com; connect-src 'self' cdn.aviva.com *.amazon-adsystem.com *.mktoresp.com *.google.com *.google-analytics.com *.pinterest.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.teads.tv *.redditstatic.com
cache-control: max-age=31536000
etag: "4d60-610dfc4a2b8c5"
x-content-type-options: nosniff
expires: Sat, 04 Oct 2025 17:16:11 GMT
accept-ranges: bytes
content-length: 19808
x-xss-protection: 1; mode=block
date: Fri, 04 Oct 2024 17:16:11 GMT
last-modified: Thu, 08 Feb 2024 14:38:43 GMT
content-type: image/jpeg
x-edgeconnect-midmile-rtt: 11, 9, 4
x-edgeconnect-origin-mex-latency: 12, 19, 64
x-frame-options: SAMEORIGIN

GET
H2 200 logo--en-toronto-star-readers-choice-gold-2023.$public_editorial_card$.jpg
www.aviva.ca/content/dam/aviva-public/ca/images/ 16 KB
17 KB 291ms
286ms Image
image/jpeg 104.71.191.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aviva.ca/content/dam/aviva-public/ca/images/logo--en-toronto-star-readers-choice-gold-2023.$public_editorial_card$.jpg?$public_editorial_card$

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/en/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.191.34 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-71-191-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

6042ebaef015b82a9ba6b80770e6ad472e1e77330f368fb66bfe0a54ba5323bc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .five9.com .amazon-adsystem.com .facebook.com .pinterest.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com; script-src 'self' 'unsafe-inline' cdn.aviva.com .adobedtm.com .pinimg.com .amazon-adsystem.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .redditstatic.com .teads.tv .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com; connect-src 'self' cdn.aviva.com .amazon-adsystem.com .mktoresp.com .google.com .google-analytics.com .pinterest.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .teads.tv .redditstatic.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.five9.com *.amazon-adsystem.com *.facebook.com *.pinterest.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com; script-src 'self' 'unsafe-inline' cdn.aviva.com *.adobedtm.com *.pinimg.com *.amazon-adsystem.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.redditstatic.com *.teads.tv *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com; connect-src 'self' cdn.aviva.com *.amazon-adsystem.com *.mktoresp.com *.google.com *.google-analytics.com *.pinterest.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.teads.tv *.redditstatic.com
cache-control: max-age=31536000
etag: "3e59-610dfd84c84d1"
x-content-type-options: nosniff
expires: Sat, 04 Oct 2025 17:16:11 GMT
accept-ranges: bytes
content-length: 15961
x-xss-protection: 1; mode=block
date: Fri, 04 Oct 2024 17:16:11 GMT
last-modified: Thu, 08 Feb 2024 14:44:12 GMT
content-type: image/jpeg
x-edgeconnect-midmile-rtt: 2, 0, 10
x-edgeconnect-origin-mex-latency: 14, 37, 2354
x-frame-options: SAMEORIGIN

GET
H2 200 logo--dei-cdn-hr-reporter.$public_editorial_card$.jpg
www.aviva.ca/content/dam/aviva-public/ca/images/ 21 KB
23 KB 291ms
287ms Image
image/jpeg 104.71.191.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aviva.ca/content/dam/aviva-public/ca/images/logo--dei-cdn-hr-reporter.$public_editorial_card$.jpg?$public_editorial_card$

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/en/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.191.34 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-71-191-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

c1cadf0801d25d53570a09920f6b433c18affd4c2c6a15e29dd051bbb3ef29f9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .five9.com .amazon-adsystem.com .facebook.com .pinterest.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com; script-src 'self' 'unsafe-inline' cdn.aviva.com .adobedtm.com .pinimg.com .amazon-adsystem.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com; connect-src 'self' cdn.aviva.com .amazon-adsystem.com .mktoresp.com .google.com .google-analytics.com .pinterest.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.five9.com *.amazon-adsystem.com *.facebook.com *.pinterest.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com; script-src 'self' 'unsafe-inline' cdn.aviva.com *.adobedtm.com *.pinimg.com *.amazon-adsystem.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com; connect-src 'self' cdn.aviva.com *.amazon-adsystem.com *.mktoresp.com *.google.com *.google-analytics.com *.pinterest.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io
cache-control: max-age=31536000
etag: W/"5480-601db0199e54d"
x-content-type-options: nosniff
expires: Sat, 04 Oct 2025 17:16:11 GMT
accept-ranges: bytes
content-length: 21632
x-xss-protection: 1; mode=block
date: Fri, 04 Oct 2024 17:16:11 GMT
last-modified: Tue, 01 Aug 2023 11:39:56 GMT
content-type: image/jpeg
x-edgeconnect-midmile-rtt: 3, 0, 4, 0, 0, 0, 2, 0, 0, 0, 0, 0, 2, 0, 0, 13, 0
x-edgeconnect-origin-mex-latency: 132, 67, 60, 58, 17, 12, 18, 12, 64, 13, 13, 13, 64, 16, 95, 12, 2173
x-frame-options: SAMEORIGIN

GET
H2 200 logo--torstar-readers-choice-2022-diamond.$public_editorial_card$.jpg
www.aviva.ca/content/dam/aviva-public/ca/images/ 16 KB
17 KB 292ms
288ms Image
image/jpeg 104.71.191.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aviva.ca/content/dam/aviva-public/ca/images/logo--torstar-readers-choice-2022-diamond.$public_editorial_card$.jpg?$public_editorial_card$

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/en/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.191.34 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-71-191-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

93cbe3412c1e99bf20aab251e2968ab7f8b9691c787ebbe4e20fca766d33fd7b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .five9.com .amazon-adsystem.com .facebook.com .pinterest.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com; script-src 'self' 'unsafe-inline' cdn.aviva.com .adobedtm.com .pinimg.com .amazon-adsystem.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .redditstatic.com .teads.tv .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com; connect-src 'self' cdn.aviva.com .amazon-adsystem.com .mktoresp.com .google.com .google-analytics.com .pinterest.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .teads.tv .redditstatic.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.five9.com *.amazon-adsystem.com *.facebook.com *.pinterest.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com; script-src 'self' 'unsafe-inline' cdn.aviva.com *.adobedtm.com *.pinimg.com *.amazon-adsystem.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.redditstatic.com *.teads.tv *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com; connect-src 'self' cdn.aviva.com *.amazon-adsystem.com *.mktoresp.com *.google.com *.google-analytics.com *.pinterest.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.teads.tv *.redditstatic.com
cache-control: max-age=31536000
etag: "3fb9-5efcaad14ebdc"
x-content-type-options: nosniff
expires: Sat, 04 Oct 2025 17:16:11 GMT
accept-ranges: bytes
content-length: 16313
x-xss-protection: 1; mode=block
date: Fri, 04 Oct 2024 17:16:11 GMT
last-modified: Wed, 14 Dec 2022 14:37:29 GMT
content-type: image/jpeg
x-edgeconnect-midmile-rtt: 0, 0, 8, 2, 4, 6
x-edgeconnect-origin-mex-latency: 16, 70, 36, 16, 243, 2703
x-frame-options: SAMEORIGIN

GET
H2 200 logo--en-ibc-2022.$public_editorial_card$.jpg
www.aviva.ca/content/dam/aviva-public/ca/images/ 14 KB
15 KB 292ms
288ms Image
image/jpeg 104.71.191.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aviva.ca/content/dam/aviva-public/ca/images/logo--en-ibc-2022.$public_editorial_card$.jpg?$public_editorial_card$

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/en/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.191.34 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-71-191-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

39894f8e54d3df8d8232f2d7d4fc275c4393978ad2244f282676bd1a58db3335

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .five9.com .amazon-adsystem.com .facebook.com .pinterest.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com; script-src 'self' 'unsafe-inline' cdn.aviva.com .adobedtm.com .pinimg.com .amazon-adsystem.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .redditstatic.com .teads.tv .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com; connect-src 'self' cdn.aviva.com .amazon-adsystem.com .mktoresp.com .google.com .google-analytics.com .pinterest.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .teads.tv .redditstatic.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.five9.com *.amazon-adsystem.com *.facebook.com *.pinterest.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com; script-src 'self' 'unsafe-inline' cdn.aviva.com *.adobedtm.com *.pinimg.com *.amazon-adsystem.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.redditstatic.com *.teads.tv *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com; connect-src 'self' cdn.aviva.com *.amazon-adsystem.com *.mktoresp.com *.google.com *.google-analytics.com *.pinterest.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.teads.tv *.redditstatic.com
cache-control: max-age=31536000
etag: "36fe-5efcab067613b"
x-content-type-options: nosniff
expires: Sat, 04 Oct 2025 17:16:11 GMT
accept-ranges: bytes
content-length: 14078
x-xss-protection: 1; mode=block
date: Fri, 04 Oct 2024 17:16:11 GMT
last-modified: Wed, 14 Dec 2022 14:38:25 GMT
content-type: image/jpeg
x-edgeconnect-midmile-rtt: 1, 3, 1, 0
x-edgeconnect-origin-mex-latency: 24, 68, 57, 13
x-frame-options: SAMEORIGIN

GET
H2 200 logo--ibc-5star-carrier-2022.$public_editorial_card$.jpg
www.aviva.ca/content/dam/aviva-public/ca/images/ 18 KB
20 KB 293ms
289ms Image
image/jpeg 104.71.191.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aviva.ca/content/dam/aviva-public/ca/images/logo--ibc-5star-carrier-2022.$public_editorial_card$.jpg?$public_editorial_card$

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/en/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.191.34 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-71-191-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

26dd992510049150305ae7312fed5198335901029e2f16bd61bd54401d82e888

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com; script-src 'self' 'unsafe-inline' cdn.aviva.com .adobedtm.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com; connect-src 'self' cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com *.oribi.io
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com; script-src 'self' 'unsafe-inline' cdn.aviva.com *.adobedtm.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com; connect-src 'self' cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io
cache-control: max-age=31536000
etag: W/"480f-5efcab069b6eb"
x-content-type-options: nosniff
expires: Sat, 04 Oct 2025 17:16:11 GMT
accept-ranges: bytes
content-length: 18447
x-xss-protection: 1; mode=block
date: Fri, 04 Oct 2024 17:16:11 GMT
last-modified: Wed, 14 Dec 2022 14:38:25 GMT
content-type: image/jpeg
x-edgeconnect-midmile-rtt: 3, 4, 13, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 1, 0, 0, 1, 4
x-edgeconnect-origin-mex-latency: 62, 2, 24, 52, 37, 448, 58, 59, 51, 52, 80, 13, 13, 14, 289, 13, 2178, 2163
x-frame-options: SAMEORIGIN

GET
H2 200 logo--en-icta-finalist-2022.$public_editorial_card$.jpg
www.aviva.ca/content/dam/aviva-public/ca/images/ 14 KB
16 KB 294ms
290ms Image
image/jpeg 104.71.191.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aviva.ca/content/dam/aviva-public/ca/images/logo--en-icta-finalist-2022.$public_editorial_card$.jpg?$public_editorial_card$

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/en/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.191.34 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-71-191-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

81b4604009269afc426e2098977e9f9d81e211b9356a574a0c1668138c4c0b87

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com; script-src 'self' 'unsafe-inline' cdn.aviva.com .adobedtm.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com; connect-src 'self' cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com *.oribi.io
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com; script-src 'self' 'unsafe-inline' cdn.aviva.com *.adobedtm.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com; connect-src 'self' cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io
cache-control: max-age=31536000
etag: "3646-5efcab06866f7"
x-content-type-options: nosniff
expires: Sat, 04 Oct 2025 17:16:11 GMT
accept-ranges: bytes
content-length: 13894
x-xss-protection: 1; mode=block
date: Fri, 04 Oct 2024 17:16:11 GMT
last-modified: Wed, 14 Dec 2022 14:38:25 GMT
content-type: image/jpeg
x-edgeconnect-midmile-rtt: 0, 2, 1, 0, 0, 2, 1, 0, 0, 0, 4, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 1, 4, 0, 0, 0, 0, 0, 2, 6, 0, 2
x-edgeconnect-origin-mex-latency: 18, 13, 53, 12, 13, 13, 38, 12, 12, 16, 14, 12, 14, 12, 40, 12, 14, 40, 13, 60, 18, 17, 19, 58, 13, 55, 13, 23, 2163, 55, 13, 16, 66, 13
x-frame-options: SAMEORIGIN

GET
H2 200 Badge-Equite-Blue-EN.png
www.aviva.ca/content/dam/aviva-public/logos/ 20 KB
21 KB 294ms
291ms Image
image/png 104.71.191.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aviva.ca/content/dam/aviva-public/logos/Badge-Equite-Blue-EN.png

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/en/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.191.34 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-71-191-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

4976976fa8ab2959946c4e96a275554f099d6c5968633506febe65f1e630d522

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=31536000
etag: W/"5090-5d12f2cdc48b0"
expires: Sat, 04 Oct 2025 17:16:11 GMT
accept-ranges: bytes
content-length: 20624
x-xss-protection: 1; mode=block
date: Fri, 04 Oct 2024 17:16:11 GMT
last-modified: Sat, 20 Nov 2021 02:30:29 GMT
content-type: image/png
x-edgeconnect-midmile-rtt: 0, 0, 0, 0, 0, 0, 1, 1, 0, 5, 0, 0, 0, 0, 0, 0
x-edgeconnect-origin-mex-latency: 99, 1, 122, 9, 13, 12, 13, 13, 20, 13, 59, 78, 43, 17, 12, 88
x-frame-options: SAMEORIGIN

GET
H2 200 init.js Show response
www.aviva.ca/etc/designs/aviva/clientlibs/uk/ 21 KB
5 KB 313ms
310ms Script
text/javascript 104.71.191.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aviva.ca/etc/designs/aviva/clientlibs/uk/init.js?v=2024.09.05-2

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/en/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.191.34 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-71-191-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

d92d857d4df200abcc14acee55662de41d428cf2f1c453461ab45e86d31ef413

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .aviva.ca .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com .pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' .aviva.ca cdn.aviva.com .adobedtm.com .amazon.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com .cookielaw.org ajax.aspnetcdn.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com fonts.googleapis.com; connect-src 'self' .amazon.com cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .cookielaw.org .linkedin.com .reddit.com .redditstatic.com .onetrust.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .amazon .aviva.ca .pardot.com; frame-ancestors https://.aviva.ca
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/

Response headers

content-encoding: gzip
etag: W/"55ef-6216a192850dc"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Fri, 04 Oct 2024 17:17:07 GMT
date: Fri, 04 Oct 2024 17:16:11 GMT
last-modified: Fri, 06 Sep 2024 02:23:52 GMT
vary: Accept-Encoding
content-type: text/javascript
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.aviva.ca *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com *.pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' *.aviva.ca cdn.aviva.com *.adobedtm.com *.amazon.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com *.cookielaw.org ajax.aspnetcdn.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com fonts.googleapis.com; connect-src 'self' *.amazon.com cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.cookielaw.org *.linkedin.com *.reddit.com *.redditstatic.com *.onetrust.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.amazon *.aviva.ca *.pardot.com; frame-ancestors https://*.aviva.ca
cache-control: max-age=56
accept-ranges: bytes
content-length: 4105
x-xss-protection: 1; mode=block
x-edgeconnect-midmile-rtt: 0
x-edgeconnect-origin-mex-latency: 458

GET
H2 200 faf19e2c-ab6d-4025-8008-ae2cb4580072.json Show response
cdn.cookielaw.org/consent/faf19e2c-ab6d-4025-8008-ae2cb4580072/ 4 KB
2 KB 83ms
41ms XHR
application/json 104.18.86.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/faf19e2c-ab6d-4025-8008-ae2cb4580072/faf19e2c-ab6d-4025-8008-ae2cb4580072.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24cd6f5b8656917eab7cdad902ad419e0148756c448f304353e7871db252c4f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

content-md5: 0mpIPDroO1mIfhx+F1KdGQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
cf-cache-status: HIT
etag: 0x8DCC5E17085E2C8
age: 7125
x-ms-lease-status: unlocked
x-content-type-options: nosniff
x-ms-version: 2009-09-19
expires: Sat, 05 Oct 2024 17:16:11 GMT
date: Fri, 04 Oct 2024 17:16:11 GMT
content-type: application/json
last-modified: Mon, 26 Aug 2024 15:12:02 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin, cross-origin
x-ms-request-id: 5a2ed972-101e-00f6-7aca-f7b49c000000
cf-ray: 8cd6d1791e28ac87-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1662
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 print.css
cdn.aviva.com/static/core/v.3.3.0/css/ 12 KB
3 KB 87ms
85ms Stylesheet
text/css 23.204.18.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/css/print.css

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/en/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.204.18.149 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-204-18-149.deploy.static.akamaitechnologies.com

Software

Resource Hash

613f291a3ea06249a168b73652318eca603b5b9a7c933bf08feb2458a00abaf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
content-encoding: gzip
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Sun, 03 Nov 2024 17:16:11 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2534
date: Fri, 04 Oct 2024 17:16:11 GMT
content-type: text/css
last-modified: Mon, 24 May 2021 15:46:45 GMT
vary: Accept-Encoding

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 68 B
306 B 97ms
37ms XHR
application/json 172.64.155.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.155.119 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a1309d2ccff026ab4dcf050977befc877505115e4777e240fa328b1781c63ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
accept: application/json
Referer: https://www.aviva.ca/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
access-control-allow-methods: GET, OPTIONS
cf-ray: 8cd6d179cfc0a226-YYZ
access-control-allow-origin: *
date: Fri, 04 Oct 2024 17:16:11 GMT
content-type: application/json
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: Content-Type

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202407.2.0/ 452 KB
110 KB 33ms
30ms Script
application/javascript 104.18.86.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202407.2.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb60550070f9a5ce5d91b9cb0d34ee6777a3dcb25de950cb185d1c2b624b2590

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

content-md5: btqcTGGxKzfJ1KoWzOA9vQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCBD61B7AC59A0
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 16123
x-content-type-options: nosniff
date: Fri, 04 Oct 2024 17:16:11 GMT
content-type: application/javascript
last-modified: Thu, 15 Aug 2024 19:37:37 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: dc35e002-d01e-00eb-12a2-ef6d76000000
cf-ray: 8cd6d17b0f0d39e1-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 112185
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 CA.png
cdn.aviva.com/static/core/v.3.3.0/images/icons/flags/small/ 822 B
1015 B 122ms
121ms Image
image/png 23.204.18.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/images/icons/flags/small/CA.png

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.204.18.149 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-204-18-149.deploy.static.akamaitechnologies.com

Software

Resource Hash

d22ba65430ce6ee971c19978dff9a95f23a1b31fdd676e9b801ad5812a797703

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split.css

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Sun, 03 Nov 2024 17:16:11 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 822
date: Fri, 04 Oct 2024 17:16:11 GMT
content-type: image/png
last-modified: Mon, 24 May 2021 15:46:45 GMT

GET
H2 200 notification-warning.png
cdn.aviva.com/static/core/v.3.3.0/images/icons/ 143 B
337 B 121ms
121ms Image
image/png 23.204.18.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/images/icons/notification-warning.png

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.204.18.149 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-204-18-149.deploy.static.akamaitechnologies.com

Software

Resource Hash

4e5e155d17ad05a6e38823b3afb7d4fb1bb1c6c1aca70cc0e482fa4c8f941079

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split.css

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Sun, 03 Nov 2024 17:16:11 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 143
date: Fri, 04 Oct 2024 17:16:11 GMT
content-type: image/png
last-modified: Mon, 24 May 2021 15:46:45 GMT

GET
H2 200 icon-usp-tick.png
www.aviva.ca/etc/designs/aviva-public/1.49.2/images/icons/png/green/ 630 B
2 KB 188ms
187ms Image
image/png 104.71.191.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aviva.ca/etc/designs/aviva-public/1.49.2/images/icons/png/green/icon-usp-tick.png

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/etc/designs/aviva-public/1.49.2/css/core.min.css?v=2021.02.19

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.191.34 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-71-191-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

288a94250532445d47ed48274373a32d076972e5d6d164596e925cea89eefa77

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .aviva.ca .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com .pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' .aviva.ca cdn.aviva.com .adobedtm.com .amazon.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com .cookielaw.org ajax.aspnetcdn.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com fonts.googleapis.com; connect-src 'self' .amazon.com cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .cookielaw.org .linkedin.com .reddit.com .redditstatic.com .onetrust.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .amazon .aviva.ca .pardot.com; frame-ancestors https://.aviva.ca
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/etc/designs/aviva-public/1.49.2/css/core.min.css?v=2021.02.19

Response headers

etag: W/"276-6216a23f26a8e"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Sat, 04 Oct 2025 17:16:11 GMT
date: Fri, 04 Oct 2024 17:16:11 GMT
last-modified: Fri, 06 Sep 2024 02:26:53 GMT
content-type: image/png
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.aviva.ca *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com *.pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' *.aviva.ca cdn.aviva.com *.adobedtm.com *.amazon.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com *.cookielaw.org ajax.aspnetcdn.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com fonts.googleapis.com; connect-src 'self' *.amazon.com cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.cookielaw.org *.linkedin.com *.reddit.com *.redditstatic.com *.onetrust.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.amazon *.aviva.ca *.pardot.com; frame-ancestors https://*.aviva.ca
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 630
x-xss-protection: 1; mode=block
x-edgeconnect-midmile-rtt: 75
x-edgeconnect-origin-mex-latency: 109

GET
H2 200 icon-car.png
www.aviva.ca/etc/designs/aviva-public/1.49.2/images/icons/png/multicolour/ 11 KB
13 KB 189ms
188ms Image
image/png 104.71.191.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aviva.ca/etc/designs/aviva-public/1.49.2/images/icons/png/multicolour/icon-car.png

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/etc/designs/aviva-public/1.49.2/css/core.min.css?v=2021.02.19

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.191.34 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-71-191-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

ecd6d6d0bc6a73e8e809f3b293bde32a4d1977308dbd35e8ce315038806d2100

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .aviva.ca .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com .pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' .aviva.ca cdn.aviva.com .adobedtm.com .amazon.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com .cookielaw.org ajax.aspnetcdn.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com fonts.googleapis.com; connect-src 'self' .amazon.com cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .cookielaw.org .linkedin.com .reddit.com .redditstatic.com .onetrust.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .amazon .aviva.ca .pardot.com; frame-ancestors https://.aviva.ca
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/etc/designs/aviva-public/1.49.2/css/core.min.css?v=2021.02.19

Response headers

etag: "2cc1-6216a2581d3a5"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Sat, 04 Oct 2025 17:16:11 GMT
date: Fri, 04 Oct 2024 17:16:11 GMT
last-modified: Fri, 06 Sep 2024 02:27:19 GMT
content-type: image/png
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.aviva.ca *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com *.pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' *.aviva.ca cdn.aviva.com *.adobedtm.com *.amazon.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com *.cookielaw.org ajax.aspnetcdn.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com fonts.googleapis.com; connect-src 'self' *.amazon.com cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.cookielaw.org *.linkedin.com *.reddit.com *.redditstatic.com *.onetrust.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.amazon *.aviva.ca *.pardot.com; frame-ancestors https://*.aviva.ca
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 11457
x-xss-protection: 1; mode=block
x-edgeconnect-midmile-rtt: 0
x-edgeconnect-origin-mex-latency: 3110

GET
H2 200 icon-home.png
www.aviva.ca/etc/designs/aviva-public/1.49.2/images/icons/png/multicolour/ 2 KB
4 KB 188ms
188ms Image
image/png 104.71.191.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aviva.ca/etc/designs/aviva-public/1.49.2/images/icons/png/multicolour/icon-home.png

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/etc/designs/aviva-public/1.49.2/css/core.min.css?v=2021.02.19

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.191.34 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-71-191-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

ae4af12d0237e31a3b97e0aab5e8dde0a8ba34933ef2162410f6ba17a9a07d69

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .aviva.ca .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com .pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' .aviva.ca cdn.aviva.com .adobedtm.com .amazon.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com .cookielaw.org ajax.aspnetcdn.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com fonts.googleapis.com; connect-src 'self' .amazon.com cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .cookielaw.org .linkedin.com .reddit.com .redditstatic.com .onetrust.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .amazon .aviva.ca .pardot.com; frame-ancestors https://.aviva.ca
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/etc/designs/aviva-public/1.49.2/css/core.min.css?v=2021.02.19

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.aviva.ca *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com *.pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' *.aviva.ca cdn.aviva.com *.adobedtm.com *.amazon.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com *.cookielaw.org ajax.aspnetcdn.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com fonts.googleapis.com; connect-src 'self' *.amazon.com cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.cookielaw.org *.linkedin.com *.reddit.com *.redditstatic.com *.onetrust.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.amazon *.aviva.ca *.pardot.com; frame-ancestors https://*.aviva.ca
cache-control: max-age=31536000
etag: W/"73d-6216a23f32de1"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Sat, 04 Oct 2025 17:16:11 GMT
accept-ranges: bytes
content-length: 1853
x-xss-protection: 1; mode=block
date: Fri, 04 Oct 2024 17:16:11 GMT
last-modified: Fri, 06 Sep 2024 02:26:53 GMT
content-type: image/png
x-frame-options: SAMEORIGIN

GET
H2 200 icon-condo.png
www.aviva.ca/etc/designs/aviva-public/1.49.2/images/icons/png/multicolour/ 1 KB
3 KB 190ms
189ms Image
image/png 104.71.191.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aviva.ca/etc/designs/aviva-public/1.49.2/images/icons/png/multicolour/icon-condo.png

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/etc/designs/aviva-public/1.49.2/css/core.min.css?v=2021.02.19

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.191.34 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-71-191-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

ff68954256171e19e9964db6b9b9be908cd1f18e1dbb8367de9af0ca02b6566b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .aviva.ca .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com .pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' .aviva.ca cdn.aviva.com .adobedtm.com .amazon.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com .cookielaw.org ajax.aspnetcdn.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com fonts.googleapis.com; connect-src 'self' .amazon.com cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .cookielaw.org .linkedin.com .reddit.com .redditstatic.com .onetrust.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .amazon .aviva.ca .pardot.com; frame-ancestors https://.aviva.ca
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/etc/designs/aviva-public/1.49.2/css/core.min.css?v=2021.02.19

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.aviva.ca *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com *.pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' *.aviva.ca cdn.aviva.com *.adobedtm.com *.amazon.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com *.cookielaw.org ajax.aspnetcdn.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com fonts.googleapis.com; connect-src 'self' *.amazon.com cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.cookielaw.org *.linkedin.com *.reddit.com *.redditstatic.com *.onetrust.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.amazon *.aviva.ca *.pardot.com; frame-ancestors https://*.aviva.ca
cache-control: max-age=31536000
etag: W/"599-6216a2091722d"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Sat, 04 Oct 2025 17:16:11 GMT
accept-ranges: bytes
content-length: 1433
x-xss-protection: 1; mode=block
date: Fri, 04 Oct 2024 17:16:11 GMT
last-modified: Fri, 06 Sep 2024 02:25:56 GMT
content-type: image/png
x-frame-options: SAMEORIGIN

GET
H2 200 modal-photo-bg.jpg
www.aviva.ca/content/dam/aviva-public/ca/quote/ 29 KB
31 KB 238ms
237ms Image
image/jpeg 104.71.191.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aviva.ca/content/dam/aviva-public/ca/quote/modal-photo-bg.jpg

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/en/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.191.34 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-71-191-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

ef640470ded5f3fcab2c29ab75dad29e4761df60663f7a50829bb010cde0f08a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .five9.com .amazon-adsystem.com .facebook.com .pinterest.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com; script-src 'self' 'unsafe-inline' cdn.aviva.com .adobedtm.com .pinimg.com .amazon-adsystem.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .redditstatic.com .teads.tv .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com; connect-src 'self' cdn.aviva.com .amazon-adsystem.com .mktoresp.com .google.com .google-analytics.com .pinterest.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .teads.tv .redditstatic.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.five9.com *.amazon-adsystem.com *.facebook.com *.pinterest.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com; script-src 'self' 'unsafe-inline' cdn.aviva.com *.adobedtm.com *.pinimg.com *.amazon-adsystem.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.redditstatic.com *.teads.tv *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com; connect-src 'self' cdn.aviva.com *.amazon-adsystem.com *.mktoresp.com *.google.com *.google-analytics.com *.pinterest.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.teads.tv *.redditstatic.com
cache-control: max-age=31536000
etag: "7556-5cc14e5dbee26"
x-content-type-options: nosniff
expires: Sat, 04 Oct 2025 17:16:11 GMT
accept-ranges: bytes
content-length: 30038
x-xss-protection: 1; mode=block
date: Fri, 04 Oct 2024 17:16:11 GMT
last-modified: Thu, 16 Sep 2021 04:03:31 GMT
content-type: image/jpeg
x-edgeconnect-midmile-rtt: 0, 0, 0, 5
x-edgeconnect-origin-mex-latency: 13, 60, 13, 36
x-frame-options: SAMEORIGIN

GET
H2 200 external-link.png
cdn.aviva.com/static/core/v.3.3.0/images/icons/sprites/ 296 B
490 B 114ms
112ms Image
image/png 23.204.18.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/images/icons/sprites/external-link.png

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split1.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.204.18.149 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-204-18-149.deploy.static.akamaitechnologies.com

Software

Resource Hash

ef62b1cd6c0c08e5207dd9aac5ae16be906b30b07272d3442aa5b6d229a4e4bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split1.css

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Sun, 03 Nov 2024 17:16:11 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 296
date: Fri, 04 Oct 2024 17:16:11 GMT
content-type: image/png
last-modified: Mon, 24 May 2021 15:46:45 GMT

GET
H2 200 facebook-sprite.png
cdn.aviva.com/static/core/v.3.3.0/images/icons/social/ 687 B
881 B 114ms
113ms Image
image/png 23.204.18.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/images/icons/social/facebook-sprite.png

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split2.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.204.18.149 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-204-18-149.deploy.static.akamaitechnologies.com

Software

Resource Hash

14c2fa6095807c2d3f99a94c89c152d3fad5a9850d5a473fa20b9f086823a922

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split2.css

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Sun, 03 Nov 2024 17:16:11 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 687
date: Fri, 04 Oct 2024 17:16:11 GMT
content-type: image/png
last-modified: Mon, 24 May 2021 15:46:45 GMT

GET
H2 200 twitter-sprite.png
cdn.aviva.com/static/core/v.3.3.0/images/icons/social/ 2 KB
2 KB 114ms
113ms Image
image/png 23.204.18.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/images/icons/social/twitter-sprite.png

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split2.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.204.18.149 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-204-18-149.deploy.static.akamaitechnologies.com

Software

Resource Hash

8f234e9965637f671774c12515e3837f16b5b62a4ec26e60d69eca5d3c288d13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split2.css

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Sun, 03 Nov 2024 17:16:11 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1663
date: Fri, 04 Oct 2024 17:16:11 GMT
content-type: image/png
last-modified: Mon, 24 May 2021 15:46:45 GMT

GET
H2 200 linkedin-sprite.png
cdn.aviva.com/static/core/v.3.3.0/images/icons/social/ 861 B
1 KB 114ms
113ms Image
image/png 23.204.18.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/images/icons/social/linkedin-sprite.png

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split2.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.204.18.149 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-204-18-149.deploy.static.akamaitechnologies.com

Software

Resource Hash

1898973c6fd7b6de48334fd7f747bf5910d2d0928bacdf309a832caa8bc61bc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split2.css

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Sun, 03 Nov 2024 17:16:11 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 861
date: Fri, 04 Oct 2024 17:16:11 GMT
content-type: image/png
last-modified: Mon, 24 May 2021 15:46:45 GMT

GET
H2 200 youtube-sprite.png
cdn.aviva.com/static/core/v.3.3.0/images/icons/social/ 1 KB
2 KB 114ms
114ms Image
image/png 23.204.18.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/images/icons/social/youtube-sprite.png

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split2.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.204.18.149 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-204-18-149.deploy.static.akamaitechnologies.com

Software

Resource Hash

6b7940f2febd9b5356fe2aebfaca02088451d50d5c6bc962381ba1f478da83f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split2.css

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Sun, 03 Nov 2024 17:16:11 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1438
date: Fri, 04 Oct 2024 17:16:11 GMT
content-type: image/png
last-modified: Mon, 24 May 2021 15:46:45 GMT

GET
H2 200 dropdown.png
cdn.aviva.com/static/core/v.3.3.0/images/icons/sprites/ 945 B
1 KB 114ms
114ms Image
image/png 23.204.18.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/images/icons/sprites/dropdown.png

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split2.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.204.18.149 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-204-18-149.deploy.static.akamaitechnologies.com

Software

Resource Hash

ccc886ecf317012e82fbca6129a17462af04d4fb51d4e1b5e32977e639c2f685

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split2.css

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Sun, 03 Nov 2024 17:16:11 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 945
date: Fri, 04 Oct 2024 17:16:11 GMT
content-type: image/png
last-modified: Mon, 24 May 2021 15:46:45 GMT

GET
H2 200 sourcesanspro-bold-webfont-base.woff2
cdn.aviva.com/static/core/v.4.13.0/fonts/ 21 KB
22 KB 551ms
71ms Font
font/woff2 23.204.18.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.aviva.com/static/core/v.4.13.0/fonts/sourcesanspro-bold-webfont-base.woff2

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/etc/designs/aviva/clientlibs/uk/global-overrides.css?v=2024.09.05-2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.204.18.149 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-204-18-149.deploy.static.akamaitechnologies.com

Software

Resource Hash

bd96e065b03bcab321ce111a63b368f08b25217115ee67a1827219b7ba2ebab0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.aviva.ca
Referer: https://www.aviva.ca/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
etag: "53cb2e671d745cb67e65ee87e2123733:1621871240.776168"
expires: Sun, 03 Nov 2024 17:16:12 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 21804
date: Fri, 04 Oct 2024 17:16:12 GMT
content-type: font/woff2
last-modified: Mon, 24 May 2021 15:47:20 GMT

GET
H2 200 sourcesanspro-regular-webfont-base.woff2
cdn.aviva.com/static/core/v.4.13.0/fonts/ 22 KB
22 KB 584ms
105ms Font
font/woff2 23.204.18.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.aviva.com/static/core/v.4.13.0/fonts/sourcesanspro-regular-webfont-base.woff2

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/etc/designs/aviva/clientlibs/uk/global-overrides.css?v=2024.09.05-2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.204.18.149 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-204-18-149.deploy.static.akamaitechnologies.com

Software

Resource Hash

c299052a00248b1cd445299d869b8025dd3108f601a986d3f56399c33d0a5039

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.aviva.ca
Referer: https://www.aviva.ca/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
etag: "53cb2e671d745cb67e65ee87e2123733:1621871240.776168"
expires: Sun, 03 Nov 2024 17:16:12 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 22288
date: Fri, 04 Oct 2024 17:16:12 GMT
content-type: font/woff2
last-modified: Mon, 24 May 2021 15:47:20 GMT

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d554361630709572f4c9e33d02ca5ae56275756099a62195513017a0421f73c2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 157 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H2 200 en-ca.json Show response
cdn.cookielaw.org/consent/faf19e2c-ab6d-4025-8008-ae2cb4580072/018f8202-840e-7b63-8111-8dec7c6edcba/ 80 KB
18 KB 41ms
41ms Fetch
application/json 104.18.86.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/faf19e2c-ab6d-4025-8008-ae2cb4580072/018f8202-840e-7b63-8111-8dec7c6edcba/en-ca.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202407.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e3b43082dfbff5371f6906e86e44ce86999eb0ccae3bb992135b6abb37ae11d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

content-md5: kf8ZUXy797U/EXaXvh002A==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
cf-cache-status: HIT
etag: 0x8DCC5E16FD66AE9
age: 7018
x-ms-lease-status: unlocked
x-content-type-options: nosniff
x-ms-version: 2009-09-19
expires: Sat, 05 Oct 2024 17:16:11 GMT
date: Fri, 04 Oct 2024 17:16:11 GMT
content-type: application/json
last-modified: Mon, 26 Aug 2024 15:12:01 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin, cross-origin
x-ms-request-id: 34459da3-b01e-001e-74ca-f74967000000
cf-ray: 8cd6d17c095dac87-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18134
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 CA.svg
cdn.aviva.com/static/core/v.3.3.0/images/icons/flags/large/ 1 KB
765 B 126ms
125ms Image
image/svg+xml 23.204.18.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/images/icons/flags/large/CA.svg

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.204.18.149 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-204-18-149.deploy.static.akamaitechnologies.com

Software

Resource Hash

b2a3ac010fb6da012d414ff4d2aef937835561686229ed979e418fcabae5d46c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split.css

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
content-encoding: gzip
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Sun, 03 Nov 2024 17:16:11 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 547
date: Fri, 04 Oct 2024 17:16:11 GMT
content-type: image/svg+xml
last-modified: Mon, 24 May 2021 15:46:45 GMT
vary: Accept-Encoding

GET
H2 200 icon-usp-tick.svg
www.aviva.ca/etc/designs/aviva-public/1.49.2/images/icons/svg/green/ 155 B
2 KB 141ms
139ms Image
image/svg+xml 104.71.191.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aviva.ca/etc/designs/aviva-public/1.49.2/images/icons/svg/green/icon-usp-tick.svg

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/etc/designs/aviva-public/1.49.2/css/core.min.css?v=2021.02.19

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.191.34 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-71-191-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

5eeb69d98a6284b8b640ff2313e2f484ca33efdbb9e769043059be6c19a3f9d2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .aviva.ca .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com .pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' .aviva.ca cdn.aviva.com .adobedtm.com .amazon.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com .cookielaw.org ajax.aspnetcdn.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com fonts.googleapis.com; connect-src 'self' .amazon.com cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .cookielaw.org .linkedin.com .reddit.com .redditstatic.com .onetrust.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .amazon .aviva.ca .pardot.com; frame-ancestors https://.aviva.ca
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/etc/designs/aviva-public/1.49.2/css/core.min.css?v=2021.02.19

Response headers

content-encoding: gzip
etag: W/"9b-6216a23f1323f"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Sat, 04 Oct 2025 17:16:11 GMT
date: Fri, 04 Oct 2024 17:16:11 GMT
last-modified: Fri, 06 Sep 2024 02:26:53 GMT
content-type: image/svg+xml
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.aviva.ca *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com *.pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' *.aviva.ca cdn.aviva.com *.adobedtm.com *.amazon.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com *.cookielaw.org ajax.aspnetcdn.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com fonts.googleapis.com; connect-src 'self' *.amazon.com cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.cookielaw.org *.linkedin.com *.reddit.com *.redditstatic.com *.onetrust.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.amazon *.aviva.ca *.pardot.com; frame-ancestors https://*.aviva.ca
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 147
x-xss-protection: 1; mode=block

GET
H2 200 icon-home.svg
www.aviva.ca/etc/designs/aviva-public/1.49.2/images/icons/svg/multicolour/ 461 B
2 KB 132ms
130ms Image
image/svg+xml 104.71.191.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aviva.ca/etc/designs/aviva-public/1.49.2/images/icons/svg/multicolour/icon-home.svg

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/etc/designs/aviva-public/1.49.2/css/core.min.css?v=2021.02.19

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.191.34 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-71-191-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

78e931fea89cee7b966976556fa59fff1234c6e618f8638412fdefd98ebd1901

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .aviva.ca .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com .pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' .aviva.ca cdn.aviva.com .adobedtm.com .amazon.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com .cookielaw.org ajax.aspnetcdn.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com fonts.googleapis.com; connect-src 'self' .amazon.com cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .cookielaw.org .linkedin.com .reddit.com .redditstatic.com .onetrust.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .amazon .aviva.ca .pardot.com; frame-ancestors https://.aviva.ca
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/etc/designs/aviva-public/1.49.2/css/core.min.css?v=2021.02.19

Response headers

content-encoding: gzip
etag: W/"1cd-6216a23f5e55c"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Sat, 04 Oct 2025 17:16:11 GMT
date: Fri, 04 Oct 2024 17:16:11 GMT
last-modified: Fri, 06 Sep 2024 02:26:53 GMT
content-type: image/svg+xml
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.aviva.ca *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com *.pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' *.aviva.ca cdn.aviva.com *.adobedtm.com *.amazon.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com *.cookielaw.org ajax.aspnetcdn.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com fonts.googleapis.com; connect-src 'self' *.amazon.com cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.cookielaw.org *.linkedin.com *.reddit.com *.redditstatic.com *.onetrust.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.amazon *.aviva.ca *.pardot.com; frame-ancestors https://*.aviva.ca
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 265
x-xss-protection: 1; mode=block

GET
H2 200 icon-condo.svg
www.aviva.ca/etc/designs/aviva-public/1.49.2/images/icons/svg/multicolour/ 496 B
2 KB 142ms
141ms Image
image/svg+xml 104.71.191.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aviva.ca/etc/designs/aviva-public/1.49.2/images/icons/svg/multicolour/icon-condo.svg

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/etc/designs/aviva-public/1.49.2/css/core.min.css?v=2021.02.19

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.191.34 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-71-191-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

0a7f2d89377fe97519b73d14f30b1e73cfa70a80554e2fef8ccf9a8eeb77fca0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .aviva.ca .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com .pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' .aviva.ca cdn.aviva.com .adobedtm.com .amazon.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com .cookielaw.org ajax.aspnetcdn.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com fonts.googleapis.com; connect-src 'self' .amazon.com cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .cookielaw.org .linkedin.com .reddit.com .redditstatic.com .onetrust.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .amazon .aviva.ca .pardot.com; frame-ancestors https://.aviva.ca
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/etc/designs/aviva-public/1.49.2/css/core.min.css?v=2021.02.19

Response headers

content-encoding: gzip
etag: W/"1f0-6216a20921e0f"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Sat, 04 Oct 2025 17:16:11 GMT
date: Fri, 04 Oct 2024 17:16:11 GMT
last-modified: Fri, 06 Sep 2024 02:25:56 GMT
content-type: image/svg+xml
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.aviva.ca *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com *.pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' *.aviva.ca cdn.aviva.com *.adobedtm.com *.amazon.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com *.cookielaw.org ajax.aspnetcdn.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com fonts.googleapis.com; connect-src 'self' *.amazon.com cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.cookielaw.org *.linkedin.com *.reddit.com *.redditstatic.com *.onetrust.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.amazon *.aviva.ca *.pardot.com; frame-ancestors https://*.aviva.ca
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 285
x-xss-protection: 1; mode=block

GET
H2 200 external-link.svg
cdn.aviva.com/static/core/v.3.3.0/images/icons/sprites/ 2 KB
695 B 121ms
118ms Image
image/svg+xml 23.204.18.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/images/icons/sprites/external-link.svg

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split1.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.204.18.149 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-204-18-149.deploy.static.akamaitechnologies.com

Software

Resource Hash

5214f0b12f6d038f35a061b40c6f36fc8c329d2d21d3fb1c9ecee8d3b9568c7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split1.css

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
content-encoding: gzip
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Sun, 03 Nov 2024 17:16:11 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 477
date: Fri, 04 Oct 2024 17:16:11 GMT
content-type: image/svg+xml
last-modified: Mon, 24 May 2021 15:46:45 GMT
vary: Accept-Encoding

GET
H2 200 facebook-sprite.svg
cdn.aviva.com/static/core/v.3.3.0/images/icons/social/ 1 KB
596 B 121ms
118ms Image
image/svg+xml 23.204.18.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/images/icons/social/facebook-sprite.svg

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split2.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.204.18.149 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-204-18-149.deploy.static.akamaitechnologies.com

Software

Resource Hash

40a10f09c8ae7b2a8c83091589cb1522fd817fd464dd1d5b9570abf702acd499

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split2.css

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
content-encoding: gzip
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Sun, 03 Nov 2024 17:16:11 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 378
date: Fri, 04 Oct 2024 17:16:11 GMT
content-type: image/svg+xml
last-modified: Mon, 24 May 2021 15:46:45 GMT
vary: Accept-Encoding

GET
H2 200 twitter-sprite.svg
cdn.aviva.com/static/core/v.3.3.0/images/icons/social/ 2 KB
804 B 121ms
118ms Image
image/svg+xml 23.204.18.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/images/icons/social/twitter-sprite.svg

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split2.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.204.18.149 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-204-18-149.deploy.static.akamaitechnologies.com

Software

Resource Hash

115712ec33924a79d72a3a4cdb32d02c98cc445528e6aa247d6dc589fb3d67a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split2.css

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
content-encoding: gzip
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Sun, 03 Nov 2024 17:16:11 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 586
date: Fri, 04 Oct 2024 17:16:11 GMT
content-type: image/svg+xml
last-modified: Mon, 24 May 2021 15:46:45 GMT
vary: Accept-Encoding

GET
H2 200 linkedin-sprite.svg
cdn.aviva.com/static/core/v.3.3.0/images/icons/social/ 1 KB
705 B 143ms
141ms Image
image/svg+xml 23.204.18.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/images/icons/social/linkedin-sprite.svg

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split2.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.204.18.149 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-204-18-149.deploy.static.akamaitechnologies.com

Software

Resource Hash

41673777ea627ad546f0aa6263387040017fc2c105558e24bbba276f1e871044

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split2.css

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
content-encoding: gzip
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Sun, 03 Nov 2024 17:16:11 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 487
date: Fri, 04 Oct 2024 17:16:11 GMT
content-type: image/svg+xml
last-modified: Mon, 24 May 2021 15:46:45 GMT
vary: Accept-Encoding

GET
H2 200 youtube-sprite.svg
cdn.aviva.com/static/core/v.3.3.0/images/icons/social/ 1 KB
865 B 121ms
119ms Image
image/svg+xml 23.204.18.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/images/icons/social/youtube-sprite.svg

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split2.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.204.18.149 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-204-18-149.deploy.static.akamaitechnologies.com

Software

Resource Hash

194d7dc861a0f86e5b3ea21f2fb19fa108c6f9ff034f6bad8341d826262d3dc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split2.css

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
content-encoding: gzip
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Sun, 03 Nov 2024 17:16:11 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 647
date: Fri, 04 Oct 2024 17:16:11 GMT
content-type: image/svg+xml
last-modified: Mon, 24 May 2021 15:46:45 GMT
vary: Accept-Encoding

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/202407.2.0/assets/ 13 KB
3 KB 33ms
32ms Fetch
application/json 104.18.86.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202407.2.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202407.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d890abf66010907c7a0a61236d25c3c98bcb7edec34b13dc887f5be122bfef7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

content-md5: HFRQn1JrLTlh4Ku3smscgQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCBD61B424DE74
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 7195
x-content-type-options: nosniff
date: Fri, 04 Oct 2024 17:16:11 GMT
content-type: application/json
last-modified: Thu, 15 Aug 2024 19:37:31 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: c7f0db4e-801e-001d-1eca-f74a60000000
cf-ray: 8cd6d17c79ceac87-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3003
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/202407.2.0/assets/v2/ 62 KB
13 KB 37ms
35ms Fetch
application/json 104.18.86.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202407.2.0/assets/v2/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202407.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7dbc72c3f0511495fdf45d42283a246613db44b0906199cef195a773068d822f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

content-md5: gHD/hbq7+H1F/GSzLFMxSw==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCBD61B56E6320
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 43556
x-content-type-options: nosniff
date: Fri, 04 Oct 2024 17:16:11 GMT
content-type: application/json
last-modified: Thu, 15 Aug 2024 19:37:33 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 2a563851-a01e-000a-73ca-f78a03000000
cf-ray: 8cd6d17c79cfac87-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 12723
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otCookieSettingsButton.json Show response
cdn.cookielaw.org/scripttemplates/202407.2.0/assets/ 5 KB
2 KB 35ms
34ms Fetch
application/json 104.18.86.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202407.2.0/assets/otCookieSettingsButton.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202407.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fb7c176325267082e94a7131fed5e157516e6805cee3ac6f6a93340a947d640

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

content-md5: O3m9h96R8jrQiO6UBOWOVA==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCBD61B52A5384
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 7195
x-content-type-options: nosniff
date: Fri, 04 Oct 2024 17:16:11 GMT
content-type: application/json
last-modified: Thu, 15 Aug 2024 19:37:32 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 8212ddcf-501e-0050-55ca-f78c82000000
cf-ray: 8cd6d17c79d1ac87-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1738
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202407.2.0/assets/ 24 KB
4 KB 37ms
37ms Fetch
text/css 104.18.86.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202407.2.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202407.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c2092048f21074425f3e025db78fb6505f75d6fcf2e121ced055c8d53bcb1b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

content-md5: HyPJ72TNHxdfOI82cqKVqA==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 7195
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 04 Oct 2024 17:16:11 GMT
content-type: text/css
last-modified: Thu, 15 Aug 2024 19:37:41 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 85244194-001e-008f-12ca-f7ddd6000000
cf-ray: 8cd6d17c79d2ac87-YYZ
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPe51f9b26f7c243dfa8d1d3ea2bf16f5f/ 34 KB
12 KB 34ms
34ms Script
application/x-javascript 23.51.57.57
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPe51f9b26f7c243dfa8d1d3ea2bf16f5f/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cb3f8d042d56/2daa76811d16/launch-76e68f2dde59.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.57.57 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-57-57.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6b470a5ec92399b5420afa5e81b07fe400eeb24c317d911ce76aabcf7e02db39

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

cache-control: no-cache
timing-allow-origin: *
content-encoding: gzip
etag: "ade220db70aa3259d42f32d039757920:1689673134.025267"
expires: Fri, 04 Oct 2024 18:16:11 GMT
accept-ranges: bytes
access-control-allow-origin: https://www.aviva.ca
content-length: 12463
date: Fri, 04 Oct 2024 17:16:11 GMT
content-type: application/x-javascript
last-modified: Tue, 18 Jul 2023 09:38:54 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EPe51f9b26f7c243dfa8d1d3ea2bf16f5f/ 3 KB
2 KB 36ms
36ms Script
application/x-javascript 23.51.57.57
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPe51f9b26f7c243dfa8d1d3ea2bf16f5f/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cb3f8d042d56/2daa76811d16/launch-76e68f2dde59.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.57.57 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-57-57.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2f12bf7ca8e0bc82ac4634c7f6b5d9cd3b260ec31c2ec76d2db01d983770cf48

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

cache-control: no-cache
timing-allow-origin: *
content-encoding: gzip
etag: "051ec0e10d7fb5b48a8bf326aa3a7442:1689673134.518239"
expires: Fri, 04 Oct 2024 18:16:11 GMT
accept-ranges: bytes
access-control-allow-origin: https://www.aviva.ca
content-length: 1597
date: Fri, 04 Oct 2024 17:16:11 GMT
content-type: application/x-javascript
last-modified: Tue, 18 Jul 2023 09:38:54 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 226 KB
58 KB 75ms
35ms Script
application/x-javascript 31.13.71.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cb3f8d042d56/2daa76811d16/launch-76e68f2dde59.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-lga3.fbcdn.net

Software

Resource Hash

48ba1993011db4834882d81b2153753437607292f704a6543d4466c0f6d1372a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'unsafe-inline' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
edge-control: cache-maxage=10m
date: Fri, 04 Oct 2024 17:16:11 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=31, rtx=0, c=23, mss=1232, tbw=4431, tp=9, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: kArZIXqNXdsdgYduzkXrS9HjRsjz6LM4OYDGnjOB0Ci375s4TFfxkNEqFtjD6GmaKuPbIh8leIlFDZb6P1VLmg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
cross-origin-opener-policy-report-only: restrict-properties;report-to="coop_report"
content-length: 59131
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 RC644ce76735ee4d04a83a5de238659fc2-source.min.js Show response
assets.adobedtm.com/cb3f8d042d56/2daa76811d16/697fc558228c/ 867 B
678 B 36ms
35ms Script
application/x-javascript 23.51.57.57
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/cb3f8d042d56/2daa76811d16/697fc558228c/RC644ce76735ee4d04a83a5de238659fc2-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cb3f8d042d56/2daa76811d16/launch-76e68f2dde59.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.57.57 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-57-57.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 33797800b62023f90d04fecee08d31e963558c78ebfe4a91609b4ca39d0ce003

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

cache-control: max-age=3600
timing-allow-origin: *
content-encoding: gzip
etag: "fb843bc8d9fdf1e17cba964ea51475a4:1727805707.496575"
expires: Fri, 04 Oct 2024 18:16:11 GMT
accept-ranges: bytes
access-control-allow-origin: https://www.aviva.ca
content-length: 423
date: Fri, 04 Oct 2024 17:16:11 GMT
content-type: application/x-javascript
last-modified: Tue, 01 Oct 2024 18:01:47 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
539 B 93ms
92ms Fetch
image/svg+xml 104.18.86.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202407.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

content-md5: tXyZydHjxQshFMbbBT1/8A==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 58977
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 04 Oct 2024 17:16:11 GMT
content-type: image/svg+xml
last-modified: Thu, 03 Oct 2024 19:22:47 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: eb07cccc-601e-00db-04f7-15375c000000
cf-ray: 8cd6d17dab7fac87-YYZ
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 aviva_logo_white_bg_140x50._v2.png
cdn.cookielaw.org/logos/5f4e30eb-4e49-40d1-b745-d29c24e0b29f/4cc38684-ccb3-4465-82bf-13e51b3031fc/5aa7014f-e06a-475a-b26f-631558064085/ 4 KB
4 KB 36ms
34ms Image
mage/png 104.18.86.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/5f4e30eb-4e49-40d1-b745-d29c24e0b29f/4cc38684-ccb3-4465-82bf-13e51b3031fc/5aa7014f-e06a-475a-b26f-631558064085/aviva_logo_white_bg_140x50._v2.png

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a07c979e9c0f6b9a5b1edcd198b9eda289e954533d9af5efb5036823fb07eb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

content-md5: 1FQVpBRCOy8vnnSZSi0A1Q==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DC2D7D3F140CD2
age: 61446
cf-cache-status: HIT
x-content-type-options: nosniff
date: Fri, 04 Oct 2024 17:16:11 GMT
content-type: mage/png
last-modified: Wed, 14 Feb 2024 16:51:53 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 44536c02-501e-0032-65ba-9439f4000000
cf-ray: 8cd6d17dc95739e1-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4191
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 34ms
33ms Image
image/svg+xml 104.18.86.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

content-md5: Y+c301RBZNK39PvKQWrIBw==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 42526
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 04 Oct 2024 17:16:11 GMT
content-type: image/svg+xml
last-modified: Thu, 03 Oct 2024 19:22:48 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: b155f26a-401e-0083-64cf-153327000000
cf-ray: 8cd6d17dc95839e1-YYZ
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 require.js Show response
cdn.aviva.com/static/core/v.3.3.0/js//vendor/core/ 17 KB
6 KB 95ms
94ms Script
application/x-javascript 23.204.18.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/js//vendor/core/require.js

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/etc/designs/aviva/clientlibs/uk/init.js?v=2024.09.05-2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.204.18.149 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-204-18-149.deploy.static.akamaitechnologies.com

Software

Resource Hash

434eaf54c6a1bf62181a2f7a37f5f2539f60d116dcf9a0e4bbcb732688965138

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
content-encoding: gzip
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Sun, 03 Nov 2024 17:16:11 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6420
date: Fri, 04 Oct 2024 17:16:11 GMT
content-type: application/x-javascript
last-modified: Mon, 24 May 2021 15:46:45 GMT
vary: Accept-Encoding

GET
H3 200 217092132896024 Show response
connect.facebook.net/signals/config/ 76 KB
16 KB 38ms
38ms Script
application/x-javascript 31.13.71.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/217092132896024?v=2.9.170&r=stable&domain=www.aviva.ca&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C82%2C87%2C47%2C46%2C86%2C37%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-lga3.fbcdn.net

Software

Resource Hash

beef454e4af0aee49ec7c226a380b34d1a7540c58bc88bf2113d97054921d631

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'unsafe-inline' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
edge-control: cache-maxage=10m
date: Fri, 04 Oct 2024 17:16:11 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=31, rtx=0, c=74, mss=1232, tbw=67295, tp=62, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: X1NQOcj2YKF6C5ATaWS7IRIGaF8EP4hj3c4+0sfI/wwqCkk3+vjxlYI0yXBhHkEd2+1Pt6tP2y0RwQe7BDW4jg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 15748
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 main.js Show response
cdn.aviva.com/static/core/v.3.3.0/js/ 3 KB
2 KB 142ms
142ms Script
application/x-javascript 23.204.18.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/js/main.js

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/js//vendor/core/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.204.18.149 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-204-18-149.deploy.static.akamaitechnologies.com

Software

Resource Hash

9c1cc3bc24ad3b897132b6891f3f119c44b9198aa893a971e56195bc21325b3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
content-encoding: gzip
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Sun, 03 Nov 2024 17:16:12 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1365
date: Fri, 04 Oct 2024 17:16:12 GMT
content-type: application/x-javascript
last-modified: Mon, 24 May 2021 15:46:45 GMT
vary: Accept-Encoding

GET
H2 200 jquery-3-7-0-min.js Show response
www.aviva.ca/etc/designs/aviva/clientlibs/uk/ 85 KB
31 KB 125ms
125ms Script
text/javascript 104.71.191.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aviva.ca/etc/designs/aviva/clientlibs/uk/jquery-3-7-0-min.js

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/js//vendor/core/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.191.34 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-71-191-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

8f764efbb2cdb303e3019325d811225ead27d656f8b40390de427db1415dc56a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .aviva.ca .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com .pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' .aviva.ca cdn.aviva.com .adobedtm.com .amazon.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com .cookielaw.org ajax.aspnetcdn.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com fonts.googleapis.com; connect-src 'self' .amazon.com cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .cookielaw.org .linkedin.com .reddit.com .redditstatic.com .onetrust.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .amazon .aviva.ca .pardot.com; frame-ancestors https://.aviva.ca
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/

Response headers

content-encoding: gzip
etag: W/"155a5-6216a1936be17"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Fri, 04 Oct 2024 17:16:22 GMT
date: Fri, 04 Oct 2024 17:16:12 GMT
last-modified: Fri, 06 Sep 2024 02:23:53 GMT
content-type: text/javascript
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.aviva.ca *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com *.pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' *.aviva.ca cdn.aviva.com *.adobedtm.com *.amazon.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com *.cookielaw.org ajax.aspnetcdn.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com fonts.googleapis.com; connect-src 'self' *.amazon.com cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.cookielaw.org *.linkedin.com *.reddit.com *.redditstatic.com *.onetrust.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.amazon *.aviva.ca *.pardot.com; frame-ancestors https://*.aviva.ca
cache-control: max-age=10
accept-ranges: bytes
content-length: 30383
x-xss-protection: 1; mode=block

POST
H2 200 pixel_73b3b4bf Show response
www.aviva.ca/akam/13/ 0
591 B 54ms
51ms XHR
text/html 104.71.191.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aviva.ca/akam/13/pixel_73b3b4bf

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/akam/13/73b3b4bf

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.191.34 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-71-191-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://www.aviva.ca/en/

Response headers

strict-transport-security: max-age=31536000
content-length: 0
date: Fri, 04 Oct 2024 17:16:12 GMT
content-type: text/html

GET
H2 200 sourcesanspro-semibold-webfont-base.woff2
cdn.aviva.com/static/core/v.4.13.0/fonts/ 21 KB
22 KB 81ms
79ms Font
font/woff2 23.204.18.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.aviva.com/static/core/v.4.13.0/fonts/sourcesanspro-semibold-webfont-base.woff2

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/etc/designs/aviva/clientlibs/uk/global-overrides.css?v=2024.09.05-2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.204.18.149 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-204-18-149.deploy.static.akamaitechnologies.com

Software

Resource Hash

e0e26e82b402f297de0f13cdfe66c5de1a5559add19442dd26790cb9f00a8cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.aviva.ca
Referer: https://www.aviva.ca/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
etag: "53cb2e671d745cb67e65ee87e2123733:1621871240.776168"
expires: Sun, 03 Nov 2024 17:16:12 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 21988
date: Fri, 04 Oct 2024 17:16:12 GMT
content-type: font/woff2
last-modified: Mon, 24 May 2021 15:47:20 GMT

GET
H2 200 sourcesanspro-light-webfont-base.woff2
cdn.aviva.com/static/core/v.4.13.0/fonts/ 21 KB
22 KB 89ms
88ms Font
font/woff2 23.204.18.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.aviva.com/static/core/v.4.13.0/fonts/sourcesanspro-light-webfont-base.woff2

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/etc/designs/aviva/clientlibs/uk/global-overrides.css?v=2024.09.05-2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.204.18.149 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-204-18-149.deploy.static.akamaitechnologies.com

Software

Resource Hash

12c10e573781b8bd6a19e60bb756ea0dcc768eca8a7e256384bd5fbe29a61e0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.aviva.ca
Referer: https://www.aviva.ca/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
etag: "53cb2e671d745cb67e65ee87e2123733:1621871240.776168"
expires: Sun, 03 Nov 2024 17:16:12 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 21828
date: Fri, 04 Oct 2024 17:16:12 GMT
content-type: font/woff2
last-modified: Mon, 24 May 2021 15:47:20 GMT

GET
H2 200 sourcesanspro-semibold-webfont-extra.woff2
cdn.aviva.com/static/core/v.4.13.0/fonts/ 11 KB
11 KB 98ms
97ms Font
font/woff2 23.204.18.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.aviva.com/static/core/v.4.13.0/fonts/sourcesanspro-semibold-webfont-extra.woff2

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/etc/designs/aviva/clientlibs/uk/global-overrides.css?v=2024.09.05-2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.204.18.149 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-204-18-149.deploy.static.akamaitechnologies.com

Software

Resource Hash

7c0125bce106a77c7da7eecfe0dd98047848068e9b2799420bac2fda09495456

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.aviva.ca
Referer: https://www.aviva.ca/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
etag: "53cb2e671d745cb67e65ee87e2123733:1621871240.776168"
expires: Sun, 03 Nov 2024 17:16:12 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 11280
date: Fri, 04 Oct 2024 17:16:12 GMT
content-type: font/woff2
last-modified: Mon, 24 May 2021 15:47:20 GMT

GET
H2 200 sourcesanspro-regular-webfont-extra.woff2
cdn.aviva.com/static/core/v.4.13.0/fonts/ 11 KB
11 KB 103ms
102ms Font
font/woff2 23.204.18.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.aviva.com/static/core/v.4.13.0/fonts/sourcesanspro-regular-webfont-extra.woff2

Requested by

Host: www.aviva.ca
URL: https://www.aviva.ca/etc/designs/aviva/clientlibs/uk/global-overrides.css?v=2024.09.05-2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.204.18.149 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-204-18-149.deploy.static.akamaitechnologies.com

Software

Resource Hash

29a7b39128e58a5b560363255f9dc14f5563833a4b8331c4df438b05dc0504bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.aviva.ca
Referer: https://www.aviva.ca/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
etag: "53cb2e671d745cb67e65ee87e2123733:1621871240.776168"
expires: Sun, 03 Nov 2024 17:16:12 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 11380
date: Fri, 04 Oct 2024 17:16:12 GMT
content-type: font/woff2
last-modified: Mon, 24 May 2021 15:47:20 GMT

GET
H2 200 block.js Show response
cdn.aviva.com/static/core/v.3.3.0/js/ 339 B
472 B 186ms
186ms Script
application/x-javascript 23.204.18.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/js/block.js

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/js//vendor/core/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.204.18.149 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-204-18-149.deploy.static.akamaitechnologies.com

Software

Resource Hash

2448cbe428e1386ca469f3d900acab696f77d8cf70ed410b0dec8012dc33a7d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
content-encoding: gzip
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Sun, 03 Nov 2024 17:16:12 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 248
date: Fri, 04 Oct 2024 17:16:12 GMT
content-type: application/x-javascript
last-modified: Mon, 24 May 2021 15:46:45 GMT
vary: Accept-Encoding

GET
H2 200 RC84ced9589a4b43708482e2d841cd98e4-source.min.js Show response
assets.adobedtm.com/cb3f8d042d56/2daa76811d16/697fc558228c/ 813 B
701 B 34ms
34ms Script
application/x-javascript 23.51.57.57
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/cb3f8d042d56/2daa76811d16/697fc558228c/RC84ced9589a4b43708482e2d841cd98e4-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cb3f8d042d56/2daa76811d16/launch-76e68f2dde59.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.57.57 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-57-57.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9387c06fc18f94fe9d7bf799a3026e1be9258ecbb6ae16c398ee9f51c6663a48

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

cache-control: max-age=3600
timing-allow-origin: *
content-encoding: gzip
etag: "fb843bc8d9fdf1e17cba964ea51475a4:1727805707.496575"
expires: Fri, 04 Oct 2024 18:16:12 GMT
accept-ranges: bytes
access-control-allow-origin: https://www.aviva.ca
content-length: 446
date: Fri, 04 Oct 2024 17:16:12 GMT
content-type: application/x-javascript
last-modified: Tue, 01 Oct 2024 18:01:47 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

GET
H2 200 favicon.ico
www.aviva.ca/etc/designs/aviva-public/images/ 3 KB
2 KB 232ms
231ms Other
image/vnd.microsoft.icon 104.71.191.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aviva.ca/etc/designs/aviva-public/images/favicon.ico?v=2021.02.19

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.191.34 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-71-191-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

1e32181093bb9e29c8fc35663d11d42f4f71a8d98c2606d9e0d844aa479986ba

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .aviva.ca .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com .pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' .aviva.ca cdn.aviva.com .adobedtm.com .amazon.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com .cookielaw.org ajax.aspnetcdn.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com fonts.googleapis.com; connect-src 'self' .amazon.com cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .cookielaw.org .linkedin.com .reddit.com .redditstatic.com .onetrust.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .amazon .aviva.ca .pardot.com; frame-ancestors https://.aviva.ca
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.aviva.ca *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com *.pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' *.aviva.ca cdn.aviva.com *.adobedtm.com *.amazon.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com *.cookielaw.org ajax.aspnetcdn.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com fonts.googleapis.com; connect-src 'self' *.amazon.com cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.cookielaw.org *.linkedin.com *.reddit.com *.redditstatic.com *.onetrust.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.amazon *.aviva.ca *.pardot.com; frame-ancestors https://*.aviva.ca
content-encoding: gzip
etag: "cbe-6216a180dda7c"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 507
x-xss-protection: 1; mode=block
date: Fri, 04 Oct 2024 17:16:12 GMT
last-modified: Fri, 06 Sep 2024 02:23:34 GMT
content-type: image/vnd.microsoft.icon
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 o-masthead.js Show response
www.aviva.ca/etc/designs/aviva/clientlibs/uk/override/ 50 KB
10 KB 166ms
164ms Script
text/javascript 104.71.191.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aviva.ca/etc/designs/aviva/clientlibs/uk/override/o-masthead.js

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/js//vendor/core/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.191.34 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-71-191-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

02f9a50da41909a431c5a6bc0136dfdb864d15395b950e7debd00e677dac71bd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .aviva.ca .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com .pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' .aviva.ca cdn.aviva.com .adobedtm.com .amazon.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com .cookielaw.org ajax.aspnetcdn.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com fonts.googleapis.com; connect-src 'self' .amazon.com cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .cookielaw.org .linkedin.com .reddit.com .redditstatic.com .onetrust.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .amazon .aviva.ca .pardot.com; frame-ancestors https://.aviva.ca
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/

Response headers

content-encoding: gzip
etag: W/"c675-6216a272725dd"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Fri, 04 Oct 2024 17:16:58 GMT
date: Fri, 04 Oct 2024 17:16:12 GMT
last-modified: Fri, 06 Sep 2024 02:27:47 GMT
content-type: text/javascript
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.aviva.ca *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com *.pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' *.aviva.ca cdn.aviva.com *.adobedtm.com *.amazon.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com *.cookielaw.org ajax.aspnetcdn.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com fonts.googleapis.com; connect-src 'self' *.amazon.com cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.cookielaw.org *.linkedin.com *.reddit.com *.redditstatic.com *.onetrust.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.amazon *.aviva.ca *.pardot.com; frame-ancestors https://*.aviva.ca
cache-control: max-age=46
accept-ranges: bytes
content-length: 8534
x-xss-protection: 1; mode=block

GET
H2 200 m-card-close.js Show response
cdn.aviva.com/static/core/v.3.3.0/js/blocks/ 552 B
591 B 148ms
145ms Script
application/x-javascript 23.204.18.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/js/blocks/m-card-close.js

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/js//vendor/core/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.204.18.149 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-204-18-149.deploy.static.akamaitechnologies.com

Software

Resource Hash

738291574dbf7f2fec2f648b5ac9ca4ab1948c5842009d61ceb2c7667df9a843

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
content-encoding: gzip
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Sun, 03 Nov 2024 17:16:12 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 367
date: Fri, 04 Oct 2024 17:16:12 GMT
content-type: application/x-javascript
last-modified: Mon, 24 May 2021 15:46:45 GMT
vary: Accept-Encoding

GET
H2 200 objectfit.js Show response
cdn.aviva.com/static/core/v.3.3.0/js/blocks/ 814 B
648 B 148ms
146ms Script
application/x-javascript 23.204.18.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/js/blocks/objectfit.js

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/js//vendor/core/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.204.18.149 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-204-18-149.deploy.static.akamaitechnologies.com

Software

Resource Hash

1d7054e43ce8b91430289349c993e84d41a8e0a7b60af38e7299524dab742785

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
content-encoding: gzip
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Sun, 03 Nov 2024 17:16:12 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 424
date: Fri, 04 Oct 2024 17:16:12 GMT
content-type: application/x-javascript
last-modified: Mon, 24 May 2021 15:46:45 GMT
vary: Accept-Encoding

GET
H2 200 o-card-carousel.js Show response
cdn.aviva.com/static/core/v.3.3.0/js/blocks/ 2 KB
941 B 149ms
147ms Script
application/x-javascript 23.204.18.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/js/blocks/o-card-carousel.js

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/js//vendor/core/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.204.18.149 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-204-18-149.deploy.static.akamaitechnologies.com

Software

Resource Hash

74ede2cbbd2726a3816d75cdf7d0f8f9a7491082b6c835941944f7d32432a6c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
content-encoding: gzip
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Sun, 03 Nov 2024 17:16:12 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 717
date: Fri, 04 Oct 2024 17:16:12 GMT
content-type: application/x-javascript
last-modified: Mon, 24 May 2021 15:46:45 GMT
vary: Accept-Encoding

GET
H2 200 o-contextual-help.js Show response
www.aviva.ca/etc/designs/aviva/clientlibs/uk/override/ 7 KB
3 KB 130ms
128ms Script
text/javascript 104.71.191.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aviva.ca/etc/designs/aviva/clientlibs/uk/override/o-contextual-help.js

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/js//vendor/core/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.191.34 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-71-191-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

1a810ac14d8e0dae13acf91c70a26e73ccb511002bebe7b63b084d00fd4e3c47

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .aviva.ca .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com .pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' .aviva.ca cdn.aviva.com .adobedtm.com .amazon.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com .cookielaw.org ajax.aspnetcdn.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com fonts.googleapis.com; connect-src 'self' .amazon.com cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .cookielaw.org .linkedin.com .reddit.com .redditstatic.com .onetrust.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .amazon .aviva.ca .pardot.com; frame-ancestors https://.aviva.ca
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/

Response headers

content-encoding: gzip
etag: W/"1ca0-6216a19bca8f7"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Fri, 04 Oct 2024 17:16:28 GMT
date: Fri, 04 Oct 2024 17:16:12 GMT
last-modified: Fri, 06 Sep 2024 02:24:02 GMT
content-type: text/javascript
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.aviva.ca *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com *.pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' *.aviva.ca cdn.aviva.com *.adobedtm.com *.amazon.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com *.cookielaw.org ajax.aspnetcdn.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com fonts.googleapis.com; connect-src 'self' *.amazon.com cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.cookielaw.org *.linkedin.com *.reddit.com *.redditstatic.com *.onetrust.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.amazon *.aviva.ca *.pardot.com; frame-ancestors https://*.aviva.ca
cache-control: max-age=16
accept-ranges: bytes
content-length: 1514
x-xss-protection: 1; mode=block

GET
H2 200 a-list-faq.js Show response
cdn.aviva.com/static/core/v.3.3.0/js/blocks/ 1 KB
851 B 149ms
147ms Script
application/x-javascript 23.204.18.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/js/blocks/a-list-faq.js

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/js//vendor/core/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.204.18.149 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-204-18-149.deploy.static.akamaitechnologies.com

Software

Resource Hash

f7a9dddbab17c79dd6fb4a621cd7b6e0bc7c1c913ae819c377afa60bff47414b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
content-encoding: gzip
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Sun, 03 Nov 2024 17:16:12 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 627
date: Fri, 04 Oct 2024 17:16:12 GMT
content-type: application/x-javascript
last-modified: Mon, 24 May 2021 15:46:45 GMT
vary: Accept-Encoding

GET
H2 200 m-radio-segmented.js Show response
cdn.aviva.com/static/core/v.3.3.0/js/blocks/ 2 KB
1 KB 148ms
147ms Script
application/x-javascript 23.204.18.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/js/blocks/m-radio-segmented.js

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/js//vendor/core/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.204.18.149 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-204-18-149.deploy.static.akamaitechnologies.com

Software

Resource Hash

0643c0278a85f07f8db35b9dca1a3cf925b07023e0446b4d943526993a64e840

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
content-encoding: gzip
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Sun, 03 Nov 2024 17:16:12 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 854
date: Fri, 04 Oct 2024 17:16:12 GMT
content-type: application/x-javascript
last-modified: Mon, 24 May 2021 15:46:45 GMT
vary: Accept-Encoding

GET
H2 200 main.js Show response
www.aviva.ca/etc/designs/aviva-public/1.49.2/js/ 13 KB
4 KB 164ms
163ms Script
text/javascript 104.71.191.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aviva.ca/etc/designs/aviva-public/1.49.2/js/main.js?v=2024.09.05-2

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/js//vendor/core/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.191.34 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-71-191-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

7781eee45114653568143bda6a3ce08548251992d086e76f44706650668aaf2f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .aviva.ca .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com .pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' .aviva.ca cdn.aviva.com .adobedtm.com .amazon.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com .cookielaw.org ajax.aspnetcdn.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com fonts.googleapis.com; connect-src 'self' .amazon.com cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .cookielaw.org .linkedin.com .reddit.com .redditstatic.com .onetrust.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .amazon .aviva.ca .pardot.com; frame-ancestors https://.aviva.ca
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/

Response headers

content-encoding: gzip
etag: W/"3488-6216a193acb47"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Fri, 04 Oct 2024 17:16:20 GMT
date: Fri, 04 Oct 2024 17:16:12 GMT
last-modified: Fri, 06 Sep 2024 02:23:53 GMT
content-type: text/javascript
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.aviva.ca *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com *.pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' *.aviva.ca cdn.aviva.com *.adobedtm.com *.amazon.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com *.cookielaw.org ajax.aspnetcdn.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com fonts.googleapis.com; connect-src 'self' *.amazon.com cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.cookielaw.org *.linkedin.com *.reddit.com *.redditstatic.com *.onetrust.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.amazon *.aviva.ca *.pardot.com; frame-ancestors https://*.aviva.ca
cache-control: max-age=8
accept-ranges: bytes
content-length: 2481
x-xss-protection: 1; mode=block

GET
H2 200 o-modal.js Show response
www.aviva.ca/etc/designs/aviva/clientlibs/uk/override/ 14 KB
5 KB 161ms
161ms Script
text/javascript 104.71.191.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aviva.ca/etc/designs/aviva/clientlibs/uk/override/o-modal.js

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/js//vendor/core/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.191.34 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-71-191-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

8cfa5486c54ca27001dcd80bf8db28e1eef38e0985748dd54d24655f17258fc5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .aviva.ca .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com .pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' .aviva.ca cdn.aviva.com .adobedtm.com .amazon.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com .cookielaw.org ajax.aspnetcdn.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com fonts.googleapis.com; connect-src 'self' .amazon.com cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .cookielaw.org .linkedin.com .reddit.com .redditstatic.com .onetrust.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .amazon .aviva.ca .pardot.com; frame-ancestors https://.aviva.ca
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/

Response headers

content-encoding: gzip
etag: W/"3876-6216a2401d403"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Fri, 04 Oct 2024 17:17:00 GMT
date: Fri, 04 Oct 2024 17:16:12 GMT
last-modified: Fri, 06 Sep 2024 02:26:54 GMT
vary: Accept-Encoding
content-type: text/javascript
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.aviva.ca *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com *.pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' *.aviva.ca cdn.aviva.com *.adobedtm.com *.amazon.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com *.cookielaw.org ajax.aspnetcdn.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com fonts.googleapis.com; connect-src 'self' *.amazon.com cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.cookielaw.org *.linkedin.com *.reddit.com *.redditstatic.com *.onetrust.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.amazon *.aviva.ca *.pardot.com; frame-ancestors https://*.aviva.ca
cache-control: max-age=48
accept-ranges: bytes
content-length: 3450
x-xss-protection: 1; mode=block
x-edgeconnect-midmile-rtt: 86
x-edgeconnect-origin-mex-latency: 105

GET
H2 200 utility.js Show response
cdn.aviva.com/static/core/v.3.3.0/js/ 2 KB
1 KB 156ms
156ms Script
application/x-javascript 23.204.18.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/js/utility.js

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/js//vendor/core/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.204.18.149 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-204-18-149.deploy.static.akamaitechnologies.com

Software

Resource Hash

0145edba7a2aebcc5d9fc32ef047a0ccc1c7cecd3609db7f7d559fe1a3e2c20e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
content-encoding: gzip
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Sun, 03 Nov 2024 17:16:12 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 860
date: Fri, 04 Oct 2024 17:16:12 GMT
content-type: application/x-javascript
last-modified: Mon, 24 May 2021 15:46:45 GMT
vary: Accept-Encoding

GET
H2 200 slick-carousel.js Show response
cdn.aviva.com/static/core/v.3.3.0/js/vendor/jquery/ 42 KB
10 KB 138ms
137ms Script
application/x-javascript 23.204.18.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/js/vendor/jquery/slick-carousel.js

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/js//vendor/core/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.204.18.149 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-204-18-149.deploy.static.akamaitechnologies.com

Software

Resource Hash

3df6c63cfbb1145cf075981f3158bb0e16ffcbc99087aaacdc58255000695f52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
content-encoding: gzip
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Sun, 03 Nov 2024 17:16:12 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 10352
date: Fri, 04 Oct 2024 17:16:12 GMT
content-type: application/x-javascript
last-modified: Mon, 24 May 2021 15:46:45 GMT
vary: Accept-Encoding

GET
H2 200 init.js Show response
www.aviva.ca/etc/designs/aviva-public/1.49.2/js/ 3 KB
2 KB 133ms
132ms Script
text/javascript 104.71.191.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aviva.ca/etc/designs/aviva-public/1.49.2/js/init.js?v=2024.09.05-2

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/js//vendor/core/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.191.34 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-71-191-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

37694ec351fb3635fe60812af0252d58d7eb81366e1769b758f32a886e819115

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .aviva.ca .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com .pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' .aviva.ca cdn.aviva.com .adobedtm.com .amazon.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com .cookielaw.org ajax.aspnetcdn.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com fonts.googleapis.com; connect-src 'self' .amazon.com cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .cookielaw.org .linkedin.com .reddit.com .redditstatic.com .onetrust.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .amazon .aviva.ca .pardot.com; frame-ancestors https://.aviva.ca
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/

Response headers

content-encoding: gzip
etag: W/"a07-6216a2068f08a"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Fri, 04 Oct 2024 17:17:04 GMT
date: Fri, 04 Oct 2024 17:16:12 GMT
last-modified: Fri, 06 Sep 2024 02:25:54 GMT
content-type: text/javascript
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.aviva.ca *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com *.pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' *.aviva.ca cdn.aviva.com *.adobedtm.com *.amazon.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com *.cookielaw.org ajax.aspnetcdn.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com fonts.googleapis.com; connect-src 'self' *.amazon.com cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.cookielaw.org *.linkedin.com *.reddit.com *.redditstatic.com *.onetrust.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.amazon *.aviva.ca *.pardot.com; frame-ancestors https://*.aviva.ca
cache-control: max-age=52
accept-ranges: bytes
content-length: 1025
x-xss-protection: 1; mode=block

GET
H2 200 arrow-down-white.svg
cdn.aviva.com/static/core/v.3.3.0/images/icons/arrows/ 270 B
437 B 148ms
148ms Image
image/svg+xml 23.204.18.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/images/icons/arrows/arrow-down-white.svg

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.204.18.149 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-204-18-149.deploy.static.akamaitechnologies.com

Software

Resource Hash

e40b6b4571c30666f6e9a6dd5f2dbd53668ec5ea006a682eaddc77ceca966d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split.css

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
content-encoding: gzip
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Sun, 03 Nov 2024 17:16:12 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 220
date: Fri, 04 Oct 2024 17:16:12 GMT
content-type: image/svg+xml
last-modified: Mon, 24 May 2021 15:46:45 GMT
vary: Accept-Encoding

GET
H2 200 arrow-down-white-small.svg
cdn.aviva.com/static/core/v.3.3.0/images/icons/arrows/ 252 B
417 B 223ms
223ms Image
image/svg+xml 23.204.18.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/images/icons/arrows/arrow-down-white-small.svg

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.204.18.149 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-204-18-149.deploy.static.akamaitechnologies.com

Software

Resource Hash

e38250a24286a63e23ee03aff600d4a35eaf6ad60205aa358514c6f61a5f5969

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split.css

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
content-encoding: gzip
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Sun, 03 Nov 2024 17:16:12 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 200
date: Fri, 04 Oct 2024 17:16:12 GMT
content-type: image/svg+xml
last-modified: Mon, 24 May 2021 15:46:45 GMT
vary: Accept-Encoding

GET
H2 200 bowser-1.4.3.min.js Show response
www.aviva.ca/etc/designs/aviva-public/vendor/js/core/ 6 KB
4 KB 135ms
135ms Script
text/javascript 104.71.191.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aviva.ca/etc/designs/aviva-public/vendor/js/core/bowser-1.4.3.min.js

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/js//vendor/core/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.191.34 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-71-191-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

6cedbfc0180bcd3e6e9f116e59151ea35dd68f444a05b9a8fedbae7f2efbed4e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .aviva.ca .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com .pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' .aviva.ca cdn.aviva.com .adobedtm.com .amazon.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com .cookielaw.org ajax.aspnetcdn.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com fonts.googleapis.com; connect-src 'self' .amazon.com cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .cookielaw.org .linkedin.com .reddit.com .redditstatic.com .onetrust.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .amazon .aviva.ca .pardot.com; frame-ancestors https://.aviva.ca
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/

Response headers

content-encoding: gzip
etag: "18ba-6216a213d63e4"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Fri, 04 Oct 2024 17:16:27 GMT
date: Fri, 04 Oct 2024 17:16:12 GMT
last-modified: Fri, 06 Sep 2024 02:26:08 GMT
content-type: text/javascript
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.aviva.ca *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com *.pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' *.aviva.ca cdn.aviva.com *.adobedtm.com *.amazon.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com *.cookielaw.org ajax.aspnetcdn.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com fonts.googleapis.com; connect-src 'self' *.amazon.com cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.cookielaw.org *.linkedin.com *.reddit.com *.redditstatic.com *.onetrust.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.amazon *.aviva.ca *.pardot.com; frame-ancestors https://*.aviva.ca
cache-control: max-age=15
accept-ranges: bytes
content-length: 2307
x-xss-protection: 1; mode=block

GET
H2 200 picturePolyfill.js Show response
www.aviva.ca/etc/designs/aviva-public/1.49.2/js/util/ 1 KB
2 KB 139ms
138ms Script
text/javascript 104.71.191.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aviva.ca/etc/designs/aviva-public/1.49.2/js/util/picturePolyfill.js

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/js//vendor/core/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.191.34 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-71-191-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

34e7793f5c055ca5a4e464953c950d27a8adb471d65d7fba9440895bec594bb3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .aviva.ca .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com .pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' .aviva.ca cdn.aviva.com .adobedtm.com .amazon.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com .cookielaw.org ajax.aspnetcdn.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com fonts.googleapis.com; connect-src 'self' .amazon.com cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .cookielaw.org .linkedin.com .reddit.com .redditstatic.com .onetrust.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .amazon .aviva.ca .pardot.com; frame-ancestors https://.aviva.ca
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/

Response headers

content-encoding: gzip
etag: W/"4f6-6216a247cf335"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Fri, 04 Oct 2024 17:16:27 GMT
date: Fri, 04 Oct 2024 17:16:12 GMT
last-modified: Fri, 06 Sep 2024 02:27:02 GMT
vary: Accept-Encoding
content-type: text/javascript
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.aviva.ca *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com *.pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' *.aviva.ca cdn.aviva.com *.adobedtm.com *.amazon.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com *.cookielaw.org ajax.aspnetcdn.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com fonts.googleapis.com; connect-src 'self' *.amazon.com cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.cookielaw.org *.linkedin.com *.reddit.com *.redditstatic.com *.onetrust.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.amazon *.aviva.ca *.pardot.com; frame-ancestors https://*.aviva.ca
cache-control: max-age=15
accept-ranges: bytes
content-length: 532
x-xss-protection: 1; mode=block
x-edgeconnect-midmile-rtt: 0
x-edgeconnect-origin-mex-latency: 106

GET
H2 200 ajax-loader.gif
cdn.aviva.com/static/core/v.3.3.0/images/misc/ 3 KB
3 KB 110ms
110ms Image
image/gif 23.204.18.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/images/misc/ajax-loader.gif

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.204.18.149 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-204-18-149.deploy.static.akamaitechnologies.com

Software

Resource Hash

e63cccc70ce3484037496c921a5b6d3808304f74ed62985b7a40a8764104b53a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split.css

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Sun, 03 Nov 2024 17:16:12 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2642
date: Fri, 04 Oct 2024 17:16:12 GMT
content-type: image/gif
last-modified: Mon, 24 May 2021 15:46:45 GMT

GET
H2 200 arrow-left.svg
cdn.aviva.com/static/core/v.3.3.0/images/icons/arrows/ 213 B
402 B 105ms
105ms Image
image/svg+xml 23.204.18.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/images/icons/arrows/arrow-left.svg

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.204.18.149 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-204-18-149.deploy.static.akamaitechnologies.com

Software

Resource Hash

44d386a7871a2b888b1b7b280d96b6f460f7509605d7c14e9821cafa5104b990

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split.css

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
content-encoding: gzip
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Sun, 03 Nov 2024 17:16:12 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 184
date: Fri, 04 Oct 2024 17:16:12 GMT
content-type: image/svg+xml
last-modified: Mon, 24 May 2021 15:46:45 GMT
vary: Accept-Encoding

GET
H2 200 arrow-right.svg
cdn.aviva.com/static/core/v.3.3.0/images/icons/arrows/ 212 B
401 B 104ms
104ms Image
image/svg+xml 23.204.18.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/images/icons/arrows/arrow-right.svg

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.204.18.149 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-204-18-149.deploy.static.akamaitechnologies.com

Software

Resource Hash

23fa85cc8421e0c0c7a7063b0d913590903ca0816af72b8567fe24fed96e400b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split.css

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
content-encoding: gzip
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Sun, 03 Nov 2024 17:16:12 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 183
date: Fri, 04 Oct 2024 17:16:12 GMT
content-type: image/svg+xml
last-modified: Mon, 24 May 2021 15:46:45 GMT
vary: Accept-Encoding

GET
H2 200 backToTop.js Show response
www.aviva.ca/etc/designs/aviva-public/1.49.2/js/blocks/ 2 KB
2 KB 142ms
139ms Script
text/javascript 104.71.191.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aviva.ca/etc/designs/aviva-public/1.49.2/js/blocks/backToTop.js

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/js//vendor/core/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.191.34 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-71-191-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

3bb9964462e69c296ff5d3161eb547891d50aba596078f91d322e9462ae7255a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .aviva.ca .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com .pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' .aviva.ca cdn.aviva.com .adobedtm.com .amazon.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com .cookielaw.org ajax.aspnetcdn.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com fonts.googleapis.com; connect-src 'self' .amazon.com cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .cookielaw.org .linkedin.com .reddit.com .redditstatic.com .onetrust.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .amazon .aviva.ca .pardot.com; frame-ancestors https://.aviva.ca
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/

Response headers

content-encoding: gzip
etag: W/"961-6216a213ff6d3"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Fri, 04 Oct 2024 17:16:19 GMT
date: Fri, 04 Oct 2024 17:16:13 GMT
last-modified: Fri, 06 Sep 2024 02:26:08 GMT
content-type: text/javascript
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.aviva.ca *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com *.pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' *.aviva.ca cdn.aviva.com *.adobedtm.com *.amazon.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com *.cookielaw.org ajax.aspnetcdn.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com fonts.googleapis.com; connect-src 'self' *.amazon.com cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.cookielaw.org *.linkedin.com *.reddit.com *.redditstatic.com *.onetrust.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.amazon *.aviva.ca *.pardot.com; frame-ancestors https://*.aviva.ca
cache-control: max-age=6
accept-ranges: bytes
content-length: 836
x-xss-protection: 1; mode=block
x-edgeconnect-midmile-rtt: 0
x-edgeconnect-origin-mex-latency: 434

GET
H2 200 js-menu-navigation.js Show response
www.aviva.ca/etc/designs/aviva/clientlibs/uk/ 7 KB
2 KB 142ms
140ms Script
text/javascript 104.71.191.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aviva.ca/etc/designs/aviva/clientlibs/uk/js-menu-navigation.js?v=2024.09.05-2

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/js//vendor/core/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.191.34 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-71-191-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

3b76e6afc9102159ecf5df56dd8e130db4a174feadfdcd15ef43c09b2d93d01a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .aviva.ca .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com .pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' .aviva.ca cdn.aviva.com .adobedtm.com .amazon.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com .cookielaw.org ajax.aspnetcdn.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com fonts.googleapis.com; connect-src 'self' .amazon.com cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .cookielaw.org .linkedin.com .reddit.com .redditstatic.com .onetrust.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .amazon .aviva.ca .pardot.com; frame-ancestors https://.aviva.ca
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/

Response headers

content-encoding: gzip
etag: W/"1a58-6216a1df7910f"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Fri, 04 Oct 2024 17:16:41 GMT
date: Fri, 04 Oct 2024 17:16:13 GMT
last-modified: Fri, 06 Sep 2024 02:25:13 GMT
content-type: text/javascript
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.aviva.ca *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com *.pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' *.aviva.ca cdn.aviva.com *.adobedtm.com *.amazon.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com *.cookielaw.org ajax.aspnetcdn.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com fonts.googleapis.com; connect-src 'self' *.amazon.com cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.cookielaw.org *.linkedin.com *.reddit.com *.redditstatic.com *.onetrust.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.amazon *.aviva.ca *.pardot.com; frame-ancestors https://*.aviva.ca
cache-control: max-age=28
accept-ranges: bytes
content-length: 1208
x-xss-protection: 1; mode=block

GET
H2 200 country-language-selector-extension.js Show response
www.aviva.ca/etc/designs/aviva-public/1.49.2/js/blocks/ 3 KB
2 KB 144ms
143ms Script
text/javascript 104.71.191.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aviva.ca/etc/designs/aviva-public/1.49.2/js/blocks/country-language-selector-extension.js

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/js//vendor/core/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.191.34 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-71-191-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

8f966ad65314fe674f8ccd3e49ce614a30da7e3ad11dea7ee700669efa7c951a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .aviva.ca .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com .pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' .aviva.ca cdn.aviva.com .adobedtm.com .amazon.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com .cookielaw.org ajax.aspnetcdn.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com fonts.googleapis.com; connect-src 'self' .amazon.com cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .cookielaw.org .linkedin.com .reddit.com .redditstatic.com .onetrust.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .amazon .aviva.ca .pardot.com; frame-ancestors https://.aviva.ca
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/

Response headers

content-encoding: gzip
etag: "ad0-6216a19caed7c"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Fri, 04 Oct 2024 17:16:23 GMT
date: Fri, 04 Oct 2024 17:16:13 GMT
last-modified: Fri, 06 Sep 2024 02:24:03 GMT
content-type: text/javascript
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.aviva.ca *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com *.pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' *.aviva.ca cdn.aviva.com *.adobedtm.com *.amazon.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com *.cookielaw.org ajax.aspnetcdn.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com fonts.googleapis.com; connect-src 'self' *.amazon.com cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.cookielaw.org *.linkedin.com *.reddit.com *.redditstatic.com *.onetrust.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.amazon *.aviva.ca *.pardot.com; frame-ancestors https://*.aviva.ca
cache-control: max-age=10
accept-ranges: bytes
content-length: 972
x-xss-protection: 1; mode=block

GET
H2 200 emergency-notification-block.js Show response
www.aviva.ca/etc/designs/aviva-public/1.49.2/js/blocks/ 2 KB
2 KB 142ms
141ms Script
text/javascript 104.71.191.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aviva.ca/etc/designs/aviva-public/1.49.2/js/blocks/emergency-notification-block.js

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/js//vendor/core/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.191.34 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-71-191-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

7783e3333d27cec324d28862daf75cc7dcc76ce0aab9526ed63b46cb48a65760

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .aviva.ca .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com .pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' .aviva.ca cdn.aviva.com .adobedtm.com .amazon.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com .cookielaw.org ajax.aspnetcdn.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com fonts.googleapis.com; connect-src 'self' .amazon.com cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .cookielaw.org .linkedin.com .reddit.com .redditstatic.com .onetrust.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .amazon .aviva.ca .pardot.com; frame-ancestors https://.aviva.ca
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/

Response headers

content-encoding: gzip
etag: "63a-6216a1eaa60aa"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Fri, 04 Oct 2024 17:16:25 GMT
date: Fri, 04 Oct 2024 17:16:13 GMT
last-modified: Fri, 06 Sep 2024 02:25:24 GMT
content-type: text/javascript
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.aviva.ca *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com *.pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' *.aviva.ca cdn.aviva.com *.adobedtm.com *.amazon.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com *.cookielaw.org ajax.aspnetcdn.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com fonts.googleapis.com; connect-src 'self' *.amazon.com cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.cookielaw.org *.linkedin.com *.reddit.com *.redditstatic.com *.onetrust.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.amazon *.aviva.ca *.pardot.com; frame-ancestors https://*.aviva.ca
cache-control: max-age=12
accept-ranges: bytes
content-length: 619
x-xss-protection: 1; mode=block

GET
H2 200 avivaModals.js Show response
www.aviva.ca/etc/designs/aviva/clientlibs/uk/ 21 KB
6 KB 142ms
142ms Script
text/javascript 104.71.191.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aviva.ca/etc/designs/aviva/clientlibs/uk/avivaModals.js?v=2024.09.05-2

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/js//vendor/core/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.191.34 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-71-191-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

f4c3223d8ff34087d49e086e3972d0f3c2184c15644d583b802ed6d020345045

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .aviva.ca .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com .pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' .aviva.ca cdn.aviva.com .adobedtm.com .amazon.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com .cookielaw.org ajax.aspnetcdn.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com fonts.googleapis.com; connect-src 'self' .amazon.com cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .cookielaw.org .linkedin.com .reddit.com .redditstatic.com .onetrust.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .amazon .aviva.ca .pardot.com; frame-ancestors https://.aviva.ca
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/

Response headers

content-encoding: gzip
etag: W/"533d-6216a1df8ae3a"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Fri, 04 Oct 2024 17:16:21 GMT
date: Fri, 04 Oct 2024 17:16:13 GMT
last-modified: Fri, 06 Sep 2024 02:25:13 GMT
content-type: text/javascript
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.aviva.ca *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com *.pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' *.aviva.ca cdn.aviva.com *.adobedtm.com *.amazon.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com *.cookielaw.org ajax.aspnetcdn.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com fonts.googleapis.com; connect-src 'self' *.amazon.com cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.cookielaw.org *.linkedin.com *.reddit.com *.redditstatic.com *.onetrust.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.amazon *.aviva.ca *.pardot.com; frame-ancestors https://*.aviva.ca
cache-control: max-age=8
accept-ranges: bytes
content-length: 4473
x-xss-protection: 1; mode=block

GET
H2 200 cookie.js Show response
www.aviva.ca/etc/designs/aviva-public/1.49.2/js/util/ 914 B
2 KB 136ms
135ms Script
text/javascript 104.71.191.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aviva.ca/etc/designs/aviva-public/1.49.2/js/util/cookie.js

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/js//vendor/core/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.191.34 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-71-191-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

a138711e3fd6ba8d769df39ce01fbb26e6b32677ea84d5990a54638824266205

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .aviva.ca .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com .pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' .aviva.ca cdn.aviva.com .adobedtm.com .amazon.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com .cookielaw.org ajax.aspnetcdn.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com fonts.googleapis.com; connect-src 'self' .amazon.com cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .cookielaw.org .linkedin.com .reddit.com .redditstatic.com .onetrust.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .amazon .aviva.ca .pardot.com; frame-ancestors https://.aviva.ca
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/

Response headers

content-encoding: gzip
etag: W/"392-6216a1655e80c"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Fri, 04 Oct 2024 17:16:22 GMT
date: Fri, 04 Oct 2024 17:16:13 GMT
last-modified: Fri, 06 Sep 2024 02:23:05 GMT
content-type: text/javascript
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.aviva.ca *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com *.pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' *.aviva.ca cdn.aviva.com *.adobedtm.com *.amazon.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com *.cookielaw.org ajax.aspnetcdn.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com fonts.googleapis.com; connect-src 'self' *.amazon.com cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.cookielaw.org *.linkedin.com *.reddit.com *.redditstatic.com *.onetrust.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.amazon *.aviva.ca *.pardot.com; frame-ancestors https://*.aviva.ca
cache-control: max-age=9
accept-ranges: bytes
content-length: 403
x-xss-protection: 1; mode=block

GET
H2 200 js.cookie.js Show response
www.aviva.ca/etc/designs/aviva/clientlibs/uk/ 5 KB
3 KB 140ms
140ms Script
text/javascript 104.71.191.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aviva.ca/etc/designs/aviva/clientlibs/uk/js.cookie.js

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/js//vendor/core/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.191.34 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-71-191-34.deploy.static.akamaitechnologies.com

Software

Resource Hash

520092d1701ff382044e9cf69851a8c2396850f86ad3240af79ec00d4aa663e0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .aviva.ca .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com .pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' .aviva.ca cdn.aviva.com .adobedtm.com .amazon.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com .cookielaw.org ajax.aspnetcdn.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com fonts.googleapis.com; connect-src 'self' .amazon.com cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .cookielaw.org .linkedin.com .reddit.com .redditstatic.com .onetrust.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .amazon .aviva.ca .pardot.com; frame-ancestors https://.aviva.ca
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/en/

Response headers

content-encoding: gzip
etag: "147e-6216a1940b8e6"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Fri, 04 Oct 2024 17:16:22 GMT
date: Fri, 04 Oct 2024 17:16:13 GMT
last-modified: Fri, 06 Sep 2024 02:23:54 GMT
content-type: text/javascript
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' *.aviva.ca *.five9.com *.facebook.com *.doubleclick.net *.youtube.com *.moneris.com *.google.com *.demdex.net *.appliedsystems.com *.pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' *.aviva.ca cdn.aviva.com *.adobedtm.com *.amazon.com *.google-analytics.com *.facebook.net *.googletagmanager.com *.bing.com *.googleadservices.com *.invocacdn.com *.marketo.net *.doubleclick.net *.google.com *.moneris.com *.gstatic.com *.five9.com *.clarity.ms *.clearbitjs.com *.acuityplatform.com *.stackadapt.com *.licdn.com *.youtube.com *.cookielaw.org ajax.aspnetcdn.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' *.five9.com *.stackadapt.com fonts.googleapis.com; connect-src 'self' *.amazon.com cdn.aviva.com *.mktoresp.com *.google.com *.google-analytics.com *.bing.com *.doubleclick.net *.google.ca *.demdex.net avivacanada.tt.omtrdc.net *.stackadapt.com *.oribi.io *.cookielaw.org *.linkedin.com *.reddit.com *.redditstatic.com *.onetrust.com *.pinterest.com *.teads.tv *.pinimg.com *.amazon-adsystem.com *.redditstatic.com *.amazon *.aviva.ca *.pardot.com; frame-ancestors https://*.aviva.ca
cache-control: max-age=9
accept-ranges: bytes
content-length: 1545
x-xss-protection: 1; mode=block

GET
H2 200 notification-warning.svg
cdn.aviva.com/static/core/v.3.3.0/images/icons/ 415 B
497 B 182ms
180ms Image
image/svg+xml 23.204.18.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/images/icons/notification-warning.svg

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.204.18.149 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-204-18-149.deploy.static.akamaitechnologies.com

Software

Resource Hash

264db88e12581e8eb6af909d3c36af1c0016963a80363a0ef2cbf7e45958bb94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split.css

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
content-encoding: gzip
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Sun, 03 Nov 2024 17:16:13 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 280
date: Fri, 04 Oct 2024 17:16:13 GMT
content-type: image/svg+xml
last-modified: Mon, 24 May 2021 15:46:45 GMT
vary: Accept-Encoding

GET
H2 200 cross-grey.svg
cdn.aviva.com/static/core/v.3.3.0/images/icons/ 238 B
409 B 181ms
180ms Image
image/svg+xml 23.204.18.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/images/icons/cross-grey.svg

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.204.18.149 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-204-18-149.deploy.static.akamaitechnologies.com

Software

Resource Hash

824bb9b5249bff9da1815e7bd0521ecc56e116042fa80670332882bff14dd6b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split.css

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
content-encoding: gzip
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Sun, 03 Nov 2024 17:16:13 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 192
date: Fri, 04 Oct 2024 17:16:13 GMT
content-type: image/svg+xml
last-modified: Mon, 24 May 2021 15:46:45 GMT
vary: Accept-Encoding

GET
H2 200 cross-white.svg
cdn.aviva.com/static/core/v.3.3.0/images/icons/ 235 B
407 B 108ms
107ms Image
image/svg+xml 23.204.18.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/images/icons/cross-white.svg

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.204.18.149 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-204-18-149.deploy.static.akamaitechnologies.com

Software

Resource Hash

2c9f89242a608ad2b69b67389f05d2c980a9702c0580972fe9f5f93157e5bc93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split.css

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
content-encoding: gzip
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Sun, 03 Nov 2024 17:16:13 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 189
date: Fri, 04 Oct 2024 17:16:13 GMT
content-type: image/svg+xml
last-modified: Mon, 24 May 2021 15:46:45 GMT
vary: Accept-Encoding

GET
H2 200 dropdown.svg
cdn.aviva.com/static/core/v.3.3.0/images/icons/sprites/ 1 KB
548 B 107ms
107ms Image
image/svg+xml 23.204.18.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/images/icons/sprites/dropdown.svg

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split2.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.204.18.149 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-204-18-149.deploy.static.akamaitechnologies.com

Software

Resource Hash

3a5974425043f506cf9bcf6e97380a0bff1ffa7b3014632a6e899fb4aeddd5b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://cdn.aviva.com/static/core/v.3.3.0/css/postcss-split2.css

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
content-encoding: gzip
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Sun, 03 Nov 2024 17:16:13 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 330
date: Fri, 04 Oct 2024 17:16:13 GMT
content-type: image/svg+xml
last-modified: Mon, 24 May 2021 15:46:45 GMT
vary: Accept-Encoding

GET
H2 200 scrollable.js Show response
cdn.aviva.com/static/core/v.3.3.0/js/blocks/ 797 B
674 B 95ms
94ms Script
application/x-javascript 23.204.18.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/js/blocks/scrollable.js

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/js//vendor/core/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.204.18.149 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-204-18-149.deploy.static.akamaitechnologies.com

Software

Resource Hash

6f6eb81c9e8918b3bbf0c2021f006c1d7a4ea4bf13012cb6bc9559e4ab58fa1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
content-encoding: gzip
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Sun, 03 Nov 2024 17:16:13 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 450
date: Fri, 04 Oct 2024 17:16:13 GMT
content-type: application/x-javascript
last-modified: Mon, 24 May 2021 15:46:45 GMT
vary: Accept-Encoding

GET
H2 200 jquery-ui.js Show response
cdn.aviva.com/static/core/v.3.3.0/js/vendor/jquery/ 38 KB
11 KB 232ms
231ms Script
application/x-javascript 23.204.18.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/js/vendor/jquery/jquery-ui.js

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/js//vendor/core/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.204.18.149 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-204-18-149.deploy.static.akamaitechnologies.com

Software

Resource Hash

6a7f51d8f410616df3c0776bea8166beb1d49d0aeb1634dc12716224617da2e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
content-encoding: gzip
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Sun, 03 Nov 2024 17:16:13 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 11523
date: Fri, 04 Oct 2024 17:16:13 GMT
content-type: application/x-javascript
last-modified: Mon, 24 May 2021 15:46:45 GMT
vary: Accept-Encoding

GET
H2 200 mousewheel.js Show response
cdn.aviva.com/static/core/v.3.3.0/js/vendor/jquery/ 3 KB
1 KB 235ms
235ms Script
application/x-javascript 23.204.18.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/js/vendor/jquery/mousewheel.js

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/js//vendor/core/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.204.18.149 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-204-18-149.deploy.static.akamaitechnologies.com

Software

Resource Hash

1b48eaf5c56f4a1722b58ecfcfeb18cf131e328252c14c17cb0de9ea5778deb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
content-encoding: gzip
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Sun, 03 Nov 2024 17:16:13 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1170
date: Fri, 04 Oct 2024 17:16:13 GMT
content-type: application/x-javascript
last-modified: Mon, 24 May 2021 15:46:45 GMT
vary: Accept-Encoding

GET
H2 200 mCustomScrollbar.js Show response
cdn.aviva.com/static/core/v.3.3.0/js/vendor/jquery/ 39 KB
12 KB 231ms
231ms Script
application/x-javascript 23.204.18.149
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.aviva.com/static/core/v.3.3.0/js/vendor/jquery/mCustomScrollbar.js

Requested by

Host: cdn.aviva.com
URL: https://cdn.aviva.com/static/core/v.3.3.0/js//vendor/core/require.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.204.18.149 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-204-18-149.deploy.static.akamaitechnologies.com

Software

Resource Hash

36f33c52339615a309cc817f4045dcc48fefb41d04b9cbe0023364165249166d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.aviva.ca/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
content-encoding: gzip
etag: "afdaca495841d2b72bc3b216c4e004eb:1621871205.315667"
expires: Sun, 03 Nov 2024 17:16:13 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 11856
date: Fri, 04 Oct 2024 17:16:13 GMT
content-type: application/x-javascript
last-modified: Mon, 24 May 2021 15:46:45 GMT
vary: Accept-Encoding

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.aviva.ca/	1970-01-21 00:01:02	Name: akacd_f_g_ca Value: 1728062770~rv=38~id=ce9366ff86dc74e74d18ddaa8c1e52ab
.aviva.ca/	1970-01-21 00:01:09	Name: bm_mi Value: 4DF0D8E609140FF23348634A686F7BA4~YAAQl0A2F/2gsDGSAQAA1SaIWBlqzJxBLPMYHdzJ6WaTCzTHe+v4wGKU8BFk/lC1dpgDP+5nGiaH4c/H/UBqS+xNhjtrVF2qcUNTAPnE/a9lODJ6Ugd9Hun/mg7YvYukz5LCwmCh4M188kmzrFQyp+KKy9ain9Uzwtu48rZYATyOl/eavnAHw0Bt9jY37szQqpxq7Os+c4lrVp46dXaO8K/nSySenljPTKxjsUc7eMfv8zlLzrtDIawAsXqWC4WnGqp82MSSRjDf0+2caPE/i5WXIukglxG4K/I+bUEJh8CArFcoKUpgO2U8N0gw0c0=~1
.aviva.ca/	1970-01-21 00:01:09	Name: bm_sv Value: AF03E1E6EF09DF1D5680EF7C00118EE9~YAAQl0A2F/6gsDGSAQAA1SaIWBl2bZnVL/ApYyp/DsasBcqTHc3hnlREmtjPPPPo/mYXMxBPaDABU5eMilr6tw80LiwflaGQ27hHnzq8Vy1nK6LEYA/YZCPOrHMe4u2zYrC3By772wCKhK9Bxy8zO/4cI+lJq1eROUZGNaYqZD1KSLGLfWlSOCil7rh6tzsX8MhY8KvHOrwbRP7sgD2Ezcc32+Kh0Smdq+Xbe8WcffC16a+Zf5bGYK/nCdUATw==~1
cdn.aviva.com/	1970-01-21 00:01:02	Name: akacd_f_d_eu_l Value: 1728062771~rv=76~id=fd72e0484eaa0d9825cfa5fb1c0aeb4e
.aviva.ca/	1969-12-31 23:59:59	Name: at_check Value: true
.aviva.ca/	1970-01-21 08:46:38	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Fri+Oct+04+2024+10%3A16%3A11+GMT-0700+(Pacific+Daylight+Time)&version=202407.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=37e33057-993e-46ce-a3f5-5df699314856&interactionCount=0&isAnonUser=1&landingPath=https%3A%2F%2Fwww.aviva.ca%2Fen%2F&groups=1%3A1%2C2%3A0%2C3%3A0%2C4%3A0
.aviva.ca/	1970-01-21 00:01:09	Name: ak_bmsc Value: 5A7EDFD518AA236D65B6B643E0165C6C~000000000000000000000000000000~YAAQl0A2FxmhsDGSAQAAsSuIWBnW5s/P5icxwK8O1BayGe6fvYWBmzaJHZAa4ZHDIQHC1Iz3Py66Z6KGDSxlzauqoVpArkuZILAlfcSPpFrYCmJ8SlmY4cUfTddNWEDWOwOd34XmmNrfi/i2lusrRrKjTVAxNJwMxhUi+26wniHXIaKsCmm6LjQYuLbbIeZ31rwiSWPsDqgyw7JnovLDlXwCrqwekKgIN1Jdwq5cWsB6J9EnM7oOtq41+ytTUA9zBoLMk9m+UWKbDVuPPuAwFc7cgEaawXoSFZp16hvj1LSIBVwJFjEyNYjg+FJpij+01ptCNTff+7BxzZ3Ll6gGyJv+wg/WsNcyYnbLalO1sacihYjELb1rpo7Q0mNHUDATBZoGHxXI4Nt9RqtyYfX3l01J7kq9D5P9k36A6Mi+RBnhZd1dT45rzmVmE5ZYoXbTFTcZ/Sb4Yorl0YsShTus0mb8R6U/G+oxyQIsS7y5aFQ=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' cdn.aviva.com data:; font-src 'self' cdn.aviva.com fonts.gstatic.com data:; img-src * data:; media-src 'self' data:; frame-src 'self' .aviva.ca .five9.com .facebook.com .doubleclick.net .youtube.com .moneris.com .google.com .demdex.net .appliedsystems.com .pinterest.com; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' .aviva.ca cdn.aviva.com .adobedtm.com .amazon.com .google-analytics.com .facebook.net .googletagmanager.com .bing.com .googleadservices.com .invocacdn.com .marketo.net .doubleclick.net .google.com .moneris.com .gstatic.com .five9.com .clarity.ms .clearbitjs.com .acuityplatform.com .stackadapt.com .licdn.com .youtube.com .cookielaw.org ajax.aspnetcdn.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .pardot.com; style-src 'self' cdn.aviva.com 'unsafe-inline' .five9.com .stackadapt.com fonts.googleapis.com; connect-src 'self' .amazon.com cdn.aviva.com .mktoresp.com .google.com .google-analytics.com .bing.com .doubleclick.net .google.ca .demdex.net avivacanada.tt.omtrdc.net .stackadapt.com .oribi.io .cookielaw.org .linkedin.com .reddit.com .redditstatic.com .onetrust.com .pinterest.com .teads.tv .pinimg.com .amazon-adsystem.com .redditstatic.com .amazon .aviva.ca .pardot.com; frame-ancestors https://.aviva.ca
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
aviva.ca
cdn.aviva.com
cdn.cookielaw.org
connect.facebook.net
geolocation.onetrust.com
www.aviva.ca
104.18.86.42
104.71.191.34
172.64.155.119
23.204.18.149
23.51.57.57
31.13.71.7
76.223.81.247
0145edba7a2aebcc5d9fc32ef047a0ccc1c7cecd3609db7f7d559fe1a3e2c20e
01a89789467b928bd0e2536da76229fd488c76d81a514feb5dbac2e85761f584
02f9a50da41909a431c5a6bc0136dfdb864d15395b950e7debd00e677dac71bd
0643c0278a85f07f8db35b9dca1a3cf925b07023e0446b4d943526993a64e840
0a1309d2ccff026ab4dcf050977befc877505115e4777e240fa328b1781c63ae
0a7f2d89377fe97519b73d14f30b1e73cfa70a80554e2fef8ccf9a8eeb77fca0
115712ec33924a79d72a3a4cdb32d02c98cc445528e6aa247d6dc589fb3d67a3
12c10e573781b8bd6a19e60bb756ea0dcc768eca8a7e256384bd5fbe29a61e0c
14c2fa6095807c2d3f99a94c89c152d3fad5a9850d5a473fa20b9f086823a922
1898973c6fd7b6de48334fd7f747bf5910d2d0928bacdf309a832caa8bc61bc4
194d7dc861a0f86e5b3ea21f2fb19fa108c6f9ff034f6bad8341d826262d3dc1
1a0948e98160002a3b821cd4cf703fea9eda4b847fc828fee905aeca128c0204
1a810ac14d8e0dae13acf91c70a26e73ccb511002bebe7b63b084d00fd4e3c47
1b48eaf5c56f4a1722b58ecfcfeb18cf131e328252c14c17cb0de9ea5778deb6
1bc9542c1c8c760c1561163c13a4a74dca5335392f2844c2273f20e8a92e8ed5
1c391d65fdfecb14749faa25a105c5c05a3fe9832426a70ead84dd76e5bf349f
1cd46dc2620ac43849ad52ce62860260143b63aa8500e84840e2c1e739e490e0
1d7054e43ce8b91430289349c993e84d41a8e0a7b60af38e7299524dab742785
1d9addbda55aa12a20367b4afb563f3516b4db50edb4437de62e2704a6dcfa32
1e32181093bb9e29c8fc35663d11d42f4f71a8d98c2606d9e0d844aa479986ba
23eed986f183d55a4e24fbe63be70d4a4bea62cc730f2026e09529b43c574bf6
23fa85cc8421e0c0c7a7063b0d913590903ca0816af72b8567fe24fed96e400b
2448cbe428e1386ca469f3d900acab696f77d8cf70ed410b0dec8012dc33a7d5
24cd6f5b8656917eab7cdad902ad419e0148756c448f304353e7871db252c4f7
264db88e12581e8eb6af909d3c36af1c0016963a80363a0ef2cbf7e45958bb94
26dd992510049150305ae7312fed5198335901029e2f16bd61bd54401d82e888
288a94250532445d47ed48274373a32d076972e5d6d164596e925cea89eefa77
29a7b39128e58a5b560363255f9dc14f5563833a4b8331c4df438b05dc0504bd
2c9f89242a608ad2b69b67389f05d2c980a9702c0580972fe9f5f93157e5bc93
2cbcfff7575e57f9499fb6faeb7815119e67fa70471c11f95239dc4533d05990
2f12bf7ca8e0bc82ac4634c7f6b5d9cd3b260ec31c2ec76d2db01d983770cf48
33797800b62023f90d04fecee08d31e963558c78ebfe4a91609b4ca39d0ce003
34e7793f5c055ca5a4e464953c950d27a8adb471d65d7fba9440895bec594bb3
36f33c52339615a309cc817f4045dcc48fefb41d04b9cbe0023364165249166d
3741d10b48aff5d2f9952c700fc316b8eddaf95c4eabde0bfc536aef40119c00
37694ec351fb3635fe60812af0252d58d7eb81366e1769b758f32a886e819115
39894f8e54d3df8d8232f2d7d4fc275c4393978ad2244f282676bd1a58db3335
3a1546a5731cdd2b460d8adbc09e84951ff88eee2a59699837c61f6fc068e9a3
3a5974425043f506cf9bcf6e97380a0bff1ffa7b3014632a6e899fb4aeddd5b7
3a78896d17338e4114c6e2348071a23c239bf1b50c41948c269f078450a3db32
3b76e6afc9102159ecf5df56dd8e130db4a174feadfdcd15ef43c09b2d93d01a
3bb9964462e69c296ff5d3161eb547891d50aba596078f91d322e9462ae7255a
3df6c63cfbb1145cf075981f3158bb0e16ffcbc99087aaacdc58255000695f52
40a10f09c8ae7b2a8c83091589cb1522fd817fd464dd1d5b9570abf702acd499
41673777ea627ad546f0aa6263387040017fc2c105558e24bbba276f1e871044
434eaf54c6a1bf62181a2f7a37f5f2539f60d116dcf9a0e4bbcb732688965138
44d386a7871a2b888b1b7b280d96b6f460f7509605d7c14e9821cafa5104b990
48ba1993011db4834882d81b2153753437607292f704a6543d4466c0f6d1372a
4976976fa8ab2959946c4e96a275554f099d6c5968633506febe65f1e630d522
4c619c1235dc58e0c64cf814dd6d74fd4b12e36eb6a1a0055b3c8b834af66b68
4e5e155d17ad05a6e38823b3afb7d4fb1bb1c6c1aca70cc0e482fa4c8f941079
520092d1701ff382044e9cf69851a8c2396850f86ad3240af79ec00d4aa663e0
5214f0b12f6d038f35a061b40c6f36fc8c329d2d21d3fb1c9ecee8d3b9568c7f
5eeb69d98a6284b8b640ff2313e2f484ca33efdbb9e769043059be6c19a3f9d2
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
5fb7c176325267082e94a7131fed5e157516e6805cee3ac6f6a93340a947d640
6042ebaef015b82a9ba6b80770e6ad472e1e77330f368fb66bfe0a54ba5323bc
613f291a3ea06249a168b73652318eca603b5b9a7c933bf08feb2458a00abaf2
648ca8b81c201e7e44a0c36d5486e38de7a1c302cd52ff7b2259b91260a89e7d
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6a7f51d8f410616df3c0776bea8166beb1d49d0aeb1634dc12716224617da2e7
6b470a5ec92399b5420afa5e81b07fe400eeb24c317d911ce76aabcf7e02db39
6b7940f2febd9b5356fe2aebfaca02088451d50d5c6bc962381ba1f478da83f4
6cedbfc0180bcd3e6e9f116e59151ea35dd68f444a05b9a8fedbae7f2efbed4e
6f6eb81c9e8918b3bbf0c2021f006c1d7a4ea4bf13012cb6bc9559e4ab58fa1f
738291574dbf7f2fec2f648b5ac9ca4ab1948c5842009d61ceb2c7667df9a843
7399be3e6ca1c0ee8fbf3b5dee055886b37297511288b4da5ce49f74439c259e
74ede2cbbd2726a3816d75cdf7d0f8f9a7491082b6c835941944f7d32432a6c0
7781eee45114653568143bda6a3ce08548251992d086e76f44706650668aaf2f
7783e3333d27cec324d28862daf75cc7dcc76ce0aab9526ed63b46cb48a65760
78e931fea89cee7b966976556fa59fff1234c6e618f8638412fdefd98ebd1901
7a07c979e9c0f6b9a5b1edcd198b9eda289e954533d9af5efb5036823fb07eb1
7c0125bce106a77c7da7eecfe0dd98047848068e9b2799420bac2fda09495456
7c2092048f21074425f3e025db78fb6505f75d6fcf2e121ced055c8d53bcb1b3
7dbc72c3f0511495fdf45d42283a246613db44b0906199cef195a773068d822f
7e3b43082dfbff5371f6906e86e44ce86999eb0ccae3bb992135b6abb37ae11d
80bc044677cf80929d5d037919a68e2040d0b3632f80340b418a29fc8f5baaff
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
81b4604009269afc426e2098977e9f9d81e211b9356a574a0c1668138c4c0b87
824bb9b5249bff9da1815e7bd0521ecc56e116042fa80670332882bff14dd6b6
8cfa5486c54ca27001dcd80bf8db28e1eef38e0985748dd54d24655f17258fc5
8f234e9965637f671774c12515e3837f16b5b62a4ec26e60d69eca5d3c288d13
8f764efbb2cdb303e3019325d811225ead27d656f8b40390de427db1415dc56a
8f966ad65314fe674f8ccd3e49ce614a30da7e3ad11dea7ee700669efa7c951a
9387c06fc18f94fe9d7bf799a3026e1be9258ecbb6ae16c398ee9f51c6663a48
93cbe3412c1e99bf20aab251e2968ab7f8b9691c787ebbe4e20fca766d33fd7b
9466a63733c35153b880caedd223d70e6618d0f08dd7cc7c7b07242d0fb393b3
9650b89821b6c7a9ea4c3452538f8cbe60d296cd4a4c5b2a94f92551cba7c701
98348dab3a9c47f21b6a09f2777e6f35a8063f5190230081fd78723742248ade
9ad078da3ac6ece36654fd56050d7d701490052bf9e11adf17b779660db55792
9c1cc3bc24ad3b897132b6891f3f119c44b9198aa893a971e56195bc21325b3a
a138711e3fd6ba8d769df39ce01fbb26e6b32677ea84d5990a54638824266205
a8c57c526a584374a29c56537582dc9a33df32c0cd7b059a0f9f992b1df42a9c
ae4af12d0237e31a3b97e0aab5e8dde0a8ba34933ef2162410f6ba17a9a07d69
b2a3ac010fb6da012d414ff4d2aef937835561686229ed979e418fcabae5d46c
bb60550070f9a5ce5d91b9cb0d34ee6777a3dcb25de950cb185d1c2b624b2590
bd96e065b03bcab321ce111a63b368f08b25217115ee67a1827219b7ba2ebab0
beef454e4af0aee49ec7c226a380b34d1a7540c58bc88bf2113d97054921d631
c0580f9e1520629b168baf4c5a9b9b10ad01a55ae7845aeeb1aef585c240a046
c16f44b4e48e7eac88bc75525868a8c0d3ebb2fa4ecf7fd6fe1875423ee491ee
c1cadf0801d25d53570a09920f6b433c18affd4c2c6a15e29dd051bbb3ef29f9
c299052a00248b1cd445299d869b8025dd3108f601a986d3f56399c33d0a5039
c8a8a58557568a399a594cfe2def4486d7fd6fabe9ca0d699e63b2628dd09dce
c9650903bb6b48ef93262a7aa56d230bb4511f01e9c31caa4560a6e0637c9923
ccc886ecf317012e82fbca6129a17462af04d4fb51d4e1b5e32977e639c2f685
d22ba65430ce6ee971c19978dff9a95f23a1b31fdd676e9b801ad5812a797703
d554361630709572f4c9e33d02ca5ae56275756099a62195513017a0421f73c2
d890abf66010907c7a0a61236d25c3c98bcb7edec34b13dc887f5be122bfef7e
d92d857d4df200abcc14acee55662de41d428cf2f1c453461ab45e86d31ef413
dba85183713cafca1e05da343b405f84f52c21f5fc58efc2c3b346feb12682fa
decae05b3edb835dba799defc265cc3bfb0dfc42a1d2f437f3503723accaafa4
e0e26e82b402f297de0f13cdfe66c5de1a5559add19442dd26790cb9f00a8cf7
e38250a24286a63e23ee03aff600d4a35eaf6ad60205aa358514c6f61a5f5969
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40b6b4571c30666f6e9a6dd5f2dbd53668ec5ea006a682eaddc77ceca966d9f
e44d0910d95cde11106b25817dec034b2f659dfc68aa67ba1539cc7c0fcd63b6
e63cccc70ce3484037496c921a5b6d3808304f74ed62985b7a40a8764104b53a
ea681f855f779432a5b2cbb5ff740b95a533c3731d0d66281c8b03567da00a45
ec92ce4898b64554e8af26eed6b09024f152008f2f64affe6c300dbfbb8f0e75
ecd6d6d0bc6a73e8e809f3b293bde32a4d1977308dbd35e8ce315038806d2100
eecb48d646eb8af6de55b1e800ae165bb3cf7c1360f269be79e4370e520e7e80
ef62b1cd6c0c08e5207dd9aac5ae16be906b30b07272d3442aa5b6d229a4e4bd
ef640470ded5f3fcab2c29ab75dad29e4761df60663f7a50829bb010cde0f08a
efad755939e511f2bc1feb0d58d6014006e8598a4d431f27a66dd59e14fc19cb
f4c3223d8ff34087d49e086e3972d0f3c2184c15644d583b802ed6d020345045
f7a9dddbab17c79dd6fb4a621cd7b6e0bc7c1c913ae819c377afa60bff47414b
fd46dab6d4bbf6444c64c44318834c53d80fcd0547ed1f88a04576d41aa112ca
ff68954256171e19e9964db6b9b9be908cd1f18e1dbb8367de9af0ca02b6566b

www.aviva.ca Open in urlscan Pro 104.71.191.34 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

126 Requests

100 %HTTPS

0 %IPv6

6 Domains

7 Subdomains

7 IPs

2 Countries

1761 kBTransfer

4310 kBSize

7 Cookies

29 Outgoing links

Page URL History

Redirected requests

126 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.aviva.ca Open in urlscan Pro
104.71.191.34 Public Scan

Screenshot
Live screenshot

Full Image

126
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

7
IPs

2
Countries

1761 kB
Transfer

4310 kB
Size

7
Cookies

126 HTTP transactions
2 data transactions