login.service.client.iaprivatewealth.ca Open in urlscan Pro
76.223.112.12 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://client.iaprivatewealth.ca/
Effective URL:
https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/saml
Submission: On November 04 via automatic, source certstream-suspicious (November 4th 2024, 9:17:41 pm UTC) — Scanned from CA

Summary HTTP 58 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 18 IPs in 3 countries across 13 domains to perform 58 HTTP transactions. The main IP is 76.223.112.12, located in United States and belongs to AMAZON-02, US. The main domain is login.service.client.iaprivatewealth.ca.
TLS certificate: Issued by Entrust Certification Authority - L1K on July 10th 2024. Valid for: a year.

This is the only time login.service.client.iaprivatewealth.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 13	207.134.102.244 207.134.102.244	852 (TELUS Com...) (TELUS Communications)
2	76.223.112.12 76.223.112.12	16509 (AMAZON-02) (AMAZON-02)
2 9	52.139.17.111 52.139.17.111	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	3.167.56.56 3.167.56.56	16509 (AMAZON-02) (AMAZON-02)
1	18.160.10.3 18.160.10.3	16509 (AMAZON-02) (AMAZON-02)
2	172.217.222.97 172.217.222.97	15169 (GOOGLE) (GOOGLE)
7	152.195.19.97 152.195.19.97	15133 (EDGECAST) (EDGECAST)
8	18.160.46.28 18.160.46.28	16509 (AMAZON-02) (AMAZON-02)
1	104.18.26.50 104.18.26.50	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	31.13.66.19 31.13.66.19	32934 (FACEBOOK) (FACEBOOK)
1	3.162.125.94 3.162.125.94	16509 (AMAZON-02) (AMAZON-02)
2	31.13.66.35 31.13.66.35	32934 (FACEBOOK) (FACEBOOK)
1	44.208.13.78 44.208.13.78	14618 (AMAZON-AES) (AMAZON-AES)
2	172.217.222.102 172.217.222.102	15169 (GOOGLE) (GOOGLE)
1	142.251.16.156 142.251.16.156	15169 (GOOGLE) (GOOGLE)
1	172.217.197.94 172.217.197.94	15169 (GOOGLE) (GOOGLE)
3	15.197.223.53 15.197.223.53	16509 (AMAZON-02) (AMAZON-02)
58	18

13 207.134.102.244 (Québec, Canada) 3 redirects

ASN852 (TELUS Communications, CA)

client.iaprivatewealth.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.112.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: aea892e467587cd82.awsglobalaccelerator.com

login.service.client.iaprivatewealth.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.139.17.111 (Toronto, Canada) 2 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

clientportal.iaprivatewealth.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.167.56.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-167-56-56.iad61.r.cloudfront.net

ok14static.oktacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.10.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-10-3.iad12.r.cloudfront.net

login.okta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.222.97 (United States)

ASN15169 (GOOGLE, US)
PTR: qi-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 152.195.19.97 (San Jose, United States)

ASN15133 (EDGECAST, US)

content.ia.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 18.160.46.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-46-28.iad55.r.cloudfront.net

cdn-app3.securiti.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.26.50 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.mouseflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.66.19 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-iad3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.162.125.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-125-94.iad61.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.66.35 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-iad3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.208.13.78 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-208-13-78.compute-1.amazonaws.com

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.222.102 (United States)

ASN15169 (GOOGLE, US)
PTR: qi-in-f102.1e100.net

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.16.156 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.197.94 (United States)

ASN15169 (GOOGLE, US)
PTR: qa-in-f94.1e100.net

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 15.197.223.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: a07ac27ac9ff1ba69.awsglobalaccelerator.com

app3.securiti.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	iaprivatewealth.ca 5 redirects client.iaprivatewealth.ca login.service.client.iaprivatewealth.ca clientportal.iaprivatewealth.ca	1 MB
11	securiti.ai cdn-app3.securiti.ai — Cisco Umbrella Rank: 544694 app3.securiti.ai	145 KB
7	ia.ca content.ia.ca	108 KB
6	oktacdn.com ok14static.oktacdn.com — Cisco Umbrella Rank: 8492	616 KB
2	google.com analytics.google.com — Cisco Umbrella Rank: 147
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	5 KB
2	heapanalytics.com cdn.heapanalytics.com — Cisco Umbrella Rank: 852 heapanalytics.com — Cisco Umbrella Rank: 666	38 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	74 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	189 KB
1	google.ca www.google.ca — Cisco Umbrella Rank: 12143	63 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 136 td.doubleclick.net Failed	570 B
1	mouseflow.com cdn.mouseflow.com — Cisco Umbrella Rank: 7549	67 KB
1	okta.com login.okta.com — Cisco Umbrella Rank: 3822
58	13

	Domain	Requested by
13	client.iaprivatewealth.ca	3 redirects clientportal.iaprivatewealth.ca
9	clientportal.iaprivatewealth.ca	2 redirects login.service.client.iaprivatewealth.ca clientportal.iaprivatewealth.ca
8	cdn-app3.securiti.ai	www.googletagmanager.com login.service.client.iaprivatewealth.ca cdn-app3.securiti.ai
7	content.ia.ca	clientportal.iaprivatewealth.ca
6	ok14static.oktacdn.com	login.service.client.iaprivatewealth.ca
3	app3.securiti.ai	cdn-app3.securiti.ai
2	analytics.google.com	www.googletagmanager.com
2	www.facebook.com	login.service.client.iaprivatewealth.ca
2	connect.facebook.net	www.googletagmanager.com connect.facebook.net
2	www.googletagmanager.com	login.service.client.iaprivatewealth.ca www.googletagmanager.com
2	login.service.client.iaprivatewealth.ca	ok14static.oktacdn.com
1	www.google.ca	login.service.client.iaprivatewealth.ca
1	stats.g.doubleclick.net	www.googletagmanager.com
1	heapanalytics.com	login.service.client.iaprivatewealth.ca
1	cdn.heapanalytics.com	login.service.client.iaprivatewealth.ca
1	cdn.mouseflow.com	www.googletagmanager.com
1	login.okta.com	ok14static.oktacdn.com
0	td.doubleclick.net Failed	www.googletagmanager.com
58	18

This site contains links to these domains. Also see Links.

Domain
ia.ca
clientportal.iaprivatewealth.ca
iaprivatewealth.ca
client.iaprivatewealth.ca
www.cipf.ca
www.ciro.ca

Subject Issuer	Validity	Valid
login.service.client.iaprivatewealth.ca Entrust Certification Authority - L1K	`2024-07-10` - `2025-08-09`	a year	crt.sh
clientportal.iaprivatewealth.ca Entrust Certification Authority - L1K	`2023-12-05` - `2025-01-05`	a year	crt.sh
*.oktacdn.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-15` - `2025-01-02`	a year	crt.sh
accounts.okta.com Amazon RSA 2048 M02	`2024-07-17` - `2025-08-15`	a year	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
files.ia.ca Entrust Certification Authority - L1K	`2024-06-14` - `2025-07-14`	a year	crt.sh
client.iaprivatewealth.ca Entrust Certification Authority - L1K	`2023-10-13` - `2024-11-13`	a year	crt.sh
app3.securiti.ai Amazon RSA 2048 M03	`2023-12-26` - `2025-01-24`	a year	crt.sh
cdn.mouseflow.com WE1	`2024-09-23` - `2024-12-22`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-14` - `2024-11-12`	3 months	crt.sh
cdn.heapanalytics.com Amazon RSA 2048 M02	`2024-05-29` - `2025-06-26`	a year	crt.sh
heapanalytics.com Amazon RSA 2048 M03	`2024-10-10` - `2025-11-08`	a year	crt.sh
*.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.google.ca WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/saml
Frame ID: 778B49FD1106FA59634D737031BF0C6E
Requests: 50 HTTP requests in this frame

Frame: https://login.okta.com/discovery/iframe.html
Frame ID: 8D92E1B15E68BBB1270421EFA2DA7E57
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-MWJX3G6SR5&gacid=247069826.1730755056&gtm=45je4au0v885428004z8853831420za200zb853831420&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101823848~101878899~101878944~101925629&z=597587789
Frame ID: 2A35D0F13AE98F5A2713230427926596
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Client portal

Page URL History Show full URLs

https://client.iaprivatewealth.ca/ HTTP 302
https://client.iaprivatewealth.ca/FWMWPNS1 HTTP 302
https://client.iaprivatewealth.ca/eemwpnp1/public/loginOkta?TYPE=33554433&REALMOID=06-1bc0d8c7-bf55-4fdb-baf8-... HTTP 302
https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg69... Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Heap (Analytics) Expand

Overall confidence: 100%
Detected patterns

heap-\d+\.js

Mouse Flow (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.mouseflow\.com

Page Statistics

58
Requests

95 %
HTTPS

0 %
IPv6

13
Domains

18
Subdomains

18
IPs

3
Countries

2530 kB
Transfer

8708 kB
Size

16
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://ia.ca/cookie-notice
Title: Cookie Notice

Search URL Search Domain Scan URL

URL: https://clientportal.iaprivatewealth.ca/oie/
Title: Forgot username?

Search URL Search Domain Scan URL

URL: https://iaprivatewealth.ca/
Title: iA Private Wealth

Search URL Search Domain Scan URL

URL: https://client.iaprivatewealth.ca/cw/sitecore/content/Extranet/iA%20Securities%20My%20Client%20Space/home/Disclaimers
Title: Disclaimers

Search URL Search Domain Scan URL

URL: https://client.iaprivatewealth.ca/cw/sitecore/content/Extranet/iA%20Securities%20My%20Client%20Space/home/protection-of-personal-information
Title: Privacy Statement

Search URL Search Domain Scan URL

URL: https://client.iaprivatewealth.ca/cw/sitecore/content/Extranet/iA%20Securities%20My%20Client%20Space/home/terms-of-use
Title: Terms and Conditions of Use

Search URL Search Domain Scan URL

URL: https://www.cipf.ca/
Title: Canadian Investor Protection Fund

Search URL Search Domain Scan URL

URL: https://www.ciro.ca/

Search URL Search Domain Scan URL

URL: https://www.ciro.ca/office-investor/know-your-advisor-advisor-report
Title: The CIRO AdvisorReport

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://client.iaprivatewealth.ca/ HTTP 302
https://client.iaprivatewealth.ca/FWMWPNS1 HTTP 302
https://client.iaprivatewealth.ca/eemwpnp1/public/loginOkta?TYPE=33554433&REALMOID=06-1bc0d8c7-bf55-4fdb-baf8-112d313d3461&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-IaSC0efgH3CvYD7ywGV%2fduhsskopNlSs1rGjMexySdZnFSFl3sVl%2bXRI1MWZUeclKwBGZQyIHKVyKZFi9NOZg4tFxKfD6j%2fs&TARGET=-SM-https%3a%2f%2fclient%2eiaprivatewealth%2eca%2fFWMWPNS1 HTTP 302
https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/saml Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://clientportal.iaprivatewealth.ca/oie/permalink/js/main.js HTTP 302
https://clientportal.iaprivatewealth.ca/oie/static/js/main.eb07e7ce.js

Request Chain 2

https://clientportal.iaprivatewealth.ca/oie/permalink/css/main.css HTTP 302
https://clientportal.iaprivatewealth.ca/oie/static/css/main.0ce7fc0f.css

58 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request saml Show response
login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/
Redirect Chain

https://client.iaprivatewealth.ca/
https://client.iaprivatewealth.ca/FWMWPNS1
https://client.iaprivatewealth.ca/eemwpnp1/public/loginOkta?TYPE=33554433&REALMOID=06-1bc0d8c7-bf55-4fdb-baf8-112d313d3461&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-IaSC0efgH3CvYD7ywGV%2fduhs...
https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/saml

21 KB
11 KB

415ms
200ms

Document
text/html

76.223.112.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/saml

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.112.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

aea892e467587cd82.awsglobalaccelerator.com

Software

nginx /

Resource Hash

90398c3a052763582a12b9b51732b6e4e364848d1dd9c183423dde5d66cf3aa4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=utf-8
Date: Mon, 04 Nov 2024 21:17:29 GMT
Keep-Alive: timeout=5, max=100
Server: nginx
Strict-Transport-Security: max-age=315360000; includeSubDomains
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Robots-Tag: noindex,nofollow
accept-ch: Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store
content-language: en
content-security-policy: frame-ancestors 'self'
content-security-policy-report-only: default-src 'self' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca *.oktacdn.com; connect-src 'self' wealth-clients-ia.okta.com wealth-clients-ia-admin.okta.com login.service.client.iaprivatewealth.ca *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com wealth-clients-ia.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' 'report-sample' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca *.oktacdn.com; style-src 'unsafe-inline' 'self' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca *.oktacdn.com; frame-src 'self' wealth-clients-ia.okta.com wealth-clients-ia-admin.okta.com login.service.client.iaprivatewealth.ca login.okta.com *.vidyard.com com-okta-authenticator:; img-src 'self' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca *.oktacdn.com *.tiles.mapbox.com *.mapbox.com *.vidyard.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
expires: 0
p3p: CP="HONK"
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-okta-request-id: Zyk56TmDOfCbjk_Cp-ep3gAACsc
x-rate-limit-limit: 60
x-rate-limit-remaining: 59
x-rate-limit-reset: 1730755109
x-ua-compatible: IE=edge
x-xss-protection: 0

Redirect headers

Cache-Control: private, no-cache, no-store, max-age=0, no-transform
Content-Length: 1621
Content-Security-Policy: frame-ancestors *.iaprivatewealth.ca
Content-Type: text/html; charset=utf-8
Date: Mon, 04 Nov 2024 21:17:28 GMT
Expires: 0
Location: https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/saml
Pragma: no-cache
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-9237229"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-OneAgent-JS-Injection: true
X-XSS-Protection: 1; mode=block
X-ruxit-JS-Agent: true
traceresponse: 00-0847890f92d19c8c8b7c24b6083d88e7-f0216aee352d8735-01
x-dt-tracestate: b434f25e-9341408e@dt

GET
H/1.1 200
OK config.js Show response
clientportal.iaprivatewealth.ca/oie/ 3 KB
2 KB 189ms
66ms Script
application/javascript 52.139.17.111
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://clientportal.iaprivatewealth.ca/oie/config.js

Requested by

Host: login.service.client.iaprivatewealth.ca
URL: https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/saml

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.139.17.111 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

aed10590320c3cb9d993cffc64efa4ad4f195142e9957971b6e791dd252fcd06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny, DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.service.client.iaprivatewealth.ca/

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
etag: W/"66fe3771-c74"
x-envoy-upstream-service-time: 3
Connection: keep-alive
X-Content-Type-Options: nosniff
server-timing: dtSInfo;desc="0", dtRpid;desc="163593067"
Date: Mon, 04 Nov 2024 21:17:29 GMT
Content-Type: application/javascript; charset=UTF-8
last-modified: Thu, 03 Oct 2024 06:19:29 GMT
x-frame-options: deny, DENY

GET
H/1.1

200
OK

main.eb07e7ce.js Show response
clientportal.iaprivatewealth.ca/oie/static/js/
Redirect Chain

https://clientportal.iaprivatewealth.ca/oie/permalink/js/main.js
https://clientportal.iaprivatewealth.ca/oie/static/js/main.eb07e7ce.js

3 MB
972 KB

113ms
112ms

Script
application/javascript

52.139.17.111
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://clientportal.iaprivatewealth.ca/oie/static/js/main.eb07e7ce.js

Requested by

Host: login.service.client.iaprivatewealth.ca
URL: https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/saml

Protocol

HTTP/1.1

Server

52.139.17.111 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

776d6b2f7d4f88064eef7def16893ad4b5a46369b3d605ca97144a632650420c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.service.client.iaprivatewealth.ca/

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000,public
content-encoding: gzip
etag: W/"66fe3771-332eb6"
x-envoy-upstream-service-time: 6
Connection: keep-alive
X-Content-Type-Options: nosniff
expires: Tue, 04 Nov 2025 21:17:30 GMT
server-timing: dtSInfo;desc="0", dtRpid;desc="1779620472"
Date: Mon, 04 Nov 2024 21:17:30 GMT
Content-Type: application/javascript; charset=UTF-8
last-modified: Thu, 03 Oct 2024 06:19:29 GMT
X-Frame-Options: DENY

Redirect headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Cache-Control: no-cache, no-store
location: /oie/static/js/main.eb07e7ce.js
x-envoy-upstream-service-time: 3
Connection: keep-alive
X-Content-Type-Options: nosniff
server-timing: dtSInfo;desc="0", dtRpid;desc="666782956"
Content-Length: 145
Date: Mon, 04 Nov 2024 21:17:29 GMT
Content-Type: text/html
X-Frame-Options: DENY

GET
H/1.1

200
OK

main.0ce7fc0f.css
clientportal.iaprivatewealth.ca/oie/static/css/
Redirect Chain

https://clientportal.iaprivatewealth.ca/oie/permalink/css/main.css
https://clientportal.iaprivatewealth.ca/oie/static/css/main.0ce7fc0f.css

580 KB
250 KB

109ms
109ms

Stylesheet
text/css

52.139.17.111
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://clientportal.iaprivatewealth.ca/oie/static/css/main.0ce7fc0f.css

Requested by

Host: login.service.client.iaprivatewealth.ca
URL: https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/saml

Protocol

HTTP/1.1

Server

52.139.17.111 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8a7b99373116833de789b1ce2c1642c78b308a3909e42cb54c110af667e2cbf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.service.client.iaprivatewealth.ca/

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000,public
content-encoding: gzip
etag: W/"668c15e3-90f1d"
x-envoy-upstream-service-time: 6
Connection: keep-alive
X-Content-Type-Options: nosniff
expires: Tue, 04 Nov 2025 21:17:30 GMT
server-timing: dtSInfo;desc="0", dtRpid;desc="-331804217"
Date: Mon, 04 Nov 2024 21:17:30 GMT
Content-Type: text/css
last-modified: Mon, 08 Jul 2024 16:37:55 GMT
X-Frame-Options: DENY

Redirect headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Cache-Control: no-cache, no-store
location: /oie/static/css/main.0ce7fc0f.css
x-envoy-upstream-service-time: 7
Connection: keep-alive
X-Content-Type-Options: nosniff
server-timing: dtSInfo;desc="0", dtRpid;desc="906038053"
Content-Length: 145
Date: Mon, 04 Nov 2024 21:17:29 GMT
Content-Type: text/html
X-Frame-Options: DENY

GET
H2 200 okta-sign-in.min.js Show response
ok14static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.24.1/js/ 2 MB
497 KB 186ms
93ms Script
application/javascript 3.167.56.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ok14static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.24.1/js/okta-sign-in.min.js

Requested by

Host: login.service.client.iaprivatewealth.ca
URL: https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/saml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.167.56.56 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-167-56-56.iad61.r.cloudfront.net

Software

nginx /

Resource Hash

d1a8ed1c830f51ab66940f696811113fecdb30a07946783526bbe8eec9f4aee0

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://login.service.client.iaprivatewealth.ca
Referer: https://login.service.client.iaprivatewealth.ca/

Response headers

content-encoding: gzip
etag: W/"46c29003ec3b8f1c310eee721dd21f8b"
age: 1116799
expires: Wed, 22 Oct 2025 23:04:10 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: XKVvyVV2i8j0UC7Rrb1PS9gdTSAPyD4Zx6H19KuKNoyfDkcI3KhA4g==
date: Tue, 22 Oct 2024 23:04:10 GMT
content-type: application/javascript
last-modified: Tue, 22 Oct 2024 22:30:54 GMT
vary: Accept-Encoding
strict-transport-security: max-age=315360000; includeSubDomains
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
via: 1.1 1b8d2d47935f0bd44bb9339058aa93be.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-meta-sha1sum: a18a23e86416bdf15b666f48cf682837bde68637
x-amz-cf-pop: IAD61-P5
server: nginx

GET
H2 200 okta-sign-in.min.css
ok14static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.24.1/css/ 218 KB
37 KB 143ms
50ms Stylesheet
text/css 3.167.56.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ok14static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.24.1/css/okta-sign-in.min.css

Requested by

Host: login.service.client.iaprivatewealth.ca
URL: https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/saml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.167.56.56 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-167-56-56.iad61.r.cloudfront.net

Software

nginx /

Resource Hash

e35e1d03fb9b7417fc605b85e7a9ef1baa9822bc6e6191e9e28f95e80ecbaf13

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://login.service.client.iaprivatewealth.ca
Referer: https://login.service.client.iaprivatewealth.ca/

Response headers

content-encoding: gzip
etag: W/"cc9b6afb7dec5ab168ad8d9335378d66"
age: 1116799
expires: Wed, 22 Oct 2025 23:04:10 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: jqrK_RJ1FVJQt2z1jb5IakIOqURufpdBnLtBRBmRfbXNHks6j9R7aA==
date: Tue, 22 Oct 2024 23:04:10 GMT
content-type: text/css
last-modified: Tue, 22 Oct 2024 22:29:48 GMT
vary: Accept-Encoding
strict-transport-security: max-age=315360000; includeSubDomains
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
via: 1.1 1b8d2d47935f0bd44bb9339058aa93be.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-meta-sha1sum: 42552ed2802032ae710ebd409ad23207be6c3929
x-amz-cf-pop: IAD61-P5
server: nginx

GET
H2 200 custom-signin.a91af2abfd04662e499bd3e151150dbf.css
ok14static.oktacdn.com/assets/loginpage/css/ 6 KB
2 KB 137ms
44ms Stylesheet
text/css 3.167.56.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ok14static.oktacdn.com/assets/loginpage/css/custom-signin.a91af2abfd04662e499bd3e151150dbf.css

Requested by

Host: login.service.client.iaprivatewealth.ca
URL: https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/saml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.167.56.56 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-167-56-56.iad61.r.cloudfront.net

Software

nginx /

Resource Hash

a1566688dd7e6e7cdce8dd2634ac42a7d939f0f9ee471a8d79b9a9e7f956e4d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://login.service.client.iaprivatewealth.ca
Referer: https://login.service.client.iaprivatewealth.ca/

Response headers

content-encoding: gzip
etag: W/"a91af2abfd04662e499bd3e151150dbf"
age: 1244825
expires: Tue, 21 Oct 2025 11:30:24 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: fERiYEdW3eVKNWKmI4w1L4Ihe8a-CePbFikWk8Rq4C6gAigVtda-Ig==
date: Mon, 21 Oct 2024 11:30:24 GMT
content-type: text/css
last-modified: Tue, 06 Aug 2024 23:36:25 GMT
vary: Accept-Encoding
strict-transport-security: max-age=315360000; includeSubDomains
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
via: 1.1 1b8d2d47935f0bd44bb9339058aa93be.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-meta-sha1sum: 411f2a1669354e6e50ec0fe8def6481fd6ca8daf
x-amz-cf-pop: IAD61-P5
server: nginx

GET
H2 200 okta-logo.1e146cad5713da744492be95eb0f7793.png
ok14static.oktacdn.com/assets/img/logos/ 3 KB
4 KB 492ms
84ms Image
image/png 3.167.56.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ok14static.oktacdn.com/assets/img/logos/okta-logo.1e146cad5713da744492be95eb0f7793.png

Requested by

Host: login.service.client.iaprivatewealth.ca
URL: https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/saml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.167.56.56 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-167-56-56.iad61.r.cloudfront.net

Software

nginx /

Resource Hash

4146f4c2384967dede1db1dae2da81c246d3d50228056bc0bb842e2ae868e13a

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.service.client.iaprivatewealth.ca/

Response headers

etag: "1e146cad5713da744492be95eb0f7793"
age: 1780915
expires: Wed, 15 Oct 2025 06:35:35 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: pBo61n9ul4CuMwvXYgD3bvKZ_OJUENQHQvUv5ftXpHyRe5Za9ZH1cg==
date: Tue, 15 Oct 2024 06:35:35 GMT
content-type: image/png
last-modified: Tue, 24 May 2022 21:46:30 GMT
strict-transport-security: max-age=315360000; includeSubDomains
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
via: 1.1 3efaf58673d549f89a29498e2fd12e42.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3422
x-amz-cf-pop: IAD61-P5
server: nginx

GET
H2 200 initLoginPage.pack.58de3be0c9b511a0fdfd7ea4f69b56fc.js Show response
ok14static.oktacdn.com/assets/js/mvc/loginpage/ 204 KB
76 KB 94ms
94ms Script
application/javascript 3.167.56.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ok14static.oktacdn.com/assets/js/mvc/loginpage/initLoginPage.pack.58de3be0c9b511a0fdfd7ea4f69b56fc.js

Requested by

Host:
URL: OktaUtil.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.167.56.56 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-167-56-56.iad61.r.cloudfront.net

Software

nginx /

Resource Hash

6a6c595fcf3a6c74bf3509f160ba34b78a8a3eb92ecaf290412c46679576d3ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://login.service.client.iaprivatewealth.ca
Referer: https://login.service.client.iaprivatewealth.ca/

Response headers

content-encoding: gzip
etag: W/"58de3be0c9b511a0fdfd7ea4f69b56fc"
age: 634274
expires: Tue, 28 Oct 2025 13:06:18 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: PvDojGOrAuMG-32P5JndGFzbG6W_nRzDy5ywidxZ3etCoIjtf491mg==
date: Mon, 28 Oct 2024 13:06:18 GMT
content-type: application/javascript
last-modified: Thu, 09 Nov 2023 01:10:29 GMT
vary: Accept-Encoding
strict-transport-security: max-age=315360000; includeSubDomains
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
via: 1.1 1b8d2d47935f0bd44bb9339058aa93be.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-meta-sha1sum: 91eca02abf11239ec4af7a30b1da6e2610f1b9a6
x-amz-cf-pop: IAD61-P5
server: nginx

GET
H/1.1 200
OK iframe.html
login.okta.com/discovery/ Frame 8D92 0
0 700ms
610ms Document
text/html 18.160.10.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.okta.com/discovery/iframe.html

Requested by

Host: ok14static.oktacdn.com
URL: https://ok14static.oktacdn.com/assets/js/mvc/loginpage/initLoginPage.pack.58de3be0c9b511a0fdfd7ea4f69b56fc.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.160.10.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-10-3.iad12.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://login.service.client.iaprivatewealth.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Age: 31581
Connection: keep-alive
Content-Length: 451
Content-Type: text/html
Date: Mon, 04 Nov 2024 12:31:12 GMT
ETag: "b2b86038bc19f36d4e1a0024a848c529"
Last-Modified: Thu, 03 Oct 2024 15:45:41 GMT
Server: AmazonS3
Strict-Transport-Security: max-age=31536000; includeSubDomains
Via: 1.1 6b29c936420d116b13807604a0e67044.cloudfront.net (CloudFront)
X-Amz-Cf-Id: CTGHHYUaGZBNTU6LiycVwnSzf77RsYvcFnm5RbgcFbCln8QTcDEnpQ==
X-Amz-Cf-Pop: IAD12-P3
X-Cache: Hit from cloudfront

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 258 KB
86 KB 168ms
64ms Script
application/javascript 172.217.222.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WRNNB6R&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Requested by

Host: login.service.client.iaprivatewealth.ca
URL: https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/saml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.222.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

68fa32868aec95dcedaa5f9bbce348f09419ae617fe739b3b9aa5610825a45b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.service.client.iaprivatewealth.ca/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Mon, 04 Nov 2024 21:17:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 04 Nov 2024 21:17:34 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 04 Nov 2024 21:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 87330
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 montserrat-regular-webfont.woff2
content.ia.ca/Content/ia/fonts/ 15 KB
15 KB 166ms
42ms Font
application/x-font-woff 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://content.ia.ca/Content/ia/fonts/montserrat-regular-webfont.woff2

Requested by

Host: clientportal.iaprivatewealth.ca
URL: https://clientportal.iaprivatewealth.ca/oie/static/css/main.0ce7fc0f.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (chd/0728) /

Resource Hash

e7907501c0d4588fa7529b23d8c6d5b9cdc3e35c656c1d96d704a406704bac01

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' ia.ca .ia.ca .inalco.com .ia.iafg.net .iteslive.tv iplayerbridge://*
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://login.service.client.iaprivatewealth.ca
Referer: https://clientportal.iaprivatewealth.ca/

Response headers

content-encoding: gzip
etag: "0abb450c92bdb1:0+gzip"
age: 327722
x-content-type-options: nosniff
expires: Tue, 04 Nov 2025 21:17:34 GMT
x-cache: HIT
date: Mon, 04 Nov 2024 21:17:34 GMT
content-type: application/x-font-woff
vary: Accept-Encoding
last-modified: Thu, 31 Oct 2024 19:15:58 GMT
access-control-allow-headers: Content-Type, Accept, X-Requested-With, Session
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: frame-ancestors 'self' ia.ca *.ia.ca *.inalco.com *.ia.iafg.net *.iteslive.tv iplayerbridge://*
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 15171
x-xss-protection: 1; mode=block
server: ECAcc (chd/0728)

GET
H2 200 opensans-regular-webfont.woff2
content.ia.ca/Content/ia/fonts/ 15 KB
16 KB 162ms
39ms Font
application/x-font-woff 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://content.ia.ca/Content/ia/fonts/opensans-regular-webfont.woff2

Requested by

Host: clientportal.iaprivatewealth.ca
URL: https://clientportal.iaprivatewealth.ca/oie/static/css/main.0ce7fc0f.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (chd/0785) /

Resource Hash

60f9b5203842a4fe2d52f7c96f3c57b755bbf8f347535469739bcc6f95a9c4b5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' ia.ca .ia.ca .inalco.com .ia.iafg.net .iteslive.tv iplayerbridge://*
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://login.service.client.iaprivatewealth.ca
Referer: https://clientportal.iaprivatewealth.ca/

Response headers

content-encoding: gzip
etag: "0abb450c92bdb1:0+gzip"
age: 327722
x-content-type-options: nosniff
expires: Tue, 04 Nov 2025 21:17:34 GMT
x-cache: HIT
date: Mon, 04 Nov 2024 21:17:34 GMT
content-type: application/x-font-woff
vary: Accept-Encoding
last-modified: Thu, 31 Oct 2024 19:15:58 GMT
access-control-allow-headers: Content-Type, Accept, X-Requested-With, Session
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: frame-ancestors 'self' ia.ca *.ia.ca *.inalco.com *.ia.iafg.net *.iteslive.tv iplayerbridge://*
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 15530
x-xss-protection: 1; mode=block
server: ECAcc (chd/0785)

GET
H/1.1 200
OK background.22db91dc528bf34f99e9.jpg
clientportal.iaprivatewealth.ca/oie/static/media/ 591 KB
0 421ms
420ms Image
image/jpeg 52.139.17.111
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://clientportal.iaprivatewealth.ca/oie/static/media/background.22db91dc528bf34f99e9.jpg

Requested by

Host: login.service.client.iaprivatewealth.ca
URL: https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/saml

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.139.17.111 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.service.client.iaprivatewealth.ca/

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000,public
etag: "668c15e3-ca9c7"
x-envoy-upstream-service-time: 5
Connection: keep-alive
X-Content-Type-Options: nosniff
expires: Tue, 04 Nov 2025 21:17:34 GMT
accept-ranges: bytes
server-timing: dtSInfo;desc="0", dtRpid;desc="1799519628"
Content-Length: 829895
Date: Mon, 04 Nov 2024 21:17:34 GMT
Content-Type: image/jpeg
last-modified: Mon, 08 Jul 2024 16:37:55 GMT
X-Frame-Options: DENY

GET
H2 200 opensans-semibold-webfont.woff2
content.ia.ca/Content/ia/fonts/ 16 KB
16 KB 49ms
48ms Font
application/x-font-woff 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://content.ia.ca/Content/ia/fonts/opensans-semibold-webfont.woff2

Requested by

Host: clientportal.iaprivatewealth.ca
URL: https://clientportal.iaprivatewealth.ca/oie/static/css/main.0ce7fc0f.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (chd/076C) /

Resource Hash

efc029e0546f49ed87c043e09393a995468c2ab1a139332b3aca0fdbe93fe51e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' ia.ca .ia.ca .inalco.com .ia.iafg.net .iteslive.tv iplayerbridge://*
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://login.service.client.iaprivatewealth.ca
Referer: https://clientportal.iaprivatewealth.ca/

Response headers

content-encoding: gzip
etag: "0abb450c92bdb1:0+gzip"
age: 327720
x-content-type-options: nosniff
expires: Tue, 04 Nov 2025 21:17:34 GMT
x-cache: HIT
date: Mon, 04 Nov 2024 21:17:34 GMT
content-type: application/x-font-woff
vary: Accept-Encoding
last-modified: Thu, 31 Oct 2024 19:15:58 GMT
access-control-allow-headers: Content-Type, Accept, X-Requested-With, Session
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: frame-ancestors 'self' ia.ca *.ia.ca *.inalco.com *.ia.iafg.net *.iteslive.tv iplayerbridge://*
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 16067
x-xss-protection: 1; mode=block
server: ECAcc (chd/076C)

GET
H2 200 montserrat-bold-webfont.woff2
content.ia.ca/Content/ia/fonts/ 15 KB
15 KB 45ms
44ms Font
application/x-font-woff 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://content.ia.ca/Content/ia/fonts/montserrat-bold-webfont.woff2

Requested by

Host: clientportal.iaprivatewealth.ca
URL: https://clientportal.iaprivatewealth.ca/oie/static/css/main.0ce7fc0f.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (chd/0752) /

Resource Hash

e6822c4bf502293c833706d8c854d45c22aa3630b479cec820ab717926acfc0c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' ia.ca .ia.ca .inalco.com .ia.iafg.net .iteslive.tv iplayerbridge://*
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://login.service.client.iaprivatewealth.ca
Referer: https://clientportal.iaprivatewealth.ca/

Response headers

content-encoding: gzip
etag: "0abb450c92bdb1:0+gzip"
age: 327720
x-content-type-options: nosniff
expires: Tue, 04 Nov 2025 21:17:34 GMT
x-cache: HIT
date: Mon, 04 Nov 2024 21:17:34 GMT
content-type: application/x-font-woff
vary: Accept-Encoding
last-modified: Thu, 31 Oct 2024 19:15:58 GMT
access-control-allow-headers: Content-Type, Accept, X-Requested-With, Session
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: frame-ancestors 'self' ia.ca *.ia.ca *.inalco.com *.ia.iafg.net *.iteslive.tv iplayerbridge://*
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 15435
x-xss-protection: 1; mode=block
server: ECAcc (chd/0752)

GET
H2 200 opensans-light-webfont.woff2
content.ia.ca/Content/ia/fonts/ 16 KB
16 KB 44ms
44ms Font
application/x-font-woff 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://content.ia.ca/Content/ia/fonts/opensans-light-webfont.woff2

Requested by

Host: clientportal.iaprivatewealth.ca
URL: https://clientportal.iaprivatewealth.ca/oie/static/css/main.0ce7fc0f.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (chd/0736) /

Resource Hash

1f1ab7f1b22c02d93e5bd37b04e7e848afd14337697f652c1454d14e801676f2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' ia.ca .ia.ca .inalco.com .ia.iafg.net .iteslive.tv iplayerbridge://*
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://login.service.client.iaprivatewealth.ca
Referer: https://clientportal.iaprivatewealth.ca/

Response headers

content-encoding: gzip
etag: "0abb450c92bdb1:0+gzip"
age: 327720
x-content-type-options: nosniff
expires: Tue, 04 Nov 2025 21:17:34 GMT
x-cache: HIT
date: Mon, 04 Nov 2024 21:17:34 GMT
content-type: application/x-font-woff
vary: Accept-Encoding
last-modified: Thu, 31 Oct 2024 19:15:58 GMT
access-control-allow-headers: Content-Type, Accept, X-Requested-With, Session
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: frame-ancestors 'self' ia.ca *.ia.ca *.inalco.com *.ia.iafg.net *.iteslive.tv iplayerbridge://*
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 16083
x-xss-protection: 1; mode=block
server: ECAcc (chd/0736)

GET
H/1.1 200
OK 464.a4a14923.chunk.css
clientportal.iaprivatewealth.ca/oie/static/css/ 9 KB
5 KB 68ms
68ms Stylesheet
text/css 52.139.17.111
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://clientportal.iaprivatewealth.ca/oie/static/css/464.a4a14923.chunk.css

Requested by

Host: clientportal.iaprivatewealth.ca
URL: https://clientportal.iaprivatewealth.ca/oie/permalink/js/main.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.139.17.111 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8e1995104a188a558ac1c54013fe1b084631cc72cce7981a007e79d247d3b080

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.service.client.iaprivatewealth.ca/

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000,public
content-encoding: gzip
etag: W/"668c15e3-2473"
x-envoy-upstream-service-time: 4
Connection: keep-alive
X-Content-Type-Options: nosniff
expires: Tue, 04 Nov 2025 21:17:34 GMT
server-timing: dtSInfo;desc="0", dtRpid;desc="-949122095"
Date: Mon, 04 Nov 2024 21:17:34 GMT
Content-Type: text/css
last-modified: Mon, 08 Jul 2024 16:37:55 GMT
X-Frame-Options: DENY

GET
H/1.1 200
OK 464.391f179c.chunk.js Show response
clientportal.iaprivatewealth.ca/oie/static/js/ 430 B
863 B 67ms
66ms Script
application/javascript 52.139.17.111
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://clientportal.iaprivatewealth.ca/oie/static/js/464.391f179c.chunk.js

Requested by

Host: clientportal.iaprivatewealth.ca
URL: https://clientportal.iaprivatewealth.ca/oie/permalink/js/main.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.139.17.111 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d17d0721db0e4c61d67113763a0fcecba7684df401d149ae173af66f4d047ad5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.service.client.iaprivatewealth.ca/

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000,public
content-encoding: gzip
etag: W/"668c15e3-1ae"
x-envoy-upstream-service-time: 4
Connection: keep-alive
X-Content-Type-Options: nosniff
expires: Tue, 04 Nov 2025 21:17:34 GMT
server-timing: dtSInfo;desc="0", dtRpid;desc="-907428932"
Date: Mon, 04 Nov 2024 21:17:34 GMT
Content-Type: application/javascript; charset=UTF-8
last-modified: Mon, 08 Jul 2024 16:37:55 GMT
X-Frame-Options: DENY

OPTIONS
H/1.1 200
OK Children
client.iaprivatewealth.ca/sitecore/api/ssc/aggregate/content/Items('/sitecore/content/Extranet/iA%20Securities%20My%20Client%20Space/home/global/footers/footer%20non-authenticated')/ Frame 0
0 163ms
79ms Preflight 207.134.102.244
TELUS Communications

General

Check archive.org

Show headers Download Go to

Full URL

https://client.iaprivatewealth.ca/sitecore/api/ssc/aggregate/content/Items('/sitecore/content/Extranet/iA%20Securities%20My%20Client%20Space/home/global/footers/footer%20non-authenticated')/Children?language=en&sc_apikey={782D5EC3-5E0C-4C01-BBFC-B3F8F34CC00D}&$select=TemplateName,Created&$expand=Fields($select=Name,Value)

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

207.134.102.244 Québec, Canada, ASN852 (TELUS Communications, CA),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-ia-channel,x-ia-user-context
Access-Control-Request-Method: GET
Origin: https://login.service.client.iaprivatewealth.ca
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: x-ia-channel,x-ia-user-context Content-Type, Accept, X-Requested-With, Session
Access-Control-Allow-Origin: https://login.service.client.iaprivatewealth.ca
Cache-Control: private, no-cache, no-store, max-age=0, no-transform
Connection: keep-alive
Content-Length: 0
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com; upgrade-insecure-requests; block-all-mixed-content;
Date: Mon, 04 Nov 2024 21:17:34 GMT
Expires: 0
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Children Show response
client.iaprivatewealth.ca/sitecore/api/ssc/aggregate/content/Items('/sitecore/content/Extranet/iA%20Securities%20My%20Client%20Space/home/global/footers/footer%20non-authenticated')/ 2 KB
2 KB 1200ms
1162ms XHR
application/json 207.134.102.244
TELUS Communications

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: clientportal.iaprivatewealth.ca
URL: https://clientportal.iaprivatewealth.ca/oie/permalink/js/main.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

207.134.102.244 Québec, Canada, ASN852 (TELUS Communications, CA),

Reverse DNS

Software

Resource Hash

21d3220834a0591ce732d0a748b7adc8b266aba965130269f86a6b9749ace75c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

x-ia-user-context: client
x-ia-channel: web
Referer: https://login.service.client.iaprivatewealth.ca/
Accept-Language: en
Accept: application/json, text/plain, */*
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

X-Content-Type-Options: nosniff
Expires: 0
Date: Mon, 04 Nov 2024 21:17:34 GMT
Content-Type: application/json; odata.metadata=minimal
OData-Version: 4.0
Access-Control-Allow-Headers: Content-Type, Accept, X-Requested-With, Session
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com; upgrade-insecure-requests; block-all-mixed-content;
Cache-Control: private, no-cache, no-store, max-age=0, no-transform
Pragma: no-cache
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://login.service.client.iaprivatewealth.ca
Content-Length: 1588
X-XSS-Protection: 1; mode=block

OPTIONS
H/1.1 200
OK Phone%20number')
client.iaprivatewealth.ca/sitecore/api/ssc/aggregate/content/Items('/sitecore/content/Extranet/iA%20Securities%20My%20Client%20Space/home/Need%20Help/ Frame 0
0 199ms
114ms Preflight 207.134.102.244
TELUS Communications

General

Check archive.org

Show headers Download Go to

Full URL

https://client.iaprivatewealth.ca/sitecore/api/ssc/aggregate/content/Items('/sitecore/content/Extranet/iA%20Securities%20My%20Client%20Space/home/Need%20Help/Phone%20number')?language=en&sc_apikey={782D5EC3-5E0C-4C01-BBFC-B3F8F34CC00D}&$select=TemplateName,Created&$expand=Fields($select=Name,Value)

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

207.134.102.244 Québec, Canada, ASN852 (TELUS Communications, CA),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-ia-channel,x-ia-user-context
Access-Control-Request-Method: GET
Origin: https://login.service.client.iaprivatewealth.ca
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: x-ia-channel,x-ia-user-context Content-Type, Accept, X-Requested-With, Session
Access-Control-Allow-Origin: https://login.service.client.iaprivatewealth.ca
Cache-Control: private, no-cache, no-store, max-age=0, no-transform
Connection: keep-alive
Content-Length: 0
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com; upgrade-insecure-requests; block-all-mixed-content;
Date: Mon, 04 Nov 2024 21:17:34 GMT
Expires: 0
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Phone%20number') Show response
client.iaprivatewealth.ca/sitecore/api/ssc/aggregate/content/Items('/sitecore/content/Extranet/iA%20Securities%20My%20Client%20Space/home/Need%20Help/ 338 B
1 KB 82ms
65ms XHR
application/json 207.134.102.244
TELUS Communications

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: clientportal.iaprivatewealth.ca
URL: https://clientportal.iaprivatewealth.ca/oie/permalink/js/main.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

207.134.102.244 Québec, Canada, ASN852 (TELUS Communications, CA),

Reverse DNS

Software

Resource Hash

37679dd164fbd3a91826c61b753af654afe0aebde3891f3682a4df802545f426

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

x-ia-user-context: client
x-ia-channel: web
Referer: https://login.service.client.iaprivatewealth.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*

Response headers

X-Content-Type-Options: nosniff
Expires: 0
Date: Mon, 04 Nov 2024 21:17:34 GMT
Content-Type: application/json; odata.metadata=minimal
OData-Version: 4.0
Access-Control-Allow-Headers: Content-Type, Accept, X-Requested-With, Session
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com; upgrade-insecure-requests; block-all-mixed-content;
Cache-Control: private, no-cache, no-store, max-age=0, no-transform
Pragma: no-cache
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://login.service.client.iaprivatewealth.ca
Content-Length: 338
X-XSS-Protection: 1; mode=block

OPTIONS
H/1.1 200
OK Business%20Hours')
client.iaprivatewealth.ca/sitecore/api/ssc/aggregate/content/Items('/sitecore/content/Extranet/iA%20Securities%20My%20Client%20Space/home/Need%20Help/ Frame 0
0 142ms
58ms Preflight 207.134.102.244
TELUS Communications

General

Check archive.org

Show headers Download Go to

Full URL

https://client.iaprivatewealth.ca/sitecore/api/ssc/aggregate/content/Items('/sitecore/content/Extranet/iA%20Securities%20My%20Client%20Space/home/Need%20Help/Business%20Hours')?language=en&sc_apikey={782D5EC3-5E0C-4C01-BBFC-B3F8F34CC00D}&$select=TemplateName,Created&$expand=Fields($select=Name,Value)

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

207.134.102.244 Québec, Canada, ASN852 (TELUS Communications, CA),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-ia-channel,x-ia-user-context
Access-Control-Request-Method: GET
Origin: https://login.service.client.iaprivatewealth.ca
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: x-ia-channel,x-ia-user-context Content-Type, Accept, X-Requested-With, Session
Access-Control-Allow-Origin: https://login.service.client.iaprivatewealth.ca
Cache-Control: private, no-cache, no-store, max-age=0, no-transform
Connection: keep-alive
Content-Length: 0
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com; upgrade-insecure-requests; block-all-mixed-content;
Date: Mon, 04 Nov 2024 21:17:34 GMT
Expires: 0
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Business%20Hours') Show response
client.iaprivatewealth.ca/sitecore/api/ssc/aggregate/content/Items('/sitecore/content/Extranet/iA%20Securities%20My%20Client%20Space/home/Need%20Help/ 7 KB
8 KB 1099ms
1079ms XHR
application/json 207.134.102.244
TELUS Communications

General

Check archive.org

Show headers Download Go to

Full URL

https://client.iaprivatewealth.ca/sitecore/api/ssc/aggregate/content/Items('/sitecore/content/Extranet/iA%20Securities%20My%20Client%20Space/home/Need%20Help/Business%20Hours')?language=en&sc_apikey={782D5EC3-5E0C-4C01-BBFC-B3F8F34CC00D}&$select=TemplateName,Created&$expand=Fields($select=Name,Value)

Requested by

Host: clientportal.iaprivatewealth.ca
URL: https://clientportal.iaprivatewealth.ca/oie/permalink/js/main.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

207.134.102.244 Québec, Canada, ASN852 (TELUS Communications, CA),

Reverse DNS

Software

Resource Hash

78eb7307073bd56597d62405e60503ecaead04753110bf2d4efce9b2d60568fd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

x-ia-user-context: client
x-ia-channel: web
Referer: https://login.service.client.iaprivatewealth.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*

Response headers

X-Content-Type-Options: nosniff
Expires: 0
Date: Mon, 04 Nov 2024 21:17:33 GMT
Content-Type: application/json; odata.metadata=minimal
OData-Version: 4.0
Access-Control-Allow-Headers: Content-Type, Accept, X-Requested-With, Session
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com; upgrade-insecure-requests; block-all-mixed-content;
Cache-Control: private, no-cache, no-store, max-age=0, no-transform
Pragma: no-cache
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://login.service.client.iaprivatewealth.ca
Content-Length: 7327
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK logoEn.dd37c79fbaf1f2da57af.png
clientportal.iaprivatewealth.ca/oie/static/media/ 21 KB
21 KB 177ms
119ms Image
image/png 52.139.17.111
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://clientportal.iaprivatewealth.ca/oie/static/media/logoEn.dd37c79fbaf1f2da57af.png

Requested by

Host: login.service.client.iaprivatewealth.ca
URL: https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/saml

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.139.17.111 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0a485da6f1fbd7db6e7ddaa7631520ea8f026aeec10734a9295746baa481cc57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.service.client.iaprivatewealth.ca/

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000,public
etag: "668c15e3-52c1"
x-envoy-upstream-service-time: 5
Connection: keep-alive
X-Content-Type-Options: nosniff
expires: Tue, 04 Nov 2025 21:17:34 GMT
accept-ranges: bytes
server-timing: dtSInfo;desc="0", dtRpid;desc="357208449"
Content-Length: 21185
Date: Mon, 04 Nov 2024 21:17:34 GMT
Content-Type: image/png
last-modified: Mon, 08 Jul 2024 16:37:55 GMT
X-Frame-Options: DENY

OPTIONS
H/1.1 200
OK instabilityMessages
client.iaprivatewealth.ca/cw/api/ Frame 0
0 201ms
140ms Preflight 207.134.102.244
TELUS Communications

General

Check archive.org

Show headers Download Go to

Full URL

https://client.iaprivatewealth.ca/cw/api/instabilityMessages?sc_lang=en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

207.134.102.244 Québec, Canada, ASN852 (TELUS Communications, CA),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' ia.ca .ia.ca .inalco.com .ia.iafg.net .iteslive.tv iplayerbridge://*
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-ia-channel,x-ia-user-context
Access-Control-Request-Method: GET
Origin: https://login.service.client.iaprivatewealth.ca
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true true
Access-Control-Allow-Headers: x-ia-channel,x-ia-user-context Content-Type, Accept, X-Requested-With, Session
Access-Control-Allow-Origin: https://login.service.client.iaprivatewealth.ca
Cache-Control: private, no-cache, no-store, max-age=0, no-transform
Connection: keep-alive
Content-Length: 0
Content-Security-Policy: frame-ancestors 'self' ia.ca *.ia.ca *.inalco.com *.ia.iafg.net *.iteslive.tv iplayerbridge://*
Date: Mon, 04 Nov 2024 21:17:33 GMT
Expires: 0
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK instabilityMessages Show response
client.iaprivatewealth.ca/cw/api/ 2 B
1012 B 156ms
156ms XHR
application/json 207.134.102.244
TELUS Communications

General

Check archive.org

Show headers Download Go to

Full URL

https://client.iaprivatewealth.ca/cw/api/instabilityMessages?sc_lang=en

Requested by

Host: clientportal.iaprivatewealth.ca
URL: https://clientportal.iaprivatewealth.ca/oie/permalink/js/main.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

207.134.102.244 Québec, Canada, ASN852 (TELUS Communications, CA),

Reverse DNS

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' ia.ca .ia.ca .inalco.com .ia.iafg.net .iteslive.tv iplayerbridge://*
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

x-ia-user-context: client
x-ia-channel: web
Referer: https://login.service.client.iaprivatewealth.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*

Response headers

X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Security-Policy: frame-ancestors 'self' ia.ca *.ia.ca *.inalco.com *.ia.iafg.net *.iteslive.tv iplayerbridge://*
Cache-Control: private, no-cache, no-store, max-age=0, no-transform
Pragma: no-cache
Connection: keep-alive
Access-Control-Allow-Credentials: true, true
X-Content-Type-Options: nosniff
Expires: 0
Access-Control-Allow-Origin: https://login.service.client.iaprivatewealth.ca
Content-Length: 2
X-XSS-Protection: 1; mode=block
Date: Mon, 04 Nov 2024 21:17:34 GMT
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Headers: Content-Type, Accept, X-Requested-With, Session

OPTIONS
H/1.1 200
OK authentication-informative-message-full')
client.iaprivatewealth.ca/sitecore/api/ssc/aggregate/content/Items('/sitecore/content/Extranet/iA%20Securities%20My%20Client%20Space/home/login/ Frame 0
0 1136ms
1063ms Preflight 207.134.102.244
TELUS Communications

General

Check archive.org

Show headers Download Go to

Full URL

https://client.iaprivatewealth.ca/sitecore/api/ssc/aggregate/content/Items('/sitecore/content/Extranet/iA%20Securities%20My%20Client%20Space/home/login/authentication-informative-message-full')?language=en&sc_apikey={782D5EC3-5E0C-4C01-BBFC-B3F8F34CC00D}&$select=TemplateName,Created&$expand=Fields($select=Name,Value)

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

207.134.102.244 Québec, Canada, ASN852 (TELUS Communications, CA),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-ia-channel,x-ia-user-context
Access-Control-Request-Method: GET
Origin: https://login.service.client.iaprivatewealth.ca
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: x-ia-channel,x-ia-user-context Content-Type, Accept, X-Requested-With, Session
Access-Control-Allow-Origin: https://login.service.client.iaprivatewealth.ca
Cache-Control: private, no-cache, no-store, max-age=0, no-transform
Connection: keep-alive
Content-Length: 0
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com; upgrade-insecure-requests; block-all-mixed-content;
Date: Mon, 04 Nov 2024 21:17:33 GMT
Expires: 0
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H/1.1 404
Not Found authentication-informative-message-full') Show response
client.iaprivatewealth.ca/sitecore/api/ssc/aggregate/content/Items('/sitecore/content/Extranet/iA%20Securities%20My%20Client%20Space/home/login/ 0
839 B 61ms
61ms XHR
text/plain 207.134.102.244
TELUS Communications

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: clientportal.iaprivatewealth.ca
URL: https://clientportal.iaprivatewealth.ca/oie/permalink/js/main.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

207.134.102.244 Québec, Canada, ASN852 (TELUS Communications, CA),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

x-ia-user-context: client
x-ia-channel: web
Referer: https://login.service.client.iaprivatewealth.ca/
Accept-Language: en
Accept: application/json, text/plain, */*
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: Content-Type, Accept, X-Requested-With, Session
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com; upgrade-insecure-requests; block-all-mixed-content;
Cache-Control: private, no-cache, no-store, max-age=0, no-transform
Pragma: no-cache
Connection: keep-alive
Access-Control-Allow-Credentials: true
X-Content-Type-Options: nosniff
Expires: 0
Access-Control-Allow-Origin: https://login.service.client.iaprivatewealth.ca
Content-Length: 0
X-XSS-Protection: 1; mode=block
Date: Mon, 04 Nov 2024 21:17:35 GMT
X-Frame-Options: SAMEORIGIN

GET
H2 200 montserrat-black-webfont.woff2
content.ia.ca/Content/ia/fonts/ 15 KB
15 KB 42ms
42ms Font
application/x-font-woff 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://content.ia.ca/Content/ia/fonts/montserrat-black-webfont.woff2

Requested by

Host: clientportal.iaprivatewealth.ca
URL: https://clientportal.iaprivatewealth.ca/oie/static/css/main.0ce7fc0f.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (chd/0791) /

Resource Hash

ddf7d7673aa7220544eba0eb2ad988c542f8aacc70a0640d2079eaad317d9765

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' ia.ca .ia.ca .inalco.com .ia.iafg.net .iteslive.tv iplayerbridge://*
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://login.service.client.iaprivatewealth.ca
Referer: https://clientportal.iaprivatewealth.ca/

Response headers

content-encoding: gzip
etag: "0abb450c92bdb1:0+gzip"
age: 327720
x-content-type-options: nosniff
expires: Tue, 04 Nov 2025 21:17:34 GMT
x-cache: HIT
date: Mon, 04 Nov 2024 21:17:34 GMT
content-type: application/x-font-woff
vary: Accept-Encoding
last-modified: Thu, 31 Oct 2024 19:15:58 GMT
access-control-allow-headers: Content-Type, Accept, X-Requested-With, Session
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: frame-ancestors 'self' ia.ca *.ia.ca *.inalco.com *.ia.iafg.net *.iteslive.tv iplayerbridge://*
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 15199
x-xss-protection: 1; mode=block
server: ECAcc (chd/0791)

GET
H2 200 okta-logo.1e146cad5713da744492be95eb0f7793.png
ok14static.oktacdn.com/assets/img/logos/ 3 KB
0 1ms
0ms Image
image/png 3.167.56.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ok14static.oktacdn.com/assets/img/logos/okta-logo.1e146cad5713da744492be95eb0f7793.png
Requested by: Host: login.service.client.iaprivatewealth.ca
URL: https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/saml
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.167.56.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-167-56-56.iad61.r.cloudfront.net
Software: nginx /
Resource Hash: 4146f4c2384967dede1db1dae2da81c246d3d50228056bc0bb842e2ae868e13a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.service.client.iaprivatewealth.ca/

Response headers

cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
etag: "1e146cad5713da744492be95eb0f7793"
age: 1780915
via: 1.1 3efaf58673d549f89a29498e2fd12e42.cloudfront.net (CloudFront)
expires: Wed, 15 Oct 2025 06:35:35 GMT
accept-ranges: bytes
access-control-allow-origin: *
x-cache: Hit from cloudfront
content-length: 3422
x-amz-cf-id: pBo61n9ul4CuMwvXYgD3bvKZ_OJUENQHQvUv5ftXpHyRe5Za9ZH1cg==
date: Tue, 15 Oct 2024 06:35:35 GMT
content-type: image/png
last-modified: Tue, 24 May 2022 21:46:30 GMT
server: nginx
x-amz-cf-pop: IAD61-P5

POST
H/1.1 200
OK introspect Show response
login.service.client.iaprivatewealth.ca/idp/idx/ 11 KB
14 KB 520ms
322ms Fetch
application/ion+json 76.223.112.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.service.client.iaprivatewealth.ca/idp/idx/introspect

Requested by

Host: ok14static.oktacdn.com
URL: https://ok14static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.24.1/js/okta-sign-in.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.112.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

aea892e467587cd82.awsglobalaccelerator.com

Software

nginx /

Resource Hash

d22f27e9474831563f5e231c4a3489b2982d86f981c2ff4a0e39b665529f4047

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca .oktacdn.com; connect-src 'self' wealth-clients-ia.okta.com wealth-clients-ia-admin.okta.com login.service.client.iaprivatewealth.ca .oktacdn.com .mixpanel.com .mapbox.com .mtls.okta.com wealth-clients-ia.kerberos.okta.com .authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 .authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 .authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 .authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 .authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 .authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' 'report-sample' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca .oktacdn.com; style-src 'unsafe-inline' 'self' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca .oktacdn.com; frame-src 'self' wealth-clients-ia.okta.com wealth-clients-ia-admin.okta.com login.service.client.iaprivatewealth.ca login.okta.com .vidyard.com com-okta-authenticator:; img-src 'self' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca .oktacdn.com .tiles.mapbox.com .mapbox.com .vidyard.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

X-Okta-User-Agent-Extended: okta-auth-js/7.8.0 okta-signin-widget-7.24.1
Referer: https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/saml
Accept-Language: en
Accept: application/ion+json; okta-version=1.0.0
Content-Type: application/ion+json; okta-version=1.0.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

X-Robots-Tag: noindex,nofollow
x-rate-limit-limit: 2000
x-content-type-options: nosniff
expires: 0
p3p: CP="HONK"
Keep-Alive: timeout=5, max=100
Date: Mon, 04 Nov 2024 21:17:35 GMT
Content-Type: application/ion+json;okta-version=1.0.0
x-rate-limit-remaining: 1984
vary: Origin
x-okta-request-id: Zyk57-_uprC4JrffWZv9qAAADjA
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=315360000; includeSubDomains
content-security-policy: default-src 'self' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca *.oktacdn.com; connect-src 'self' wealth-clients-ia.okta.com wealth-clients-ia-admin.okta.com login.service.client.iaprivatewealth.ca *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com wealth-clients-ia.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' 'report-sample' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca *.oktacdn.com; style-src 'unsafe-inline' 'self' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca *.oktacdn.com; frame-src 'self' wealth-clients-ia.okta.com wealth-clients-ia-admin.okta.com login.service.client.iaprivatewealth.ca login.okta.com *.vidyard.com com-okta-authenticator:; img-src 'self' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca *.oktacdn.com *.tiles.mapbox.com *.mapbox.com *.vidyard.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
cache-control: no-cache, no-store
x-rate-limit-reset: 1730755077
pragma: no-cache
accept-ch: Sec-CH-UA-Platform-Version
Connection: Keep-Alive
access-control-allow-credentials: true
referrer-policy: strict-origin-when-cross-origin
access-control-allow-origin: https://login.service.client.iaprivatewealth.ca
x-xss-protection: 0
Server: nginx

GET
H2 200 cookie-consent.css
cdn-app3.securiti.ai/consent/ 62 KB
11 KB 150ms
49ms Stylesheet
text/css 18.160.46.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-app3.securiti.ai/consent/cookie-consent.css

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WRNNB6R&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.46.28 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-46-28.iad55.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

95bc0efbecdb0ae1ebd747d832409924829f20e4311015636e9e16b305abf5be

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.service.client.iaprivatewealth.ca/

Response headers

content-encoding: gzip
x-amz-version-id: tOjs2meIyAVK2ssXIsUf8mohJfnlgXuy
etag: W/"7cbeffb5d131cf4e53e787e9575bf026"
age: 2690
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: WGFtIvNPUzQiccqnr52WZvj-uEJOSayGRS-TmR2OWxfMs_1khPE7Lw==
date: Mon, 04 Nov 2024 20:32:47 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 29 Oct 2024 07:46:29 GMT
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
referrer-policy: no-referrer
via: 1.1 341de8df4217bc427eae27ed066ab4ce.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD55-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 84762d7b-8ed2-4267-9b45-7feb7bf582ec.js Show response
cdn-app3.securiti.ai/consent/auto_blocking/339a0270-1806-4184-a704-309a74f7a060/ 15 KB
6 KB 152ms
52ms Script
application/javascript 18.160.46.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-app3.securiti.ai/consent/auto_blocking/339a0270-1806-4184-a704-309a74f7a060/84762d7b-8ed2-4267-9b45-7feb7bf582ec.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WRNNB6R&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.46.28 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-46-28.iad55.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

915980f70557677b79f6ba9131ffbb53c17dd729277adfb5eb697209c642d3c7

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.service.client.iaprivatewealth.ca/

Response headers

content-encoding: gzip
x-amz-version-id: 4jgauYSbuDN931gjl.7yC7ODHqESxq1c
etag: W/"1d7150e577558b7e7d92260fff947188"
age: 22894
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: 2j3EfKDil7S-Yq-OFvTCTMoK8i-qJfUOQViPpDq3bk3Blh9wcHysJg==
date: Mon, 04 Nov 2024 14:56:01 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 20 Feb 2024 19:35:14 GMT
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
cache-control: public,max-age=86400
referrer-policy: no-referrer
via: 1.1 341de8df4217bc427eae27ed066ab4ce.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD55-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 305 KB
103 KB 69ms
66ms Script
application/javascript 172.217.222.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MWJX3G6SR5&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WRNNB6R&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.222.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

74ab2a73275cffb6e4d6ca4ed5f01b67ca0a824f85a6e2e94047af476d57462f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.service.client.iaprivatewealth.ca/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 04 Nov 2024 21:17:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 04 Nov 2024 21:17:34 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 105126
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 1da09377-0e86-4786-8b35-4d01b5b8b8d5.js Show response
cdn.mouseflow.com/projects/ 249 KB
67 KB 74ms
40ms Script
application/javascript 104.18.26.50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.mouseflow.com/projects/1da09377-0e86-4786-8b35-4d01b5b8b8d5.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WRNNB6R&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.26.50 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94b8ade27bafa36ccba7a9f493189de759c2c648db8ac0aff30520307f601c76

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.service.client.iaprivatewealth.ca/

Response headers

access-control-expose-headers: *
content-encoding: gzip
cf-cache-status: HIT
etag: W/"cdb63a35ef26db1:0"
age: 281575
x-mf-country: CA
x-content-type-options: nosniff
expires: Tue, 05 Nov 2024 21:17:34 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 04 Nov 2024 21:17:34 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding
last-modified: Fri, 25 Oct 2024 15:04:36 GMT
x-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-mf-continent: NA
cache-control: public, max-age=86400
cf-ray: 8dd7a1b4fdea39ed-YYZ
access-control-allow-origin: *
x-mf-script-region: non-enforced-privacy
server: cloudflare

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 93ms
46ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WRNNB6R&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

924f0b32e86fe959e4290f3690d241cc6a24c08a0a4be56b4d3ce9c2286291bc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-RJEctBzj' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.service.client.iaprivatewealth.ca/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 04 Nov 2024 21:17:34 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-RJEctBzj' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=41, rtx=0, c=23, mss=1232, tbw=4427, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: kJTjVNHY/8Sm4+6C16UK6sH1gAvEp3m4scI/04SVJOAw7S1D+xW/Hiy/VakgdJjIxTzoooztapslJQcKagWOZQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62086
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 heap-3248116687.js Show response
cdn.heapanalytics.com/js/ 117 KB
38 KB 159ms
57ms Script
application/javascript 3.162.125.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-3248116687.js

Requested by

Host: login.service.client.iaprivatewealth.ca
URL: https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/saml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.125.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-125-94.iad61.r.cloudfront.net

Software

nginx / Express

Resource Hash

0fddd5d2c2e7e8ec2c7d8790ff8327a5159c0b33d7dd978c126ec31093e5eafb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.service.client.iaprivatewealth.ca/

Response headers

content-encoding: br
etag: W/"1d4bc-BiAovZS2NWj5EeIIydL4+paxb54"
age: 27
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: f1EFHN9DCaEseIrqBbYq_Qwk1LxP1iVCFVc7x69mAOfjzdOzOgiHuQ==
date: Mon, 04 Nov 2024 21:17:07 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=120
cross-origin-resource-policy: cross-origin
via: 1.1 86ad6dce5c6bd2eccfd339ef94411190.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD61-P3
x-powered-by: Express
server: nginx

GET
H2 200 sdk-stub.js Show response
cdn-app3.securiti.ai/consent/ 4 KB
2 KB 136ms
49ms Script
text/javascript 18.160.46.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-app3.securiti.ai/consent/sdk-stub.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WRNNB6R&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.46.28 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-46-28.iad55.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

a39832a8b2fd6a012d002b43a084a1c2c24a4244373d40307518e82558d93856

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.service.client.iaprivatewealth.ca/

Response headers

content-encoding: gzip
x-amz-version-id: IpnWheNu3aBjdEpyY__7mvECdmD.HiRK
etag: W/"1cad974bde97157ded68f0461b62bdba"
age: 298
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: 29kfKFD6bMlXWAM8NhUa2DT5X-9H1lI3_2ayMNDxpJPbUT0fb2hO4Q==
date: Mon, 04 Nov 2024 21:12:38 GMT
content-type: text/javascript
vary: Accept-Encoding
last-modified: Tue, 29 Oct 2024 07:46:39 GMT
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
referrer-policy: no-referrer
via: 1.1 341de8df4217bc427eae27ed066ab4ce.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD55-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 723532879782711 Show response
connect.facebook.net/signals/config/ 67 KB
13 KB 48ms
47ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/723532879782711?v=2.9.176&r=stable&domain=login.service.client.iaprivatewealth.ca&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

1bee9a6a35a7f0cb539ffa33c111fd84c6f784ab53e78dcbe1a2c046acdf72ff

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-yvrwxsBo' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.service.client.iaprivatewealth.ca/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 04 Nov 2024 21:17:35 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-yvrwxsBo' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=43, rtx=0, c=76, mss=1232, tbw=70219, tp=65, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: oREkkHWJ2GYUm1vzmX3sC29rHvpnNp5gENYNcBwOkzTwp+38ItxHM22AhtaBVEQ8+xgGZGlefxqR0jgusGuP6g==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 13295
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 cookie-consent-sdk-loader.js Show response
cdn-app3.securiti.ai/consent/ 16 KB
6 KB 49ms
49ms Script
text/javascript 18.160.46.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-app3.securiti.ai/consent/cookie-consent-sdk-loader.js

Requested by

Host: login.service.client.iaprivatewealth.ca
URL: https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/saml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.46.28 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-46-28.iad55.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

8a11c3f06ce579e86f973b50b86e27e51ccb9aecd78a6d11ad03cc57d604981f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.service.client.iaprivatewealth.ca/

Response headers

content-encoding: gzip
x-amz-version-id: I8KliceRvX0iaA37DtXger6RtuAvxCNo
etag: W/"c4050e4bae816e39d047750851d10e2a"
age: 3184
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: 7a6A5bnJyn0NzcgLUSDnwH2kV-1-wzViFWywl3sg8BZRe0zZQnwskw==
date: Mon, 04 Nov 2024 20:24:55 GMT
content-type: text/javascript
vary: Accept-Encoding
last-modified: Tue, 29 Oct 2024 07:46:21 GMT
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
referrer-policy: no-referrer
via: 1.1 341de8df4217bc427eae27ed066ab4ce.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD55-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 config_active.json Show response
cdn-app3.securiti.ai/consent/cookie_banner/339a0270-1806-4184-a704-309a74f7a060/84762d7b-8ed2-4267-9b45-7feb7bf582ec/ 292 B
1 KB 429ms
47ms XHR
application/json 18.160.46.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-app3.securiti.ai/consent/cookie_banner/339a0270-1806-4184-a704-309a74f7a060/84762d7b-8ed2-4267-9b45-7feb7bf582ec/config_active.json

Requested by

Host: cdn-app3.securiti.ai
URL: https://cdn-app3.securiti.ai/consent/cookie-consent-sdk-loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.46.28 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-46-28.iad55.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d586acfe50c5bd34ca7dfe4db13a7649fa20d627585d0d843dde2bed70f47a2c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.service.client.iaprivatewealth.ca/

Response headers

access-control-max-age: 0
x-amz-version-id: 0N7Kp7KeXo1umpXWFca_T7wdjOrKbdiT
etag: "a4a5e3b1ef5e12662c55ca32cd2b1a9a"
age: 33735
access-control-allow-methods: GET, HEAD
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: WJp4tkh6Ipy-XiWHuVYAr0chf5Kmf3i3f7LMbf5_2c5IhUxpegUZrQ==
date: Mon, 04 Nov 2024 11:55:21 GMT
content-type: application/json
last-modified: Tue, 20 Feb 2024 19:35:13 GMT
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
cache-control: public,max-age=86400
referrer-policy: no-referrer
via: 1.1 c378d79f6d61c9af35c366d426990acc.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 292
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD55-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 198ms
102ms Image
text/plain 31.13.66.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=723532879782711&ev=PageView&dl=https%3A%2F%2Flogin.service.client.iaprivatewealth.ca%2Fapp%2Fwealth-clients-ia_extranetwealthclientensiteminder_5%2Fexk4euvxngUwx0BYg697%2Fsso%2Fsaml&rl=&if=false&ts=1730755055093&sw=1600&sh=1200&v=2.9.176&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1730755055091.109964429122505545&ler=empty&cdl=API_unavailable&it=1730755054984&coo=false&tm=1&rqm=GET

Requested by

Host: login.service.client.iaprivatewealth.ca
URL: https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/saml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-iad3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.service.client.iaprivatewealth.ca/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=41, rtx=0, c=10, mss=1316, tbw=2959, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Mon, 04 Nov 2024 21:17:35 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
4 KB 199ms
104ms Image
image/png 31.13.66.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=723532879782711&ev=PageView&dl=https%3A%2F%2Flogin.service.client.iaprivatewealth.ca%2Fapp%2Fwealth-clients-ia_extranetwealthclientensiteminder_5%2Fexk4euvxngUwx0BYg697%2Fsso%2Fsaml&rl=&if=false&ts=1730755055093&sw=1600&sh=1200&v=2.9.176&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1730755055091.109964429122505545&ler=empty&cdl=API_unavailable&it=1730755054984&coo=false&tm=1&rqm=FGET

Requested by

Host: login.service.client.iaprivatewealth.ca
URL: https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/saml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-iad3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src 'report-sample' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.service.client.iaprivatewealth.ca/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7433536359939356422"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 04 Nov 2024 21:17:35 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: ZVcc+gSoLWwQARWa87o4z7s2NaJTKZOyAfQIegt/T7WSq9sjYQRYW6tbVza4Q/UT9362o7Qt9+FPKy37h65Vrg==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7433536359939356422", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=41, rtx=0, c=14, mss=1316, tbw=3277, tp=-1, tpl=-1, uplat=54, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 h
heapanalytics.com/ 37 B
378 B 143ms
46ms Image
image/gif 44.208.13.78
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=3248116687&u=3482736933416947&v=7479267694316316&s=5569056761295090&b=web&tv=4.0&z=0&h=%2Fapp%2Fwealth-clients-ia_extranetwealthclientensiteminder_5%2Fexk4euvxngUwx0BYg697%2Fsso%2Fsaml&d=login.service.client.iaprivatewealth.ca&t=Client%20portal&ts=1730755055136&sch=1200&scw=1600&st=1730755055140&lv=4.23.4&ld=cdn.heapanalytics.com

Requested by

Host: login.service.client.iaprivatewealth.ca
URL: https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/saml

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.208.13.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-208-13-78.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.service.client.iaprivatewealth.ca/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
pragma: no-cache
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
access-control-allow-methods: POST, PUT, GET
access-control-allow-origin: *
content-length: 37
date: Mon, 04 Nov 2024 21:17:35 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 opensans-bold-webfont.woff2
content.ia.ca/Content/ia/fonts/ 16 KB
16 KB 81ms
81ms Font
application/x-font-woff 152.195.19.97
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://content.ia.ca/Content/ia/fonts/opensans-bold-webfont.woff2

Requested by

Host: clientportal.iaprivatewealth.ca
URL: https://clientportal.iaprivatewealth.ca/oie/static/css/main.0ce7fc0f.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (chd/0743) /

Resource Hash

f164941997fbc7f7ed7d2a7c3e86b997d647f1910d93fdc2462dd86fd5affa48

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' ia.ca .ia.ca .inalco.com .ia.iafg.net .iteslive.tv iplayerbridge://*
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://login.service.client.iaprivatewealth.ca
Referer: https://clientportal.iaprivatewealth.ca/

Response headers

content-encoding: gzip
etag: "0abb450c92bdb1:0+gzip"
age: 327721
x-content-type-options: nosniff
expires: Tue, 04 Nov 2025 21:17:35 GMT
x-cache: HIT
date: Mon, 04 Nov 2024 21:17:35 GMT
content-type: application/x-font-woff
vary: Accept-Encoding
last-modified: Thu, 31 Oct 2024 19:15:58 GMT
access-control-allow-headers: Content-Type, Accept, X-Requested-With, Session
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: frame-ancestors 'self' ia.ca *.ia.ca *.inalco.com *.ia.iafg.net *.iteslive.tv iplayerbridge://*
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 16238
x-xss-protection: 1; mode=block
server: ECAcc (chd/0743)

GET
H2 200 cookie-consent-latest.css
cdn-app3.securiti.ai/consent/ 62 KB
10 KB 100ms
100ms Stylesheet
text/css 18.160.46.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-app3.securiti.ai/consent/cookie-consent-latest.css

Requested by

Host: cdn-app3.securiti.ai
URL: https://cdn-app3.securiti.ai/consent/cookie-consent-sdk-loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.46.28 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-46-28.iad55.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

95bc0efbecdb0ae1ebd747d832409924829f20e4311015636e9e16b305abf5be

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.service.client.iaprivatewealth.ca/

Response headers

content-encoding: gzip
x-amz-version-id: bzAQgwHsMLXGW.Pb86iTV3Digyz9b0mC
etag: W/"7cbeffb5d131cf4e53e787e9575bf026"
age: 335
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: LUtAl25Lk7jQAhbun_tbnlHaALjFEdxh1HZK8WCUupZmhs9AHaApzw==
date: Mon, 04 Nov 2024 21:12:03 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 29 Oct 2024 07:46:30 GMT
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
referrer-policy: no-referrer
via: 1.1 341de8df4217bc427eae27ed066ab4ce.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD55-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 cookie-consent-sdk-latest.js Show response
cdn-app3.securiti.ai/consent/ 413 KB
96 KB 101ms
101ms Script
text/javascript 18.160.46.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-app3.securiti.ai/consent/cookie-consent-sdk-latest.js

Requested by

Host: cdn-app3.securiti.ai
URL: https://cdn-app3.securiti.ai/consent/cookie-consent-sdk-loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.46.28 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-46-28.iad55.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b7f536a6b796e4197bd4d88d3843c2817d6716080290930efd46747c6fafb419

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.service.client.iaprivatewealth.ca/

Response headers

content-encoding: gzip
x-amz-version-id: hEudmsoL6391bUljav..7niftucbPXaH
etag: W/"2ba720fd18f1526e518084e57542cb1c"
age: 2141
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: 7DxQDShPh8BcLl6Y-IH20QNAIrkNffqQfDsETHTvnEtp4MlmcegSFQ==
date: Mon, 04 Nov 2024 20:42:15 GMT
content-type: text/javascript
vary: Accept-Encoding
last-modified: Tue, 29 Oct 2024 07:46:24 GMT
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
referrer-policy: no-referrer
via: 1.1 341de8df4217bc427eae27ed066ab4ce.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD55-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H2 204 collect
analytics.google.com/g/ 0
0 234ms
120ms Fetch
text/plain 172.217.222.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-MWJX3G6SR5&gtm=45je4au0v885428004z8853831420za200zb853831420&_p=1730755054395&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tcfd=1000g&tag_exp=101823848~101878899~101878944~101925629&cid=247069826.1730755056&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&dp=%2Fapp%2Fwealth-clients-ia_extranetwealthclientensiteminder_5%2Fexk4euvxngUwx0BYg697%2Fsso%2Fsaml&dl=https%3A%2F%2Flogin.service.client.iaprivatewealth.ca%2Fapp%2Fwealth-clients-ia_extranetwealthclientensiteminder_5%2Fexk4euvxngUwx0BYg697%2Fsso%2Fsaml&dr=&sid=1730755055&sct=1&seg=0&dt=Client%20portal&en=page_view&_fv=1&_nsi=1&_ss=1&ep.page_query=&ep.page_html_lang=en&tfd=6793
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MWJX3G6SR5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.222.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: qi-in-f102.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.service.client.iaprivatewealth.ca/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://login.service.client.iaprivatewealth.ca
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 04 Nov 2024 21:17:35 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
570 B 155ms
55ms Ping
text/plain 142.251.16.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-MWJX3G6SR5&cid=247069826.1730755056&gtm=45je4au0v885428004z8853831420za200zb853831420&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101823848~101878899~101878944~101925629
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MWJX3G6SR5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.16.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS: bl-in-f156.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.service.client.iaprivatewealth.ca/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://login.service.client.iaprivatewealth.ca
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 04 Nov 2024 21:17:35 GMT
content-type: text/plain
server: Golfe2

GET rul
td.doubleclick.net/td/ga/ Frame 2A35 0
0

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 901ms
488ms Image
image/gif 172.217.197.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-MWJX3G6SR5&cid=247069826.1730755056&gtm=45je4au0v885428004z8853831420za200zb853831420&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101823848~101878899~101878944~101925629&tag_exp=101823848~101878899~101878944~101925629&z=197281185

Requested by

Host: login.service.client.iaprivatewealth.ca
URL: https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/saml

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.197.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.service.client.iaprivatewealth.ca/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 04 Nov 2024 21:17:36 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 en.json Show response
cdn-app3.securiti.ai/consent/cookie_banner/339a0270-1806-4184-a704-309a74f7a060/84762d7b-8ed2-4267-9b45-7feb7bf582ec/ 56 KB
11 KB 314ms
313ms XHR
application/json 18.160.46.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-app3.securiti.ai/consent/cookie_banner/339a0270-1806-4184-a704-309a74f7a060/84762d7b-8ed2-4267-9b45-7feb7bf582ec/en.json

Requested by

Host: cdn-app3.securiti.ai
URL: https://cdn-app3.securiti.ai/consent/cookie-consent-sdk-latest.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.46.28 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-46-28.iad55.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

bcc32ec28ae418f5489ff7fe01ebbf8184b23befa9df75c92aabf051a85509ee

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.service.client.iaprivatewealth.ca/

Response headers

access-control-max-age: 0
content-encoding: gzip
x-amz-version-id: lLVDKd1ZHj5Er5fyFlF6bK8h1jGemw.b
etag: W/"86c20f49569c8265c59539af496d2910"
age: 15293
access-control-allow-methods: GET, HEAD
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: ijEHPDGbQboP9r0mZQwADtwPgH5lytWD_Bxm_3kyCEGz6RHEpY6zGA==
date: Mon, 04 Nov 2024 17:02:44 GMT
content-type: application/json
last-modified: Tue, 20 Feb 2024 19:35:14 GMT
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
cache-control: public,max-age=86400
referrer-policy: no-referrer
via: 1.1 c378d79f6d61c9af35c366d426990acc.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-amz-cf-pop: IAD55-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 location Show response
app3.securiti.ai/core/v1/utils/geo/ 888 B
1 KB 122ms
42ms XHR
application/json 15.197.223.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app3.securiti.ai/core/v1/utils/geo/location

Requested by

Host: cdn-app3.securiti.ai
URL: https://cdn-app3.securiti.ai/consent/cookie-consent-sdk-latest.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.197.223.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a07ac27ac9ff1ba69.awsglobalaccelerator.com

Software

Resource Hash

4ecdf21da141482a52e13907ae349d209ebc1a77b8a70c68f8e2d405628d3652

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=315360000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.service.client.iaprivatewealth.ca/

Response headers

strict-transport-security: max-age=315360000
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline';
access-control-allow-credentials: true
x-content-type-options: nosniff
x-ratelimit-remaining: 199999
x-ratelimit-reset: 1730755955
access-control-allow-origin: https://login.service.client.iaprivatewealth.ca
content-length: 888
date: Mon, 04 Nov 2024 21:17:35 GMT
x-ratelimit-limit: 200000
content-type: application/json; charset=utf-8
x-xss-protection: 1; mode=block
x-frame-options: DENY

OPTIONS
H2 200 singleupload
app3.securiti.ai/privaci/v1/consent/cookie/ Frame 0
0 36ms
36ms Preflight 15.197.223.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app3.securiti.ai/privaci/v1/consent/cookie/singleupload

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.197.223.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a07ac27ac9ff1ba69.awsglobalaccelerator.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=315360000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-auth-token
Access-Control-Request-Method: POST
Origin: https://login.service.client.iaprivatewealth.ca
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,content-type,x-request-id,x-correlation-id,X-Xsrftoken,X-Auth-Token,X-User-Auth-Token,X-Tenant-Id,X-CMP-UUID,x-xsrf-token,X-DSP-USERID,X-CMP-DOMAIN-ID,X-CMP-FORM-ID,isotype,X-CMP-PrefCenter-Id,X-ORG-ID,x-api-secret,x-tident,x-api-key,X-USER-TOKEN,Authorization,X-Email-Id
access-control-allow-origin: https://login.service.client.iaprivatewealth.ca
access-control-request-method: POST
content-length: 0
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline';
date: Mon, 04 Nov 2024 21:17:36 GMT
strict-transport-security: max-age=315360000
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

POST
H2 200 singleupload Show response
app3.securiti.ai/privaci/v1/consent/cookie/ 67 B
482 B 90ms
89ms XHR
application/json 15.197.223.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app3.securiti.ai/privaci/v1/consent/cookie/singleupload

Requested by

Host: cdn-app3.securiti.ai
URL: https://cdn-app3.securiti.ai/consent/cookie-consent-sdk-latest.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.197.223.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a07ac27ac9ff1ba69.awsglobalaccelerator.com

Software

Resource Hash

f1e25328be62ee5aca4777d33ecfbaf64a502f80dac2008bd7197e236cac8dc7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=315360000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

X-Auth-Token: f2ae1663-319c-4a70-937b-8c1644f44ae7
Referer: https://login.service.client.iaprivatewealth.ca/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: application/json

Response headers

strict-transport-security: max-age=315360000
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline';
access-control-allow-credentials: true
x-content-type-options: nosniff
x-ratelimit-remaining: 199999
x-ratelimit-reset: 1730755956
access-control-allow-origin: https://login.service.client.iaprivatewealth.ca
content-length: 67
date: Mon, 04 Nov 2024 21:17:36 GMT
x-ratelimit-limit: 200000
content-type: application/json; charset=utf-8
x-xss-protection: 1; mode=block
x-frame-options: DENY

POST
H2 204 collect
analytics.google.com/g/ 0
0 57ms
56ms Fetch
text/plain 172.217.222.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-MWJX3G6SR5&gtm=45je4au0v885428004za200zb853831420&_p=1730755054395&gcd=13l3l3l3l1l1&npa=0&dma=0&tcfd=1000g&tag_exp=101823848~101878899~101878944~101925629&cid=247069826.1730755056&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&dp=%2Fapp%2Fwealth-clients-ia_extranetwealthclientensiteminder_5%2Fexk4euvxngUwx0BYg697%2Fsso%2Fsaml&dl=https%3A%2F%2Flogin.service.client.iaprivatewealth.ca%2Fapp%2Fwealth-clients-ia_extranetwealthclientensiteminder_5%2Fexk4euvxngUwx0BYg697%2Fsso%2Fsaml&dr=&sid=1730755055&sct=1&seg=0&dt=Client%20portal&en=scroll&ep.page_query=&ep.page_html_lang=en&epn.percent_scrolled=90&_et=6&tfd=11802
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MWJX3G6SR5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.222.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: qi-in-f102.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://login.service.client.iaprivatewealth.ca/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://login.service.client.iaprivatewealth.ca
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 04 Nov 2024 21:17:40 GMT
content-type: text/plain
server: Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: td.doubleclick.net
URL: https://td.doubleclick.net/td/ga/rul?tid=G-MWJX3G6SR5&gacid=247069826.1730755056&gtm=45je4au0v885428004z8853831420za200zb853831420&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101823848~101878899~101878944~101925629&z=597587789

Verdicts & Comments Add Verdict or Comment

105 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
client.iaprivatewealth.ca/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 1q4znhmbn5ybu5auggv3uwct
client.iaprivatewealth.ca/	1969-12-31 23:59:59	Name: ee-target Value: https%3a%2f%2fclient.iaprivatewealth.ca%2fFWMWPNS1
client.iaprivatewealth.ca/	1969-12-31 23:59:59	Name: dtCookie Value: v_4_srv_10_sn_AF5305459BA407E30B6CA223E1AA76CF_perc_100000_ol_0_mul_1_app-3Afc6f0ffb366d0359_1_rcs-3Acss_0
login.service.client.iaprivatewealth.ca/	1970-01-21 10:21:55	Name: DT Value: DI1yfNKxcggQ5K8LaLFZWSoUQ
.iaprivatewealth.ca/	1969-12-31 23:59:59	Name: dtCookie Value: v_4_srv_1_sn_B0237C857F12C0B0628D690FD317D9D3_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1_rcs-3Acss_0
login.service.client.iaprivatewealth.ca/	1969-12-31 23:59:59	Name: ee_language Value: en
.iaprivatewealth.ca/	1969-12-31 23:59:59	Name: urlLogin Value: https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/saml
.iaprivatewealth.ca/	1970-01-21 02:55:31	Name: _fbp Value: fb.1.1730755055091.109964429122505545
.iaprivatewealth.ca/	1970-01-21 10:13:52	Name: _hp2_id.3248116687 Value: %7B%22userId%22%3A%223482736933416947%22%2C%22pageviewId%22%3A%227479267694316316%22%2C%22sessionId%22%3A%225569056761295090%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
login.service.client.iaprivatewealth.ca/	1969-12-31 23:59:59	Name: JSESSIONID Value: 32436671C02200F8FFE1AF01C6F8D12E
.iaprivatewealth.ca/	1970-01-21 10:21:55	Name: _ga Value: GA1.1.247069826.1730755056
.iaprivatewealth.ca/	1970-01-21 10:21:55	Name: _ga_MWJX3G6SR5 Value: GS1.1.1730755055.1.0.1730755055.60.0.0
.iaprivatewealth.ca/	1970-01-21 00:45:56	Name: _hp2_ses_props.3248116687 Value: %7B%22ts%22%3A1730755055136%2C%22d%22%3A%22login.service.client.iaprivatewealth.ca%22%2C%22h%22%3A%22%2Fapp%2Fwealth-clients-ia_extranetwealthclientensiteminder_5%2Fexk4euvxngUwx0BYg697%2Fsso%2Fsaml%22%7D
.client.iaprivatewealth.ca/	1970-01-21 09:31:31	Name: __privaci_cookie_consent_uuid Value: 79707e6c-da90-4167-be2d-b999c879defb:6
.client.iaprivatewealth.ca/	1970-01-21 09:31:31	Name: __privaci_cookie_consent_generated Value: 79707e6c-da90-4167-be2d-b999c879defb:6
.client.iaprivatewealth.ca/	1970-01-21 00:46:33	Name: __privaci_cookie_no_action Value: {"status":"no-action-consent"}

79 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/saml(Line 8) Message: [Report Only] Refused to load the image 'https://clientportal.iaprivatewealth.ca/oie/Media/favicon.ico' because it violates the following Content Security Policy directive: "img-src 'self' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca .oktacdn.com .tiles.mapbox.com .mapbox.com .vidyard.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:".
security	error	URL: https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/saml Message: [Report Only] Refused to load the script 'https://clientportal.iaprivatewealth.ca/oie/config.js' because it violates the following Content Security Policy directive: "script-src 'unsafe-inline' 'unsafe-eval' 'self' 'report-sample' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca *.oktacdn.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/saml Message: [Report Only] Refused to load the script 'https://clientportal.iaprivatewealth.ca/oie/permalink/js/main.js' because it violates the following Content Security Policy directive: "script-src 'unsafe-inline' 'unsafe-eval' 'self' 'report-sample' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca *.oktacdn.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/saml(Line 24) Message: [Report Only] Refused to load the stylesheet 'https://clientportal.iaprivatewealth.ca/oie/permalink/css/main.css' because it violates the following Content Security Policy directive: "style-src 'unsafe-inline' 'self' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca *.oktacdn.com". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
security	error	URL: https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/saml Message: [Report Only] Refused to load the stylesheet 'https://clientportal.iaprivatewealth.ca/oie/static/css/main.0ce7fc0f.css' because it violates the following Content Security Policy directive: "style-src 'unsafe-inline' 'self' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca *.oktacdn.com". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
security	error	URL: https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/saml Message: [Report Only] Refused to load the script 'https://clientportal.iaprivatewealth.ca/oie/static/js/main.eb07e7ce.js' because it violates the following Content Security Policy directive: "script-src 'unsafe-inline' 'unsafe-eval' 'self' 'report-sample' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca *.oktacdn.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/saml(Line 261) Message: [Report Only] Refused to load the font 'https://content.ia.ca/Content/ia/fonts/montserrat-black-webfont.woff2' because it violates the following Content Security Policy directive: "font-src 'self' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca data: *.oktacdn.com fonts.gstatic.com".
security	error	URL: https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/saml(Line 261) Message: [Report Only] Refused to load the font 'https://content.ia.ca/Content/ia/fonts/montserrat-black-webfont.woff' because it violates the following Content Security Policy directive: "font-src 'self' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca data: *.oktacdn.com fonts.gstatic.com".
security	error	URL: https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/saml(Line 261) Message: [Report Only] Refused to load the font 'https://content.ia.ca/Content/ia/fonts/montserrat-black-webfont.ttf' because it violates the following Content Security Policy directive: "font-src 'self' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca data: *.oktacdn.com fonts.gstatic.com".
security	error	URL: https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/saml(Line 261) Message: [Report Only] Refused to load the font 'https://content.ia.ca/Content/ia/fonts/montserrat-light-webfont.woff2' because it violates the following Content Security Policy directive: "font-src 'self' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca data: *.oktacdn.com fonts.gstatic.com".
security	error	URL: https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/saml(Line 261) Message: [Report Only] Refused to load the font 'https://content.ia.ca/Content/ia/fonts/montserrat-light-webfont.woff' because it violates the following Content Security Policy directive: "font-src 'self' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca data: *.oktacdn.com fonts.gstatic.com".
security	error	URL: https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/saml(Line 261) Message: [Report Only] Refused to load the font 'https://content.ia.ca/Content/ia/fonts/montserrat-light-webfont.ttf' because it violates the following Content Security Policy directive: "font-src 'self' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca data: *.oktacdn.com fonts.gstatic.com".
security	error	URL: https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/saml(Line 261) Message: [Report Only] Refused to load the font 'https://content.ia.ca/Content/ia/fonts/montserrat-thin-webfont.woff2' because it violates the following Content Security Policy directive: "font-src 'self' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca data: *.oktacdn.com fonts.gstatic.com".
security	error	URL: https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/saml(Line 261) Message: [Report Only] Refused to load the font 'https://content.ia.ca/Content/ia/fonts/montserrat-thin-webfont.woff' because it violates the following Content Security Policy directive: "font-src 'self' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca data: *.oktacdn.com fonts.gstatic.com".
security	error	URL: https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/saml(Line 261) Message: [Report Only] Refused to load the font 'https://content.ia.ca/Content/ia/fonts/montserrat-thin-webfont.ttf' because it violates the following Content Security Policy directive: "font-src 'self' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca data: *.oktacdn.com fonts.gstatic.com".
security	error	URL: https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/saml(Line 261) Message: [Report Only] Refused to load the font 'https://content.ia.ca/Content/ia/fonts/montserrat-bold-webfont.woff2' because it violates the following Content Security Policy directive: "font-src 'self' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca data: *.oktacdn.com fonts.gstatic.com".
security	error	URL: https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/saml(Line 261) Message: [Report Only] Refused to load the font 'https://content.ia.ca/Content/ia/fonts/montserrat-bold-webfont.woff' because it violates the following Content Security Policy directive: "font-src 'self' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca data: *.oktacdn.com fonts.gstatic.com".
security	error	URL: https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/saml(Line 261) Message: [Report Only] Refused to load the font 'https://content.ia.ca/Content/ia/fonts/montserrat-bold-webfont.ttf' because it violates the following Content Security Policy directive: "font-src 'self' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca data: *.oktacdn.com fonts.gstatic.com".
security	error	URL: https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/saml(Line 261) Message: [Report Only] Refused to load the font 'https://content.ia.ca/content/commun/fonts/montserrat-extrabold-webfont.woff2' because it violates the following Content Security Policy directive: "font-src 'self' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca data: *.oktacdn.com fonts.gstatic.com".
security	error	URL: https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/saml(Line 261) Message: [Report Only] Refused to load the font 'https://content.ia.ca/content/commun/fonts/montserrat-extrabold-webfont.woff' because it violates the following Content Security Policy directive: "font-src 'self' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca data: *.oktacdn.com fonts.gstatic.com".
security	error	URL: https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/saml(Line 261) Message: [Report Only] Refused to load the font 'https://content.ia.ca/Content/ia/fonts/montserrat-regular-webfont.woff2' because it violates the following Content Security Policy directive: "font-src 'self' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca data: *.oktacdn.com fonts.gstatic.com".
security	error	URL: https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/saml(Line 261) Message: [Report Only] Refused to load the font 'https://content.ia.ca/Content/ia/fonts/montserrat-regular-webfont.woff' because it violates the following Content Security Policy directive: "font-src 'self' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca data: *.oktacdn.com fonts.gstatic.com".
security	error	URL: https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/saml(Line 261) Message: [Report Only] Refused to load the font 'https://content.ia.ca/Content/ia/fonts/montserrat-regular-webfont.ttf' because it violates the following Content Security Policy directive: "font-src 'self' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca data: *.oktacdn.com fonts.gstatic.com".
security	error	URL: https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/saml(Line 261) Message: [Report Only] Refused to load the font 'https://content.ia.ca/Content/ia/fonts/opensans-regular-webfont.woff2' because it violates the following Content Security Policy directive: "font-src 'self' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca data: *.oktacdn.com fonts.gstatic.com".
security	error	URL: https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/saml(Line 261) Message: [Report Only] Refused to load the font 'https://content.ia.ca/Content/ia/fonts/opensans-regular-webfont.woff' because it violates the following Content Security Policy directive: "font-src 'self' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca data: *.oktacdn.com fonts.gstatic.com".
security	error	URL: https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/saml(Line 261) Message: [Report Only] Refused to load the font 'https://content.ia.ca/Content/ia/fonts/opensans-regular-webfont.ttf' because it violates the following Content Security Policy directive: "font-src 'self' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca data: *.oktacdn.com fonts.gstatic.com".
security	error	URL: https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/saml(Line 261) Message: [Report Only] Refused to load the font 'https://content.ia.ca/Content/ia/fonts/opensans-italic-webfont.woff2' because it violates the following Content Security Policy directive: "font-src 'self' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca data: *.oktacdn.com fonts.gstatic.com".
security	error	URL: https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/saml(Line 261) Message: [Report Only] Refused to load the font 'https://content.ia.ca/Content/ia/fonts/opensans-italic-webfont.woff' because it violates the following Content Security Policy directive: "font-src 'self' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca data: *.oktacdn.com fonts.gstatic.com".
security	error	URL: https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/saml(Line 261) Message: [Report Only] Refused to load the font 'https://content.ia.ca/Content/ia/fonts/opensans-italic-webfont.ttf' because it violates the following Content Security Policy directive: "font-src 'self' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca data: *.oktacdn.com fonts.gstatic.com".
security	error	URL: https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/saml(Line 261) Message: [Report Only] Refused to load the font 'https://content.ia.ca/Content/ia/fonts/opensans-bold-webfont.woff2' because it violates the following Content Security Policy directive: "font-src 'self' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca data: *.oktacdn.com fonts.gstatic.com".
security	error	URL: https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/saml(Line 261) Message: [Report Only] Refused to load the font 'https://content.ia.ca/Content/ia/fonts/opensans-bold-webfont.woff' because it violates the following Content Security Policy directive: "font-src 'self' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca data: *.oktacdn.com fonts.gstatic.com".
security	error	URL: https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/saml(Line 261) Message: [Report Only] Refused to load the font 'https://content.ia.ca/Content/ia/fonts/opensans-bold-webfont.ttf' because it violates the following Content Security Policy directive: "font-src 'self' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca data: *.oktacdn.com fonts.gstatic.com".
security	error	URL: https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/saml(Line 261) Message: [Report Only] Refused to load the font 'https://content.ia.ca/Content/ia/fonts/opensans-light-webfont.woff2' because it violates the following Content Security Policy directive: "font-src 'self' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca data: *.oktacdn.com fonts.gstatic.com".
security	error	URL: https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/saml(Line 261) Message: [Report Only] Refused to load the font 'https://content.ia.ca/Content/ia/fonts/opensans-light-webfont.woff' because it violates the following Content Security Policy directive: "font-src 'self' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca data: *.oktacdn.com fonts.gstatic.com".
security	error	URL: https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/saml(Line 261) Message: [Report Only] Refused to load the font 'https://content.ia.ca/Content/ia/fonts/opensans-light-webfont.ttf' because it violates the following Content Security Policy directive: "font-src 'self' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca data: *.oktacdn.com fonts.gstatic.com".
security	error	URL: https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/saml(Line 261) Message: [Report Only] Refused to load the font 'https://content.ia.ca/Content/ia/fonts/opensans-semibold-webfont.woff2' because it violates the following Content Security Policy directive: "font-src 'self' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca data: *.oktacdn.com fonts.gstatic.com".
security	error	URL: https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/saml(Line 261) Message: [Report Only] Refused to load the font 'https://content.ia.ca/Content/ia/fonts/opensans-semibold-webfont.woff' because it violates the following Content Security Policy directive: "font-src 'self' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca data: *.oktacdn.com fonts.gstatic.com".
security	error	URL: https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/saml(Line 261) Message: [Report Only] Refused to load the font 'https://content.ia.ca/Content/ia/fonts/opensans-semibold-webfont.ttf' because it violates the following Content Security Policy directive: "font-src 'self' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca data: *.oktacdn.com fonts.gstatic.com".
security	error	URL: https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/saml(Line 261) Message: [Report Only] Refused to load the font 'https://clientportal.iaprivatewealth.ca/oie/static/media/okticon.18ead8fda945421a9af7.woff' because it violates the following Content Security Policy directive: "font-src 'self' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca data: *.oktacdn.com fonts.gstatic.com".
security	error	URL: https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/saml(Line 261) Message: [Report Only] Refused to load the font 'https://clientportal.iaprivatewealth.ca/oie/static/media/okticon.af5fd3a28c69172a32bf.ttf' because it violates the following Content Security Policy directive: "font-src 'self' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca data: *.oktacdn.com fonts.gstatic.com".
security	error	(Line 5) Message: [Report Only] Refused to load the script 'https://www.googletagmanager.com/gtm.js?id=GTM-WRNNB6R&gtm_auth=&gtm_preview=&gtm_cookies_win=x' because it violates the following Content Security Policy directive: "script-src 'unsafe-inline' 'unsafe-eval' 'self' 'report-sample' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca *.oktacdn.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://clientportal.iaprivatewealth.ca/oie/permalink/js/main.js(Line 174) Message: [Report Only] Refused to load the image 'https://clientportal.iaprivatewealth.ca/oie/static/media/background.22db91dc528bf34f99e9.jpg' because it violates the following Content Security Policy directive: "img-src 'self' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca .oktacdn.com .tiles.mapbox.com .mapbox.com .vidyard.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:".
security	error	URL: https://clientportal.iaprivatewealth.ca/oie/permalink/js/main.js(Line 109) Message: [Report Only] Refused to load the stylesheet 'https://clientportal.iaprivatewealth.ca/oie/static/css/464.a4a14923.chunk.css' because it violates the following Content Security Policy directive: "style-src 'unsafe-inline' 'self' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca *.oktacdn.com". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
security	error	URL: https://clientportal.iaprivatewealth.ca/oie/permalink/js/main.js(Line 109) Message: [Report Only] Refused to load the script 'https://clientportal.iaprivatewealth.ca/oie/static/js/464.391f179c.chunk.js' because it violates the following Content Security Policy directive: "script-src 'unsafe-inline' 'unsafe-eval' 'self' 'report-sample' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca *.oktacdn.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://clientportal.iaprivatewealth.ca/oie/permalink/js/main.js(Line 109) Message: [Report Only] Refused to connect to 'https://client.iaprivatewealth.ca/sitecore/api/ssc/aggregate/content/Items('/sitecore/content/Extranet/iA%20Securities%20My%20Client%20Space/home/global/footers/footer%20non-authenticated')/Children?language=en&sc_apikey={782D5EC3-5E0C-4C01-BBFC-B3F8F34CC00D}&$select=TemplateName,Created&$expand=Fields($select=Name,Value)' because it violates the following Content Security Policy directive: "connect-src 'self' wealth-clients-ia.okta.com wealth-clients-ia-admin.okta.com login.service.client.iaprivatewealth.ca .oktacdn.com .mixpanel.com .mapbox.com .mtls.okta.com wealth-clients-ia.kerberos.okta.com .authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 .authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 .authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 .authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 .authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 .authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com".
security	error	URL: https://clientportal.iaprivatewealth.ca/oie/permalink/js/main.js(Line 109) Message: [Report Only] Refused to connect to 'https://client.iaprivatewealth.ca/sitecore/api/ssc/aggregate/content/Items('/sitecore/content/Extranet/iA%20Securities%20My%20Client%20Space/home/Need%20Help/Phone%20number')?language=en&sc_apikey={782D5EC3-5E0C-4C01-BBFC-B3F8F34CC00D}&$select=TemplateName,Created&$expand=Fields($select=Name,Value)' because it violates the following Content Security Policy directive: "connect-src 'self' wealth-clients-ia.okta.com wealth-clients-ia-admin.okta.com login.service.client.iaprivatewealth.ca .oktacdn.com .mixpanel.com .mapbox.com .mtls.okta.com wealth-clients-ia.kerberos.okta.com .authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 .authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 .authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 .authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 .authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 .authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com".
security	error	URL: https://clientportal.iaprivatewealth.ca/oie/permalink/js/main.js(Line 109) Message: [Report Only] Refused to connect to 'https://client.iaprivatewealth.ca/sitecore/api/ssc/aggregate/content/Items('/sitecore/content/Extranet/iA%20Securities%20My%20Client%20Space/home/Need%20Help/Business%20Hours')?language=en&sc_apikey={782D5EC3-5E0C-4C01-BBFC-B3F8F34CC00D}&$select=TemplateName,Created&$expand=Fields($select=Name,Value)' because it violates the following Content Security Policy directive: "connect-src 'self' wealth-clients-ia.okta.com wealth-clients-ia-admin.okta.com login.service.client.iaprivatewealth.ca .oktacdn.com .mixpanel.com .mapbox.com .mtls.okta.com wealth-clients-ia.kerberos.okta.com .authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 .authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 .authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 .authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 .authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 .authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com".
security	error	URL: https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/saml Message: [Report Only] Refused to load the image 'https://clientportal.iaprivatewealth.ca/oie/static/media/logoEn.dd37c79fbaf1f2da57af.png' because it violates the following Content Security Policy directive: "img-src 'self' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca .oktacdn.com .tiles.mapbox.com .mapbox.com .vidyard.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:".
security	error	URL: https://clientportal.iaprivatewealth.ca/oie/permalink/js/main.js(Line 109) Message: [Report Only] Refused to connect to 'https://client.iaprivatewealth.ca/cw/api/instabilityMessages?sc_lang=en' because it violates the following Content Security Policy directive: "connect-src 'self' wealth-clients-ia.okta.com wealth-clients-ia-admin.okta.com login.service.client.iaprivatewealth.ca .oktacdn.com .mixpanel.com .mapbox.com .mtls.okta.com wealth-clients-ia.kerberos.okta.com .authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 .authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 .authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 .authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 .authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 .authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com".
security	error	URL: https://clientportal.iaprivatewealth.ca/oie/permalink/js/main.js(Line 109) Message: [Report Only] Refused to connect to 'https://client.iaprivatewealth.ca/sitecore/api/ssc/aggregate/content/Items('/sitecore/content/Extranet/iA%20Securities%20My%20Client%20Space/home/login/authentication-informative-message-full')?language=en&sc_apikey={782D5EC3-5E0C-4C01-BBFC-B3F8F34CC00D}&$select=TemplateName,Created&$expand=Fields($select=Name,Value)' because it violates the following Content Security Policy directive: "connect-src 'self' wealth-clients-ia.okta.com wealth-clients-ia-admin.okta.com login.service.client.iaprivatewealth.ca .oktacdn.com .mixpanel.com .mapbox.com .mtls.okta.com wealth-clients-ia.kerberos.okta.com .authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 .authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 .authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 .authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 .authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 .authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com".
security	error	URL: https://www.googletagmanager.com/gtm.js?id=GTM-WRNNB6R&gtm_auth=&gtm_preview=&gtm_cookies_win=x(Line 538) Message: [Report Only] Refused to load the stylesheet 'https://cdn-app3.securiti.ai/consent/cookie-consent.css' because it violates the following Content Security Policy directive: "style-src 'unsafe-inline' 'self' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca *.oktacdn.com". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
security	error	URL: https://www.googletagmanager.com/gtm.js?id=GTM-WRNNB6R&gtm_auth=&gtm_preview=&gtm_cookies_win=x(Line 133) Message: [Report Only] Refused to load the script 'https://cdn-app3.securiti.ai/consent/auto_blocking/339a0270-1806-4184-a704-309a74f7a060/84762d7b-8ed2-4267-9b45-7feb7bf582ec.js' because it violates the following Content Security Policy directive: "script-src 'unsafe-inline' 'unsafe-eval' 'self' 'report-sample' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca *.oktacdn.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://www.googletagmanager.com/gtm.js?id=GTM-WRNNB6R&gtm_auth=&gtm_preview=&gtm_cookies_win=x(Line 134) Message: [Report Only] Refused to load the script 'https://www.googletagmanager.com/gtag/js?id=G-MWJX3G6SR5&l=dataLayer&cx=c' because it violates the following Content Security Policy directive: "script-src 'unsafe-inline' 'unsafe-eval' 'self' 'report-sample' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca *.oktacdn.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://www.googletagmanager.com/gtm.js?id=GTM-WRNNB6R&gtm_auth=&gtm_preview=&gtm_cookies_win=x(Line 134) Message: [Report Only] Refused to load the script 'https://cdn.mouseflow.com/projects/1da09377-0e86-4786-8b35-4d01b5b8b8d5.js' because it violates the following Content Security Policy directive: "script-src 'unsafe-inline' 'unsafe-eval' 'self' 'report-sample' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca *.oktacdn.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://www.googletagmanager.com/gtm.js?id=GTM-WRNNB6R&gtm_auth=&gtm_preview=&gtm_cookies_win=x(Line 134) Message: [Report Only] Refused to load the script 'https://connect.facebook.net/en_US/fbevents.js' because it violates the following Content Security Policy directive: "script-src 'unsafe-inline' 'unsafe-eval' 'self' 'report-sample' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca *.oktacdn.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	(Line 1) Message: [Report Only] Refused to load the script 'https://cdn.heapanalytics.com/js/heap-3248116687.js' because it violates the following Content Security Policy directive: "script-src 'unsafe-inline' 'unsafe-eval' 'self' 'report-sample' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca *.oktacdn.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://www.googletagmanager.com/gtm.js?id=GTM-WRNNB6R&gtm_auth=&gtm_preview=&gtm_cookies_win=x(Line 133) Message: [Report Only] Refused to load the script 'https://cdn-app3.securiti.ai/consent/sdk-stub.js' because it violates the following Content Security Policy directive: "script-src 'unsafe-inline' 'unsafe-eval' 'self' 'report-sample' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca *.oktacdn.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://connect.facebook.net/en_US/fbevents.js(Line 127) Message: [Report Only] Refused to load the script 'https://connect.facebook.net/signals/config/723532879782711?v=2.9.176&r=stable&domain=login.service.client.iaprivatewealth.ca&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113' because it violates the following Content Security Policy directive: "script-src 'unsafe-inline' 'unsafe-eval' 'self' 'report-sample' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca *.oktacdn.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	Message: [Report Only] Refused to load the script 'https://cdn-app3.securiti.ai/consent/cookie-consent-sdk-loader.js' because it violates the following Content Security Policy directive: "script-src 'unsafe-inline' 'unsafe-eval' 'self' 'report-sample' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca *.oktacdn.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://cdn-app3.securiti.ai/consent/cookie-consent-sdk-loader.js Message: [Report Only] Refused to connect to 'https://cdn-app3.securiti.ai/consent/cookie_banner/339a0270-1806-4184-a704-309a74f7a060/84762d7b-8ed2-4267-9b45-7feb7bf582ec/config_active.json' because it violates the following Content Security Policy directive: "connect-src 'self' wealth-clients-ia.okta.com wealth-clients-ia-admin.okta.com login.service.client.iaprivatewealth.ca .oktacdn.com .mixpanel.com .mapbox.com .mtls.okta.com wealth-clients-ia.kerberos.okta.com .authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 .authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 .authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 .authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 .authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 .authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com".
security	error	URL: https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/saml Message: [Report Only] Refused to load the image 'https://www.facebook.com/tr/?id=723532879782711&ev=PageView&dl=https%3A%2F%2Flogin.service.client.iaprivatewealth.ca%2Fapp%2Fwealth-clients-ia_extranetwealthclientensiteminder_5%2Fexk4euvxngUwx0BYg697%2Fsso%2Fsaml&rl=&if=false&ts=1730755055093&sw=1600&sh=1200&v=2.9.176&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1730755055091.109964429122505545&ler=empty&cdl=API_unavailable&it=1730755054984&coo=false&tm=1&rqm=GET' because it violates the following Content Security Policy directive: "img-src 'self' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca .oktacdn.com .tiles.mapbox.com .mapbox.com .vidyard.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:".
security	error	URL: https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/saml Message: [Report Only] Refused to load the image 'https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=723532879782711&ev=PageView&dl=https%3A%2F%2Flogin.service.client.iaprivatewealth.ca%2Fapp%2Fwealth-clients-ia_extranetwealthclientensiteminder_5%2Fexk4euvxngUwx0BYg697%2Fsso%2Fsaml&rl=&if=false&ts=1730755055093&sw=1600&sh=1200&v=2.9.176&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1730755055091.109964429122505545&ler=empty&cdl=API_unavailable&it=1730755054984&coo=false&tm=1&rqm=FGET' because it violates the following Content Security Policy directive: "img-src 'self' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca .oktacdn.com .tiles.mapbox.com .mapbox.com .vidyard.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:".
security	error	URL: https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/saml Message: [Report Only] Refused to load the image 'https://heapanalytics.com/h?a=3248116687&u=3482736933416947&v=7479267694316316&s=5569056761295090&b=web&tv=4.0&z=0&h=%2Fapp%2Fwealth-clients-ia_extranetwealthclientensiteminder_5%2Fexk4euvxngUwx0BYg697%2Fsso%2Fsaml&d=login.service.client.iaprivatewealth.ca&t=Client%20portal&ts=1730755055136&sch=1200&scw=1600&st=1730755055140&lv=4.23.4&ld=cdn.heapanalytics.com' because it violates the following Content Security Policy directive: "img-src 'self' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca .oktacdn.com .tiles.mapbox.com .mapbox.com .vidyard.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:".
security	error	URL: https://cdn-app3.securiti.ai/consent/cookie-consent-sdk-loader.js Message: [Report Only] Refused to load the stylesheet 'https://cdn-app3.securiti.ai/consent/cookie-consent-latest.css' because it violates the following Content Security Policy directive: "style-src 'unsafe-inline' 'self' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca *.oktacdn.com". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
security	error	URL: https://cdn-app3.securiti.ai/consent/cookie-consent-sdk-loader.js Message: [Report Only] Refused to load the script 'https://cdn-app3.securiti.ai/consent/cookie-consent-sdk-latest.js' because it violates the following Content Security Policy directive: "script-src 'unsafe-inline' 'unsafe-eval' 'self' 'report-sample' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca *.oktacdn.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://www.googletagmanager.com/gtag/js?id=G-MWJX3G6SR5&l=dataLayer&cx=c(Line 202) Message: [Report Only] Refused to connect to 'https://analytics.google.com/g/collect?v=2&tid=G-MWJX3G6SR5&gtm=45je4au0v885428004z8853831420za200zb853831420&_p=1730755054395&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tcfd=1000g&tag_exp=101823848~101878899~101878944~101925629&cid=247069826.1730755056&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&dp=%2Fapp%2Fwealth-clients-ia_extranetwealthclientensiteminder_5%2Fexk4euvxngUwx0BYg697%2Fsso%2Fsaml&dl=https%3A%2F%2Flogin.service.client.iaprivatewealth.ca%2Fapp%2Fwealth-clients-ia_extranetwealthclientensiteminder_5%2Fexk4euvxngUwx0BYg697%2Fsso%2Fsaml&dr=&sid=1730755055&sct=1&seg=0&dt=Client%20portal&en=page_view&_fv=1&_nsi=1&_ss=1&ep.page_query=&ep.page_html_lang=en&tfd=6793' because it violates the following Content Security Policy directive: "connect-src 'self' wealth-clients-ia.okta.com wealth-clients-ia-admin.okta.com login.service.client.iaprivatewealth.ca .oktacdn.com .mixpanel.com .mapbox.com .mtls.okta.com wealth-clients-ia.kerberos.okta.com .authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 .authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 .authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 .authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 .authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 .authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com".
security	error	URL: https://www.googletagmanager.com/gtag/js?id=G-MWJX3G6SR5&l=dataLayer&cx=c(Line 202) Message: [Report Only] Refused to connect to 'https://analytics.google.com/g/collect?v=2&tid=G-MWJX3G6SR5&gtm=45je4au0v885428004z8853831420za200zb853831420&_p=1730755054395&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tcfd=1000g&tag_exp=101823848~101878899~101878944~101925629&cid=247069826.1730755056&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&dp=%2Fapp%2Fwealth-clients-ia_extranetwealthclientensiteminder_5%2Fexk4euvxngUwx0BYg697%2Fsso%2Fsaml&dl=https%3A%2F%2Flogin.service.client.iaprivatewealth.ca%2Fapp%2Fwealth-clients-ia_extranetwealthclientensiteminder_5%2Fexk4euvxngUwx0BYg697%2Fsso%2Fsaml&dr=&sid=1730755055&sct=1&seg=0&dt=Client%20portal&en=page_view&_fv=1&_nsi=1&_ss=1&ep.page_query=&ep.page_html_lang=en&tfd=6793' because it violates the following Content Security Policy directive: "connect-src 'self' wealth-clients-ia.okta.com wealth-clients-ia-admin.okta.com login.service.client.iaprivatewealth.ca .oktacdn.com .mixpanel.com .mapbox.com .mtls.okta.com wealth-clients-ia.kerberos.okta.com .authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 .authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 .authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 .authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 .authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 .authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com".
security	error	URL: https://www.googletagmanager.com/gtag/js?id=G-MWJX3G6SR5&l=dataLayer&cx=c(Line 201) Message: [Report Only] Refused to connect to 'https://stats.g.doubleclick.net/g/collect?v=2&tid=G-MWJX3G6SR5&cid=247069826.1730755056&gtm=45je4au0v885428004z8853831420za200zb853831420&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101823848~101878899~101878944~101925629' because it violates the following Content Security Policy directive: "connect-src 'self' wealth-clients-ia.okta.com wealth-clients-ia-admin.okta.com login.service.client.iaprivatewealth.ca .oktacdn.com .mixpanel.com .mapbox.com .mtls.okta.com wealth-clients-ia.kerberos.okta.com .authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 .authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 .authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 .authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 .authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 .authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com".
security	error	URL: https://www.googletagmanager.com/gtag/js?id=G-MWJX3G6SR5&l=dataLayer&cx=c(Line 201) Message: [Report Only] Refused to connect to 'https://stats.g.doubleclick.net/g/collect?v=2&tid=G-MWJX3G6SR5&cid=247069826.1730755056&gtm=45je4au0v885428004z8853831420za200zb853831420&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101823848~101878899~101878944~101925629' because it violates the following Content Security Policy directive: "connect-src 'self' wealth-clients-ia.okta.com wealth-clients-ia-admin.okta.com login.service.client.iaprivatewealth.ca .oktacdn.com .mixpanel.com .mapbox.com .mtls.okta.com wealth-clients-ia.kerberos.okta.com .authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 .authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 .authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 .authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 .authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 .authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com".
security	error	URL: https://login.service.client.iaprivatewealth.ca/app/wealth-clients-ia_extranetwealthclientensiteminder_5/exk4euvxngUwx0BYg697/sso/saml Message: [Report Only] Refused to load the image 'https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-MWJX3G6SR5&cid=247069826.1730755056&gtm=45je4au0v885428004z8853831420za200zb853831420&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101823848~101878899~101878944~101925629&tag_exp=101823848~101878899~101878944~101925629&z=197281185' because it violates the following Content Security Policy directive: "img-src 'self' wealth-clients-ia.okta.com login.service.client.iaprivatewealth.ca .oktacdn.com .tiles.mapbox.com .mapbox.com .vidyard.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:".
security	error	URL: https://www.googletagmanager.com/ Message: [Report Only] Refused to frame 'https://td.doubleclick.net/' because it violates the following Content Security Policy directive: "frame-src 'self' wealth-clients-ia.okta.com wealth-clients-ia-admin.okta.com login.service.client.iaprivatewealth.ca login.okta.com *.vidyard.com com-okta-authenticator:".
security	error	URL: https://cdn-app3.securiti.ai/consent/cookie-consent-sdk-latest.js Message: [Report Only] Refused to connect to 'https://cdn-app3.securiti.ai/consent/cookie_banner/339a0270-1806-4184-a704-309a74f7a060/84762d7b-8ed2-4267-9b45-7feb7bf582ec/en.json' because it violates the following Content Security Policy directive: "connect-src 'self' wealth-clients-ia.okta.com wealth-clients-ia-admin.okta.com login.service.client.iaprivatewealth.ca .oktacdn.com .mixpanel.com .mapbox.com .mtls.okta.com wealth-clients-ia.kerberos.okta.com .authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 .authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 .authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 .authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 .authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 .authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com".
security	error	URL: https://cdn-app3.securiti.ai/consent/cookie-consent-sdk-latest.js Message: [Report Only] Refused to connect to 'https://app3.securiti.ai/core/v1/utils/geo/location' because it violates the following Content Security Policy directive: "connect-src 'self' wealth-clients-ia.okta.com wealth-clients-ia-admin.okta.com login.service.client.iaprivatewealth.ca .oktacdn.com .mixpanel.com .mapbox.com .mtls.okta.com wealth-clients-ia.kerberos.okta.com .authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 .authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 .authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 .authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 .authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 .authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com".
network	error	URL: https://client.iaprivatewealth.ca/sitecore/api/ssc/aggregate/content/Items('/sitecore/content/Extranet/iA%20Securities%20My%20Client%20Space/home/login/authentication-informative-message-full')?language=en&sc_apikey={782D5EC3-5E0C-4C01-BBFC-B3F8F34CC00D}&$select=TemplateName,Created&$expand=Fields($select=Name,Value) Message: Failed to load resource: the server responded with a status of 404 (Not Found)
security	error	URL: https://cdn-app3.securiti.ai/consent/cookie-consent-sdk-latest.js Message: [Report Only] Refused to connect to 'https://app3.securiti.ai/privaci/v1/consent/cookie/singleupload' because it violates the following Content Security Policy directive: "connect-src 'self' wealth-clients-ia.okta.com wealth-clients-ia-admin.okta.com login.service.client.iaprivatewealth.ca .oktacdn.com .mixpanel.com .mapbox.com .mtls.okta.com wealth-clients-ia.kerberos.okta.com .authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 .authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 .authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 .authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 .authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 .authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com".
security	error	URL: https://www.googletagmanager.com/gtag/js?id=G-MWJX3G6SR5&l=dataLayer&cx=c(Line 202) Message: [Report Only] Refused to connect to 'https://analytics.google.com/g/collect?v=2&tid=G-MWJX3G6SR5&gtm=45je4au0v885428004za200zb853831420&_p=1730755054395&gcd=13l3l3l3l1l1&npa=0&dma=0&tcfd=1000g&tag_exp=101823848~101878899~101878944~101925629&cid=247069826.1730755056&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&dp=%2Fapp%2Fwealth-clients-ia_extranetwealthclientensiteminder_5%2Fexk4euvxngUwx0BYg697%2Fsso%2Fsaml&dl=https%3A%2F%2Flogin.service.client.iaprivatewealth.ca%2Fapp%2Fwealth-clients-ia_extranetwealthclientensiteminder_5%2Fexk4euvxngUwx0BYg697%2Fsso%2Fsaml&dr=&sid=1730755055&sct=1&seg=0&dt=Client%20portal&en=scroll&ep.page_query=&ep.page_html_lang=en&epn.percent_scrolled=90&_et=6&tfd=11802' because it violates the following Content Security Policy directive: "connect-src 'self' wealth-clients-ia.okta.com wealth-clients-ia-admin.okta.com login.service.client.iaprivatewealth.ca .oktacdn.com .mixpanel.com .mapbox.com .mtls.okta.com wealth-clients-ia.kerberos.okta.com .authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 .authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 .authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 .authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 .authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 .authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com".
security	error	URL: https://www.googletagmanager.com/gtag/js?id=G-MWJX3G6SR5&l=dataLayer&cx=c(Line 202) Message: [Report Only] Refused to connect to 'https://analytics.google.com/g/collect?v=2&tid=G-MWJX3G6SR5&gtm=45je4au0v885428004za200zb853831420&_p=1730755054395&gcd=13l3l3l3l1l1&npa=0&dma=0&tcfd=1000g&tag_exp=101823848~101878899~101878944~101925629&cid=247069826.1730755056&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&dp=%2Fapp%2Fwealth-clients-ia_extranetwealthclientensiteminder_5%2Fexk4euvxngUwx0BYg697%2Fsso%2Fsaml&dl=https%3A%2F%2Flogin.service.client.iaprivatewealth.ca%2Fapp%2Fwealth-clients-ia_extranetwealthclientensiteminder_5%2Fexk4euvxngUwx0BYg697%2Fsso%2Fsaml&dr=&sid=1730755055&sct=1&seg=0&dt=Client%20portal&en=scroll&ep.page_query=&ep.page_html_lang=en&epn.percent_scrolled=90&_et=6&tfd=11802' because it violates the following Content Security Policy directive: "connect-src 'self' wealth-clients-ia.okta.com wealth-clients-ia-admin.okta.com login.service.client.iaprivatewealth.ca .oktacdn.com .mixpanel.com .mapbox.com .mtls.okta.com wealth-clients-ia.kerberos.okta.com .authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 .authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 .authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 .authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 .authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 .authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com".
security	error	URL: https://www.googletagmanager.com/gtag/js?id=G-MWJX3G6SR5&l=dataLayer&cx=c(Line 202) Message: [Report Only] Refused to connect to 'https://analytics.google.com/g/collect?v=2&tid=G-MWJX3G6SR5&gtm=45je4au0v885428004za200zb853831420&_p=1730755054395&gcd=13l3l3l3l1l1&npa=0&dma=0&tcfd=1000g&tag_exp=101823848~101878899~101878944~101925629&cid=247069826.1730755056&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=3&dp=%2Fapp%2Fwealth-clients-ia_extranetwealthclientensiteminder_5%2Fexk4euvxngUwx0BYg697%2Fsso%2Fsaml&dl=https%3A%2F%2Flogin.service.client.iaprivatewealth.ca%2Fapp%2Fwealth-clients-ia_extranetwealthclientensiteminder_5%2Fexk4euvxngUwx0BYg697%2Fsso%2Fsaml&dr=&sid=1730755055&sct=1&seg=0&dt=Client%20portal&en=user_engagement&ep.page_query=&ep.page_html_lang=en&_et=5886&tfd=12691' because it violates the following Content Security Policy directive: "connect-src 'self' wealth-clients-ia.okta.com wealth-clients-ia-admin.okta.com login.service.client.iaprivatewealth.ca .oktacdn.com .mixpanel.com .mapbox.com .mtls.okta.com wealth-clients-ia.kerberos.okta.com .authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 .authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 .authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 .authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 .authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 .authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com".
security	error	URL: https://www.googletagmanager.com/gtag/js?id=G-MWJX3G6SR5&l=dataLayer&cx=c(Line 202) Message: [Report Only] Refused to connect to 'https://analytics.google.com/g/collect?v=2&tid=G-MWJX3G6SR5&gtm=45je4au0v885428004za200zb853831420&_p=1730755054395&gcd=13l3l3l3l1l1&npa=0&dma=0&tcfd=1000g&tag_exp=101823848~101878899~101878944~101925629&cid=247069826.1730755056&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=3&dp=%2Fapp%2Fwealth-clients-ia_extranetwealthclientensiteminder_5%2Fexk4euvxngUwx0BYg697%2Fsso%2Fsaml&dl=https%3A%2F%2Flogin.service.client.iaprivatewealth.ca%2Fapp%2Fwealth-clients-ia_extranetwealthclientensiteminder_5%2Fexk4euvxngUwx0BYg697%2Fsso%2Fsaml&dr=&sid=1730755055&sct=1&seg=0&dt=Client%20portal&en=user_engagement&ep.page_query=&ep.page_html_lang=en&_et=5886&tfd=12691' because it violates the following Content Security Policy directive: "connect-src 'self' wealth-clients-ia.okta.com wealth-clients-ia-admin.okta.com login.service.client.iaprivatewealth.ca .oktacdn.com .mixpanel.com .mapbox.com .mtls.okta.com wealth-clients-ia.kerberos.okta.com .authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 .authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 .authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 .authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 .authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 .authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
app3.securiti.ai
cdn-app3.securiti.ai
cdn.heapanalytics.com
cdn.mouseflow.com
client.iaprivatewealth.ca
clientportal.iaprivatewealth.ca
connect.facebook.net
content.ia.ca
heapanalytics.com
login.okta.com
login.service.client.iaprivatewealth.ca
ok14static.oktacdn.com
stats.g.doubleclick.net
td.doubleclick.net
www.facebook.com
www.google.ca
www.googletagmanager.com
td.doubleclick.net
104.18.26.50
142.251.16.156
15.197.223.53
152.195.19.97
172.217.197.94
172.217.222.102
172.217.222.97
18.160.10.3
18.160.46.28
207.134.102.244
3.162.125.94
3.167.56.56
31.13.66.19
31.13.66.35
44.208.13.78
52.139.17.111
76.223.112.12
0a485da6f1fbd7db6e7ddaa7631520ea8f026aeec10734a9295746baa481cc57
0fddd5d2c2e7e8ec2c7d8790ff8327a5159c0b33d7dd978c126ec31093e5eafb
1bee9a6a35a7f0cb539ffa33c111fd84c6f784ab53e78dcbe1a2c046acdf72ff
1f1ab7f1b22c02d93e5bd37b04e7e848afd14337697f652c1454d14e801676f2
21d3220834a0591ce732d0a748b7adc8b266aba965130269f86a6b9749ace75c
37679dd164fbd3a91826c61b753af654afe0aebde3891f3682a4df802545f426
4146f4c2384967dede1db1dae2da81c246d3d50228056bc0bb842e2ae868e13a
4ecdf21da141482a52e13907ae349d209ebc1a77b8a70c68f8e2d405628d3652
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
60f9b5203842a4fe2d52f7c96f3c57b755bbf8f347535469739bcc6f95a9c4b5
68fa32868aec95dcedaa5f9bbce348f09419ae617fe739b3b9aa5610825a45b2
6a6c595fcf3a6c74bf3509f160ba34b78a8a3eb92ecaf290412c46679576d3ed
74ab2a73275cffb6e4d6ca4ed5f01b67ca0a824f85a6e2e94047af476d57462f
776d6b2f7d4f88064eef7def16893ad4b5a46369b3d605ca97144a632650420c
78eb7307073bd56597d62405e60503ecaead04753110bf2d4efce9b2d60568fd
8a11c3f06ce579e86f973b50b86e27e51ccb9aecd78a6d11ad03cc57d604981f
8a7b99373116833de789b1ce2c1642c78b308a3909e42cb54c110af667e2cbf4
8e1995104a188a558ac1c54013fe1b084631cc72cce7981a007e79d247d3b080
90398c3a052763582a12b9b51732b6e4e364848d1dd9c183423dde5d66cf3aa4
915980f70557677b79f6ba9131ffbb53c17dd729277adfb5eb697209c642d3c7
924f0b32e86fe959e4290f3690d241cc6a24c08a0a4be56b4d3ce9c2286291bc
94b8ade27bafa36ccba7a9f493189de759c2c648db8ac0aff30520307f601c76
95bc0efbecdb0ae1ebd747d832409924829f20e4311015636e9e16b305abf5be
a1566688dd7e6e7cdce8dd2634ac42a7d939f0f9ee471a8d79b9a9e7f956e4d0
a39832a8b2fd6a012d002b43a084a1c2c24a4244373d40307518e82558d93856
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aed10590320c3cb9d993cffc64efa4ad4f195142e9957971b6e791dd252fcd06
b7f536a6b796e4197bd4d88d3843c2817d6716080290930efd46747c6fafb419
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcc32ec28ae418f5489ff7fe01ebbf8184b23befa9df75c92aabf051a85509ee
d17d0721db0e4c61d67113763a0fcecba7684df401d149ae173af66f4d047ad5
d1a8ed1c830f51ab66940f696811113fecdb30a07946783526bbe8eec9f4aee0
d22f27e9474831563f5e231c4a3489b2982d86f981c2ff4a0e39b665529f4047
d586acfe50c5bd34ca7dfe4db13a7649fa20d627585d0d843dde2bed70f47a2c
ddf7d7673aa7220544eba0eb2ad988c542f8aacc70a0640d2079eaad317d9765
e35e1d03fb9b7417fc605b85e7a9ef1baa9822bc6e6191e9e28f95e80ecbaf13
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6822c4bf502293c833706d8c854d45c22aa3630b479cec820ab717926acfc0c
e7907501c0d4588fa7529b23d8c6d5b9cdc3e35c656c1d96d704a406704bac01
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc029e0546f49ed87c043e09393a995468c2ab1a139332b3aca0fdbe93fe51e
f164941997fbc7f7ed7d2a7c3e86b997d647f1910d93fdc2462dd86fd5affa48
f1e25328be62ee5aca4777d33ecfbaf64a502f80dac2008bd7197e236cac8dc7

login.service.client.iaprivatewealth.ca Open in urlscan Pro 76.223.112.12 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

58 Requests

95 %HTTPS

0 %IPv6

13 Domains

18 Subdomains

18 IPs

3 Countries

2530 kBTransfer

8708 kBSize

16 Cookies

9 Outgoing links

Page URL History

Redirected requests

58 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

login.service.client.iaprivatewealth.ca Open in urlscan Pro
76.223.112.12 Public Scan

Screenshot
Live screenshot

Full Image

58
Requests

95 %
HTTPS

0 %
IPv6

13
Domains

18
Subdomains

18
IPs

3
Countries

2530 kB
Transfer

8708 kB
Size

16
Cookies

58 HTTP transactions
0 data transactions