urlscan.io logo urlscan.io
SecurityTrails logo

manulife-staging.findbob.io Open in urlscan Pro
54.91.6.89  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://manulife-staging.findbob.io/
Effective URL: https://manulife-staging.findbob.io/
Submission: On February 14 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 4 countries across 17 domains to perform 50 HTTP transactions. The main IP is 54.91.6.89, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is manulife-staging.findbob.io.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on February 9th 2022. Valid for: a year.
This is the only time manulife-staging.findbob.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

16    54.91.6.89 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-91-6-89.compute-1.amazonaws.com
manulife-staging.findbob.io
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2600:9000:2240:9000:14:68a3:abc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.twentyoverten.com
2    52.218.160.29 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-r-w.amazonaws.com
findbob-production.s3-us-west-2.amazonaws.com
1    68.71.54.174 (Laval, Canada)

ASN10929 (ESTRUXTURE, CA)
PTR: server.mediasuite.ca
troiancapital.com
1    141.193.213.21 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
officesnapshots.com
1    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
11    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
1    2a00:1450:400c:c0d::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    13.32.99.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-47.fra60.r.cloudfront.net
widget.intercom.io
3    18.66.139.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-109.fra60.r.cloudfront.net
js.intercomcdn.com
3    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2404:6800:4007:82a::2003 (None, )

ASN- ()
csi.gstatic.com
Apex Domain
Subdomains		 Transfer
16 findbob.io
manulife-staging.findbob.io
3 MB
12 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 92
tpc.googlesyndication.com — Cisco Umbrella Rank: 120
213 KB
3 intercomcdn.com
js.intercomcdn.com — Cisco Umbrella Rank: 1943
125 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 37
stats.g.doubleclick.net — Cisco Umbrella Rank: 67
5 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
55 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 59
www.google.com — Cisco Umbrella Rank: 2
2 KB
2 amazonaws.com
findbob-production.s3-us-west-2.amazonaws.com
2 MB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 197
19 KB
1 gstatic.com
csi.gstatic.com
327 B
1 intercom.io
widget.intercom.io — Cisco Umbrella Rank: 1922
248 B
1 google.de
adservice.google.de — Cisco Umbrella Rank: 9027
792 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 741
644 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 50
42 KB
1 officesnapshots.com
officesnapshots.com — Cisco Umbrella Rank: 316636
1 MB
1 troiancapital.com
troiancapital.com
11 KB
1 twentyoverten.com
static.twentyoverten.com — Cisco Umbrella Rank: 282852
12 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
868 B
50 17
Domain Requested by
16 manulife-staging.findbob.io 1 redirects manulife-staging.findbob.io
9 pagead2.googlesyndication.com www.googletagmanager.com
pagead2.googlesyndication.com
manulife-staging.findbob.io
tpc.googlesyndication.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 js.intercomcdn.com widget.intercom.io
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 findbob-production.s3-us-west-2.amazonaws.com manulife-staging.findbob.io
2 cdnjs.cloudflare.com manulife-staging.findbob.io
1 csi.gstatic.com pagead2.googlesyndication.com
1 www.google.com tpc.googlesyndication.com
1 widget.intercom.io 1 redirects
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 stats.g.doubleclick.net www.google-analytics.com
1 www.googletagmanager.com manulife-staging.findbob.io
1 officesnapshots.com manulife-staging.findbob.io
1 troiancapital.com manulife-staging.findbob.io
1 static.twentyoverten.com manulife-staging.findbob.io
1 fonts.googleapis.com manulife-staging.findbob.io
50 20

This site contains links to these domains. Also see Links.

Domain
twitter.com
linkedin.com
www.findbob.io
Subject Issuer Validity Valid
www.findbob.io
Sectigo RSA Domain Validation Secure Server CA		 2022-02-09 -
2023-01-19		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-21 -
2022-09-20		 a year crt.sh
*.twentyoverten.com
Amazon		 2021-09-16 -
2022-10-14		 a year crt.sh
*.s3-us-west-2.amazonaws.com
Amazon		 2021-12-17 -
2022-11-29		 a year crt.sh
troiancapital.com
cPanel, Inc. Certification Authority		 2021-12-24 -
2022-03-24		 3 months crt.sh
officesnapshots.com
R3		 2021-12-22 -
2022-03-22		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.intercomcdn.com
Amazon		 2022-01-30 -
2023-02-28		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://manulife-staging.findbob.io/
Frame ID: 1A0C1995F9C8FFF2DF63070A50FF68CF
Requests: 41 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220209/r20190131/zrt_lookup.html
Frame ID: BD33E4CB3663F3B943AD82C70E3B19DD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5064795599916765&output=html&adk=1812271804&adf=3025194257&lmt=1644845350&plat=1%3A16777216%2C2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmanulife-staging.findbob.io%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644845350108&bpp=2&bdt=1904&idt=208&shv=r20220209&mjsv=m202202070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=94737352347&rume=1&frm=20&pv=2&ga_vid=1686587956.1644845350&ga_sid=1644845350&ga_hid=1396762438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C31062423%2C31064806%2C31063222%2C31061691%2C44756432%2C31061693&oid=2&pvsid=1964826767231179&pem=284&tmod=21175457&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=225
Frame ID: F067F812AB7C6E153A05EB826B609494
Requests: 1 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.ceecd100.js
Frame ID: 4E5B9BF3A67606B8D7F7DA23F85E2BF1
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2C4A46C4714F7D63F45F8E3929F79F09
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4D56CE4F0DB48690A8323E63000CB2E5
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Manulife Securities - Transition

Page URL History Show full URLs

  1. http://manulife-staging.findbob.io/ HTTP 301
    https://manulife-staging.findbob.io/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • select2(?:\.min|\.full)?\.js

Page Statistics

50
Requests

98 %
HTTPS

63 %
IPv6

17
Domains

20
Subdomains

18
IPs

4
Countries

6165 kB
Transfer

14662 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://manulife-staging.findbob.io/ HTTP 301
    https://manulife-staging.findbob.io/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37
  • https://widget.intercom.io/widget/ HTTP 302
  • https://js.intercomcdn.com/shim.latest.js

50 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
manulife-staging.findbob.io/
Redirect Chain
  • http://manulife-staging.findbob.io/
  • https://manulife-staging.findbob.io/
10 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://manulife-staging.findbob.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.91.6.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-6-89.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
12f552248c1fdb76539d9611eb2f41fe9df77cba8d88317033db166b856a82fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
Cowboy
Connection
keep-alive
X-Frame-Options
SAMEORIGIN
X-Xss-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Permitted-Cross-Domain-Policies
none
Referrer-Policy
strict-origin-when-cross-origin
Content-Type
text/html; charset=utf-8
Etag
W/"12f552248c1fdb76539d9611eb2f41fe"
Cache-Control
max-age=0, private, must-revalidate
X-Request-Id
c51fcbb5-d472-4eed-aeb8-7fcecef36e60
X-Runtime
0.423407
Date
Mon, 14 Feb 2022 13:29:08 GMT
X-Rack-Cache
pass
Strict-Transport-Security
max-age=31536000; includeSubDomains
Transfer-Encoding
chunked
Via
1.1 vegur

Redirect headers

Server
Cowboy
Date
Mon, 14 Feb 2022 13:29:07 GMT
Connection
keep-alive
Content-Type
text/html
Location
https://manulife-staging.findbob.io/
Transfer-Encoding
chunked
Via
1.1 vegur
icon
fonts.googleapis.com/ 		569 B
868 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: manulife-staging.findbob.io
URL: https://manulife-staging.findbob.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d44a3249e2be052d683c7b58d03890937199b056a6313bd7ae0834281a70a2d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://manulife-staging.findbob.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 14 Feb 2022 13:29:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 14 Feb 2022 13:29:08 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 14 Feb 2022 13:29:08 GMT
0-5b05c4f6.chunk.css
manulife-staging.findbob.io/packs/css/ 		69 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://manulife-staging.findbob.io/packs/css/0-5b05c4f6.chunk.css
Requested by
Host: manulife-staging.findbob.io
URL: https://manulife-staging.findbob.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.91.6.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-6-89.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
d69ef9e38244dd9db96fbc072c215773eaae661765dd1ca3f6d1edcbe6261842
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://manulife-staging.findbob.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Mon, 14 Feb 2022 13:29:07 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Feb 2022 23:34:15 GMT
Server
Cowboy
Vary
Accept-Encoding
Content-Type
text/css
Via
1.1 vegur
Connection
keep-alive
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Length
14862
demo-340c9e03.chunk.css
manulife-staging.findbob.io/packs/css/ 		200 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://manulife-staging.findbob.io/packs/css/demo-340c9e03.chunk.css
Requested by
Host: manulife-staging.findbob.io
URL: https://manulife-staging.findbob.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.91.6.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-6-89.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
9ea8f002c7cb48068ec1e88bf2cacb8e2cf8062667d27453394fbbb62e5ea7cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://manulife-staging.findbob.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Mon, 14 Feb 2022 13:29:07 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Feb 2022 23:34:15 GMT
Server
Cowboy
Vary
Accept-Encoding
Content-Type
text/css
Via
1.1 vegur
Connection
keep-alive
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Length
30410
select2.min.css
cdnjs.cloudflare.com/ajax/libs/select2/4.0.9/css/ 		15 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.9/css/select2.min.css
Requested by
Host: manulife-staging.findbob.io
URL: https://manulife-staging.findbob.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15d6ad4dfdb43d0affad683e70029f97a8f8fc8637a28845009ee0542dccdf81
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://manulife-staging.findbob.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 13:29:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
894
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1640
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:16:11 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fcb-3a76"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JNETEDnEmEs%2Fw%2FvP7W0HCXW26ji1Vv60d%2BihICo3%2FU1l%2BEEzQl7EKHQSwdGkyeM3JW57QVkAK0iNhOYeS9P7WWEhBxEWifzBtnJcHXSsIPMwjVNXuRqWB6Wfbw%2BKHoxaTRzXLK5LMqS5TN5IeTuwOB0%2B"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6dd6a4c28e059223-FRA
expires
Sat, 04 Feb 2023 13:29:08 GMT
select2.min.js
cdnjs.cloudflare.com/ajax/libs/select2/4.0.9/js/ 		68 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.9/js/select2.min.js
Requested by
Host: manulife-staging.findbob.io
URL: https://manulife-staging.findbob.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fce1e5c583c735582696477bec14d42051e60c74680e5d4b3b757c8c6f1ef40
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://manulife-staging.findbob.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 13:29:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1741605
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16303
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:16:11 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fcb-111d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i7hxbyJVS5e3XF7LeMBfSE7lqGEIXCvvAnZG4Q9K2dWSenX4Owcdg7YS6hPOmcK0DXPdcH512J%2FjWW89X%2BHbgryP4Wdd26snAADJwsC6oyBMUpJ82CCbPBu1tXlV5W2M6x7PaaKIKL93%2FHaYH7LMy7gr"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6dd6a4c28e0c9223-FRA
expires
Sat, 04 Feb 2023 13:29:08 GMT
runtime~demo-4056c8816be5071c46ce.js
manulife-staging.findbob.io/packs/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://manulife-staging.findbob.io/packs/js/runtime~demo-4056c8816be5071c46ce.js
Requested by
Host: manulife-staging.findbob.io
URL: https://manulife-staging.findbob.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.91.6.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-6-89.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
12c42985f60f81ddd262128383214341222f7d06b2cbc3ea77124e34c5d9ec47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://manulife-staging.findbob.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Mon, 14 Feb 2022 13:29:08 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Feb 2022 23:34:15 GMT
Server
Cowboy
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 vegur
Connection
keep-alive
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Length
785
0-fb3d5459a02b0ca865b8.chunk.js
manulife-staging.findbob.io/packs/js/ 		161 B
442 B 		Script
General
Check archive.org
Download Go to
Full URL
https://manulife-staging.findbob.io/packs/js/0-fb3d5459a02b0ca865b8.chunk.js
Requested by
Host: manulife-staging.findbob.io
URL: https://manulife-staging.findbob.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.91.6.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-6-89.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
505965c5ce217dd5101a8a8108f2ab8c53b83d5e550342179369935584aa72aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://manulife-staging.findbob.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Mon, 14 Feb 2022 13:29:08 GMT
Via
1.1 vegur
Last-Modified
Thu, 10 Feb 2022 23:34:15 GMT
Server
Cowboy
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript
Connection
keep-alive
Content-Length
161
1-4c51a9a36aa3190d61b4.chunk.js
manulife-staging.findbob.io/packs/js/ 		104 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://manulife-staging.findbob.io/packs/js/1-4c51a9a36aa3190d61b4.chunk.js
Requested by
Host: manulife-staging.findbob.io
URL: https://manulife-staging.findbob.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.91.6.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-6-89.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e2717d6811a3a0b4c80d5c40ef344eb31534f0e9b595c4ccb7952852cae13053
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://manulife-staging.findbob.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Mon, 14 Feb 2022 13:29:07 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Feb 2022 23:34:15 GMT
Server
Cowboy
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 vegur
Connection
keep-alive
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Length
33958
demo-e204cf821669ea452e9a.chunk.js
manulife-staging.findbob.io/packs/js/ 		2 MB
553 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://manulife-staging.findbob.io/packs/js/demo-e204cf821669ea452e9a.chunk.js
Requested by
Host: manulife-staging.findbob.io
URL: https://manulife-staging.findbob.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.91.6.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-6-89.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
ec46614c9e5d9185ce158bacd1d89111db96506e001cc1447cd302f486027c1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://manulife-staging.findbob.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Mon, 14 Feb 2022 13:29:07 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Feb 2022 23:34:15 GMT
Server
Cowboy
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 vegur
Connection
keep-alive
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Length
565810
runtime~findbob-bundle-47bf1d1d88792c5960ed.js
manulife-staging.findbob.io/packs/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://manulife-staging.findbob.io/packs/js/runtime~findbob-bundle-47bf1d1d88792c5960ed.js
Requested by
Host: manulife-staging.findbob.io
URL: https://manulife-staging.findbob.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.91.6.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-6-89.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
88a7e6ad1801c3d4dababaf76e258d899be7310e93caf3b5fd01668a12cd55ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://manulife-staging.findbob.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Mon, 14 Feb 2022 13:29:07 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Feb 2022 23:34:15 GMT
Server
Cowboy
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 vegur
Connection
keep-alive
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Length
1221
2-5ebd7a5d0abeeff80bd4.chunk.js
manulife-staging.findbob.io/packs/js/ 		142 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://manulife-staging.findbob.io/packs/js/2-5ebd7a5d0abeeff80bd4.chunk.js
Requested by
Host: manulife-staging.findbob.io
URL: https://manulife-staging.findbob.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.91.6.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-6-89.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
a23985e8a03895f54fa1ec36d9b49afe899f11ebf0cac080dc7b95ecb767f920
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://manulife-staging.findbob.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Mon, 14 Feb 2022 13:29:07 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Feb 2022 23:34:15 GMT
Server
Cowboy
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 vegur
Connection
keep-alive
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Length
46092
38-56ce1e9a291f1ab3de1c.chunk.js
manulife-staging.findbob.io/packs/js/ 		5 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://manulife-staging.findbob.io/packs/js/38-56ce1e9a291f1ab3de1c.chunk.js
Requested by
Host: manulife-staging.findbob.io
URL: https://manulife-staging.findbob.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.91.6.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-6-89.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
3c79c071d9a354356d1a86a79554a97c03fccdc65444b0c7872d7523ffcbb167
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://manulife-staging.findbob.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Mon, 14 Feb 2022 13:29:08 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Feb 2022 23:34:15 GMT
Server
Cowboy
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 vegur
Connection
keep-alive
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Length
1202058
findbob-bundle-aa337f3b0a52f1317fe6.chunk.js
manulife-staging.findbob.io/packs/js/ 		3 MB
553 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://manulife-staging.findbob.io/packs/js/findbob-bundle-aa337f3b0a52f1317fe6.chunk.js
Requested by
Host: manulife-staging.findbob.io
URL: https://manulife-staging.findbob.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.91.6.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-6-89.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
f0484f83bbbe4e5dd34dd2b80442e52df8eb5915137a3a93b6f1fed217626697
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://manulife-staging.findbob.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Mon, 14 Feb 2022 13:29:08 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Feb 2022 23:34:15 GMT
Server
Cowboy
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 vegur
Connection
keep-alive
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Length
565523
manulife-securities-english-linear-EPS-CMYK.png
static.twentyoverten.com/5cc2fb82fe927562f2ac4c59/qvO4J4NTKfL/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.twentyoverten.com/5cc2fb82fe927562f2ac4c59/qvO4J4NTKfL/manulife-securities-english-linear-EPS-CMYK.png
Requested by
Host: manulife-staging.findbob.io
URL: https://manulife-staging.findbob.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:9000:14:68a3:abc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
75a288fc69dc769051f6414f6bdb5f185c05c02075d89a21b24f9c74a87b5d56

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://manulife-staging.findbob.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 13:29:09 GMT
via
1.1 142ded88048f806cc40a5a225130cc8a.cloudfront.net (CloudFront)
last-modified
Mon, 29 Apr 2019 12:25:45 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
etag
"422af9a722010bd4b6ff65dfe2abace8"
x-cache
RefreshHit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
12007
x-amz-cf-id
UyWZSqM_AKxgP2xqvUXDwVDTLT0KmxBn7eDUMAPm8HfOadcVmou7Ow==
1-front.png
findbob-production.s3-us-west-2.amazonaws.com/images/demo/mock/ 		441 KB
441 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://findbob-production.s3-us-west-2.amazonaws.com/images/demo/mock/1-front.png
Requested by
Host: manulife-staging.findbob.io
URL: https://manulife-staging.findbob.io/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.160.29 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
00222af43ab2610118ee10a21d33072a4e27564078eee8646b0630bca7157176

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://manulife-staging.findbob.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Mon, 14 Feb 2022 13:29:09 GMT
Last-Modified
Wed, 21 Aug 2019 15:16:34 GMT
Server
AmazonS3
x-amz-request-id
85NHPRYVCZGH98EA
ETag
"75d8465ef6ef510e29a8f8356b791176"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
451166
x-amz-id-2
33bpbVotbxVQvPXKLNzMDnZnDTm4CVrt0LhlD6JN80BvE4s+tvJ76L9tPrNTObq04yts+4DmyzE=
1-back.png
findbob-production.s3-us-west-2.amazonaws.com/images/demo/mock/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://findbob-production.s3-us-west-2.amazonaws.com/images/demo/mock/1-back.png
Requested by
Host: manulife-staging.findbob.io
URL: https://manulife-staging.findbob.io/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.160.29 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
21816c9dee547a1e56f2d75405bcaea002045f8ece215c4d92487b806decb9db

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://manulife-staging.findbob.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Mon, 14 Feb 2022 13:29:09 GMT
Last-Modified
Wed, 21 Aug 2019 15:16:36 GMT
Server
AmazonS3
x-amz-request-id
85NP5GWSXQH9KFXX
ETag
"49437beb33978f0094abc3884102d439"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1572464
x-amz-id-2
JyTpYN9XDhyHq2ByzMsiE2ld9VutXlcsGXchp5QJccCQEJvXpxE9e+o7l3txWgZ3A28MtQbGkCA=
manulife-securities-english-linear-white.png
troiancapital.com/images/layout/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://troiancapital.com/images/layout/manulife-securities-english-linear-white.png
Requested by
Host: manulife-staging.findbob.io
URL: https://manulife-staging.findbob.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.71.54.174 Laval, Canada, ASN10929 (ESTRUXTURE, CA),
Reverse DNS
server.mediasuite.ca
Software
Apache /
Resource Hash
fc7adae53225320f908cd974bfdc32aeba06200b21598a94f8348e2847ec73df

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://manulife-staging.findbob.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Mon, 14 Feb 2022 13:29:09 GMT
Last-Modified
Tue, 01 Oct 2019 13:45:27 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
10854
manulife-offices-waterloo-3-1536x938.jpg
officesnapshots.com/wp-content/uploads/2021/05/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://officesnapshots.com/wp-content/uploads/2021/05/manulife-offices-waterloo-3-1536x938.jpg
Requested by
Host: manulife-staging.findbob.io
URL: https://manulife-staging.findbob.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e596facede6a26bb5e80f5073a6d023dab57b3b3667aec6c8adc806d469abf9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://manulife-staging.findbob.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 13:29:09 GMT
cf-cache-status
MISS
last-modified
Tue, 20 Apr 2021 20:06:05 GMT
server
cloudflare
etag
"607f342d-119ac5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6dd6a4caee486910-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1153733
fa-brands-400-31015e86.woff2
manulife-staging.findbob.io/packs/media/webfonts/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://manulife-staging.findbob.io/packs/media/webfonts/fa-brands-400-31015e86.woff2
Requested by
Host: manulife-staging.findbob.io
URL: https://manulife-staging.findbob.io/packs/css/0-5b05c4f6.chunk.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.91.6.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-6-89.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
5d9190292acdd48ba0fc35080f7e7448f3cdf0d79199a4d23f0f49b5341fdf29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://manulife-staging.findbob.io/packs/css/0-5b05c4f6.chunk.css
Origin
https://manulife-staging.findbob.io
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Mon, 14 Feb 2022 13:29:09 GMT
Via
1.1 vegur
Last-Modified
Thu, 10 Feb 2022 23:34:15 GMT
Server
Cowboy
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/font-woff2
Connection
keep-alive
Content-Length
76612
fa-solid-900-9451d5fe.woff2
manulife-staging.findbob.io/packs/media/webfonts/ 		78 KB
78 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://manulife-staging.findbob.io/packs/media/webfonts/fa-solid-900-9451d5fe.woff2
Requested by
Host: manulife-staging.findbob.io
URL: https://manulife-staging.findbob.io/packs/css/0-5b05c4f6.chunk.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.91.6.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-6-89.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://manulife-staging.findbob.io/packs/css/0-5b05c4f6.chunk.css
Origin
https://manulife-staging.findbob.io
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Mon, 14 Feb 2022 13:29:09 GMT
Via
1.1 vegur
Last-Modified
Thu, 10 Feb 2022 23:34:15 GMT
Server
Cowboy
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/font-woff2
Connection
keep-alive
Content-Length
79444
gtm.js
www.googletagmanager.com/ 		109 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NC6X9BT
Requested by
Host: manulife-staging.findbob.io
URL: https://manulife-staging.findbob.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
36b6658343786ca345e8cbbe4e7804edbb133013690e48402643fbd5b6b028f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://manulife-staging.findbob.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 13:29:09 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42499
x-xss-protection
0
last-modified
Mon, 14 Feb 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 14 Feb 2022 13:29:09 GMT
visits
manulife-staging.findbob.io/ahoy/ 		211 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://manulife-staging.findbob.io/ahoy/visits
Requested by
Host: manulife-staging.findbob.io
URL: https://manulife-staging.findbob.io/packs/js/1-4c51a9a36aa3190d61b4.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.91.6.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-6-89.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
c3473005773121d3a756628b0b32cba203e16376250a05a5446bf7d347938645
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://manulife-staging.findbob.io/
X-CSRF-Token
e86I4zc2t5+dqnL/CHWOSVG2gqad47PbUZ6hzCWvQXfCOSv5jRX39RRGK+YQYWGEKqAGMVXzOdCOTpKGrTCP8Q==
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Date
Mon, 14 Feb 2022 13:29:09 GMT
Via
1.1 vegur
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-Xss-Protection
1; mode=block
X-Request-Id
e2eac974-5715-458a-b9fd-4c2f0627ee3e
X-Runtime
0.153637
Referrer-Policy
strict-origin-when-cross-origin
Server
Cowboy
Etag
W/"c3473005773121d3a756628b0b32cba2"
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/json; charset=utf-8
Cache-Control
max-age=0, private, must-revalidate
X-Rack-Cache
pass
visits
manulife-staging.findbob.io/ahoy/ 		211 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://manulife-staging.findbob.io/ahoy/visits
Requested by
Host: manulife-staging.findbob.io
URL: https://manulife-staging.findbob.io/packs/js/1-4c51a9a36aa3190d61b4.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.91.6.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-6-89.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
c3473005773121d3a756628b0b32cba203e16376250a05a5446bf7d347938645
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://manulife-staging.findbob.io/
X-CSRF-Token
e86I4zc2t5+dqnL/CHWOSVG2gqad47PbUZ6hzCWvQXfCOSv5jRX39RRGK+YQYWGEKqAGMVXzOdCOTpKGrTCP8Q==
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Date
Mon, 14 Feb 2022 13:29:10 GMT
Via
1.1 vegur
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-Xss-Protection
1; mode=block
X-Request-Id
e1e6e4be-a1e5-4700-9573-3dec5ab0bb0d
X-Runtime
0.406858
Referrer-Policy
strict-origin-when-cross-origin
Server
Cowboy
Etag
W/"c3473005773121d3a756628b0b32cba2"
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/json; charset=utf-8
Cache-Control
max-age=0, private, must-revalidate
X-Rack-Cache
pass
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NC6X9BT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://manulife-staging.findbob.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5057
date
Mon, 14 Feb 2022 12:04:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 14 Feb 2022 14:04:52 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		153 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NC6X9BT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
72f669668030eb3f4face676b6a47e3c369db5f4c1aadde7d65243466e9c6753
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://manulife-staging.findbob.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 13:29:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53888
x-xss-protection
0
server
cafe
etag
11609659955684385535
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 14 Feb 2022 13:29:09 GMT
js
www.google-analytics.com/gtm/ 		89 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-WJTGGPP&t=gtm4&cid=1686587956.1644845350
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6820ce82cc8f00c206c8c18c163bafd6c7efd03969b454a6b5a7152f5959b764
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://manulife-staging.findbob.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 13:29:10 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35851
x-xss-protection
0
last-modified
Mon, 14 Feb 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 14 Feb 2022 13:29:10 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220209/r20190131/ Frame BD33 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220209/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://manulife-staging.findbob.io/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4612
x-xss-protection
0
date
Sun, 13 Feb 2022 23:38:04 GMT
expires
Sun, 27 Feb 2022 23:38:04 GMT
cache-control
public, max-age=1209600
age
49866
etag
18247940800414524076
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202070101/ 		290 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5064795599916765&plah=manulife-staging.findbob.io&bust=31064806
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a233318e5d99cea088aad43dcdad12b3d4763f9c108df13d73588e60db0cc14a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://manulife-staging.findbob.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 13:29:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
106757
x-xss-protection
0
server
cafe
etag
4276271751027202278
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 14 Feb 2022 13:29:10 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1396762438&t=pageview&_s=1&dl=https%3A%2F%2Fmanulife-staging.findbob.io%2F&ul=en-us&de=UTF-8&dt=Manulife%20Securities%20-%20Transition&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADQAAAAC~&jid=1724737933&gjid=866023048&cid=1686587956.1644845350&tid=UA-57621902-1&_gid=345737518.1644845350&_r=1&gtm=2wg290NC6X9BT&z=1684222951
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://manulife-staging.findbob.io/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 14 Feb 2022 13:29:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://manulife-staging.findbob.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-57621902-1&cid=1686587956.1644845350&jid=1724737933&gjid=866023048&_gid=345737518.1644845350&_u=aGDAAEACQAAAAC~&z=321860749
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0d::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://manulife-staging.findbob.io/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 14 Feb 2022 13:29:10 GMT
content-type
text/plain
access-control-allow-origin
https://manulife-staging.findbob.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20220209/r20110914/ 		55 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220209/r20110914/rum_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5064795599916765&plah=manulife-staging.findbob.io&bust=31064806
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
936e2a79b73ecbd8d53e825de3c18ba942ba0896065872a266115ebe7904bc69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://manulife-staging.findbob.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 05:37:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
28313
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21571
x-xss-protection
0
server
cafe
etag
18228264410970089360
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 28 Feb 2022 05:37:17 GMT
cookie.js
partner.googleadservices.com/gampad/ 		214 B
644 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=manulife-staging.findbob.io&callback=_gfp_s_&client=ca-pub-5064795599916765
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5064795599916765&plah=manulife-staging.findbob.io&bust=31064806
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
1868d94315ce45a8670fde5baac673ca5ece1451295ba10996f35212322df7cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://manulife-staging.findbob.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 13:29:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
200
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=manulife-staging.findbob.io
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5064795599916765&plah=manulife-staging.findbob.io&bust=31064806
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://manulife-staging.findbob.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 14 Feb 2022 13:29:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=manulife-staging.findbob.io
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5064795599916765&plah=manulife-staging.findbob.io&bust=31064806
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://manulife-staging.findbob.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 14 Feb 2022 13:29:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fmanulife-staging.findbob.io%2F&tn=DIV&cls=preloader-section&ign=false&pw=1600&ph=1200&x=0&y=1060.8
Requested by
Host: manulife-staging.findbob.io
URL: https://manulife-staging.findbob.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://manulife-staging.findbob.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Feb 2022 13:29:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fmanulife-staging.findbob.io%2F&tn=DIV&cls=preloader-section&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: manulife-staging.findbob.io
URL: https://manulife-staging.findbob.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://manulife-staging.findbob.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Feb 2022 13:29:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame F067 		603 B
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5064795599916765&output=html&adk=1812271804&adf=3025194257&lmt=1644845350&plat=1%3A16777216%2C2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmanulife-staging.findbob.io%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644845350108&bpp=2&bdt=1904&idt=208&shv=r20220209&mjsv=m202202070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=94737352347&rume=1&frm=20&pv=2&ga_vid=1686587956.1644845350&ga_sid=1644845350&ga_hid=1396762438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C31062423%2C31064806%2C31063222%2C31061691%2C44756432%2C31061693&oid=2&pvsid=1964826767231179&pem=284&tmod=21175457&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=225
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5064795599916765&plah=manulife-staging.findbob.io&bust=31064806
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://manulife-staging.findbob.io/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 14 Feb 2022 13:29:10 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 14 Feb 2022 13:29:10 GMT
cache-control
private
shim.latest.js
js.intercomcdn.com/
Redirect Chain
  • https://widget.intercom.io/widget/
  • https://js.intercomcdn.com/shim.latest.js
18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/shim.latest.js
Protocol
H2
Server
18.66.139.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-109.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
23e8ad351f5094d65657a9ae0f84265ab535ba3aa357759168363bc353278dca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://manulife-staging.findbob.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 14 Feb 2022 13:27:08 GMT
content-encoding
gzip
last-modified
Fri, 11 Feb 2022 12:06:59 GMT
server
AmazonS3
age
125
etag
"0b58da670b0398b297c756cad7d332d3"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
cache-control
max-age=300, s-maxage=300, public
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
6085
x-amz-cf-id
gNsi-JaCKr6bBiUy_JOl56wKNpFWs2NdG5fGAYidrHePn5GvdrHYxA==

Redirect headers

date
Mon, 14 Feb 2022 13:07:15 GMT
via
1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
server
AmazonS3
age
1318
x-cache
Hit from cloudfront
location
https://js.intercomcdn.com/shim.latest.js
x-amz-cf-pop
FRA60-P3
content-length
0
x-amz-cf-id
0dN7kt4hTv6Ks5Icbsi47p6M4VPB0BPLhS5lu_0B_SwI23LumS-sAA==
sodar
pagead2.googlesyndication.com/getconfig/ 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220209&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5064795599916765&plah=manulife-staging.findbob.io&bust=31064806
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f380ee192e82daf8729969a1e0e50e1b0cc22096f73dc4995762c1d81206dcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://manulife-staging.findbob.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 14 Feb 2022 13:29:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9691
x-xss-protection
0
frame-modern.ceecd100.js
js.intercomcdn.com/ Frame 4E5B 		296 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.ceecd100.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-109.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f322a58657d1cc0f8fb514bab1f13c13f9c6b173595fa52033189467b8323553

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 14 Feb 2022 12:07:02 GMT
content-encoding
gzip
last-modified
Fri, 11 Feb 2022 12:05:51 GMT
server
AmazonS3
age
4931
etag
"3562dc70f2483e4ebce65a6a1ddf0214"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
81019
x-amz-cf-id
Pmn_ZjociIMUTyg0vzlGvbGOfTgVhgNvIvEvvz0bS3QcItDB0HZa0Q==
vendor-modern.1d1b8e52.js
js.intercomcdn.com/ Frame 4E5B 		127 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.1d1b8e52.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-109.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bb755aec302dda75c56605f02847d9ba4b37a265b93103eab3f93b6d7702466b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 14 Feb 2022 13:20:55 GMT
content-encoding
gzip
last-modified
Fri, 11 Feb 2022 12:05:52 GMT
server
AmazonS3
age
498
etag
"bc0dbe50860c83481210132188607320"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
39460
x-amz-cf-id
bisVpk5lXjfCHR70GeIDYHzGp9x3_BBDqvx5wbWoaOJA1LPdxFX83g==
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5064795599916765&plah=manulife-staging.findbob.io&bust=31064806
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://manulife-staging.findbob.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 13:29:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 14 Feb 2022 13:29:12 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2C4A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://manulife-staging.findbob.io/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 14 Feb 2022 13:15:10 GMT
expires
Tue, 14 Feb 2023 13:15:10 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
842
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 4D56 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a76dafe8e298fbedda6e346e89e210b1d7343e4178cf8bcfe4ab7596d20aec2b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-QcafBcfUJgti5VmwkRTAKQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://manulife-staging.findbob.io/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 14 Feb 2022 13:29:12 GMT
date
Mon, 14 Feb 2022 13:29:12 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-QcafBcfUJgti5VmwkRTAKQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
-KWncqjjGzUwfkE9Iz7kKrmGQUyasx7mQMa73T4tfiM.js
pagead2.googlesyndication.com/bg/ Frame 2C4A 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-KWncqjjGzUwfkE9Iz7kKrmGQUyasx7mQMa73T4tfiM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f8a5a772a8e31b35307e413d233ee42ab986414c9ab31ee640c6bbdd3e2d7e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 11:21:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
7675
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13554
x-xss-protection
0
last-modified
Tue, 08 Feb 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 14 Feb 2023 11:21:17 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4D56 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220209&jk=1964826767231179&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 2C4A 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?zALUnA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 13:29:12 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220209&jk=1964826767231179&bg=!bW6lbirNAAbAtJCDwLQ7ACkAdvg8Whoq18Ared3-sixcEo6O2fBGJBvNECuW3g9mxM_DACjm_-gLRQIAAAB1UgAAAAFoAQeZAtryK6PF8uxCY4ACbsn-zZM9YHsx-39KKg1XeHpNCq-TmZ_IAwO-KEyCNgrPGOcTxsIZ_weE7zCEGzFmeHFXPs1WxwepX8USjSDLVvD3DZOi0-XIDkVBj9lWukTNiTxv2xjO8XdEN44V1mqfVU40fGFH-IE2XHl3rjzUS6_K4PPP7VoTHte-iXIBIRHxxFP5nWW5QP3ThZ9YRIwGuSlRPfkQHgQcEqhJ-xEoUspiGZNb0gT1rLB-u6R6xcDCIbRRou4d8GwEOrtziPHv8AtL5HvrTwNrbmuXplfP9maLMxGQNp3xeYT2Ci8utvPzY2Sy4V07PkN76iNtPKNmGWadwlAuGf4urJcenrZYSDrFFyfj6NZFdSr5DIowRQCyPog8Y5_hEewKXa36VdhG_82dgXkXw9yXOlCzZc7oi8JuOV_OhBetcFR6aTGBWUHABFdMCl_vz4ngr4giCY3lnGgQR3VFT78mIFgvydjgQmc3RcT4e6C-YKxKzaev4js1IJwLaxoTtvOoFID1KwO6uA0UkZYUFw9GsdMQcyVM5gfAPi5WmOZN3WMQu3wnd3mt3R5GuE0kHxVb9hjKRrzinwPtb4SxTyvqNNZLO0GHgS6ImQgZSl-HoWCJ_FhVgbujaOy4NoGyBiBIOIQsRbVtuivgD5WEXT9z6b1_hITdc3mlii0HH4uAhTK-Odj0F5pRV5GV_iPRd9WMdjPPPkzu7OH1sQGpbd-QkjUoKc9iZRHz_rqKlola8_RWWHKYRVpoCcAFNDfj-CT9ydG8zuUF5HvLBJG8xjp391tAjFuplvh77xia5ml0JKt0qnf-dqJsT8R_4Q1VQL8z91PzaqQJHpIfW0W8rxTyj7Ts8qIhK7aYbFOBKv6PoJKZWnRJS8wJ7fREkKKlDb2XAD-1O0x6whQgmWSmOsI0TKuobcNRXhvkCKMweRM1tJ-jxChMco-dwDriwqzP58EWaWE7hFm9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://manulife-staging.findbob.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Feb 2022 13:29:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~kzmqgb18&c=1964826767231179&e=42531397%2C44750774%2C31062423%2C31064806%2C31063222%2C31061691%2C44756432%2C31061693&ctx=1&met.3=166.2bd_i~164.2bx~165.2bv_2~326.2hq_1~216.2ho_3~215.2ho_3~843.2hn_4~779.2ht~868.2ht~889.2i2~639.2i7~914.2i7~112.2iz_2~629.2ll_1~113.3w8_2&met.7=CBsQCMAB67a8iQ8~CBsQBxgBIO8IKO8IMPQJOIUBQPAISPEIUPEIWMQJYJcJaMQJcPQJeP4EgAHSAogBuQSwAQG4AQPAAZejv68K~CBsQByDvCDisAcAB8omr3A4~CBsQByDwCDiSAsABgNvnzws~CBsQByDwCDgvwAGC38CMCQ~CBsQCiDwCDhnwAGTg5znCA~CBsQCiDwCDikAsABv9qhjQQ~CBsQCiDwCDimAsAB3Ib1vAw~CBsQCiDwCDiIA8AB9pKLrAM~CBsQCiDwCDilBsAB18yDyQg~CBsQCiDwCDinAsABgO3IvgE~CBsQCiDxCDj6AsAB9IGG7Ak~CBsQCiDxCDjtB8AB36jB1w0~CBsQCiDxCDj3B8ABn9-LuQg~CBsQBiDxCDjDA8ABmeOHlwk~CBsQBiDxCDjXC8ABpPLphgc~CBsQBiDxCDixB8ABn6e2mgY~CBsQAiChEzjwA8ABz4PT4gk~CBsQAiCiEzhtwAHB6MjpCg~CBsQAiCiEzjFAcABg8jjuAU~CBsQChgBIP0TKP0TMMYVOMkBwAHVntOmDA~CBsQDSCFFDj9AcAB2tjPugg~CBsQDSCHFDj5A8AB2tjPugg~CBsQCiDSFTiYAcAB2euw8wo~CAEQChgBINQVKNQVMLYXOOMBQNQVSNQVUNQVWK8WYP0VaLAWcPkWeKynA4ABgKUDiAHPyAmwAQG4AQPAAd6Ov5sB~CBsQCiD3FjhdwAHp3ozzCQ~CAwQBRgBIMsXKMsXMPYXOCxozhdw9Bd4sCaAAYQkiAHwULABAbgBA8AB2a-p8Qg~CAMQChgBIMwXKMwXMI4ZOMIBUM0XWPwXYM0XaPwXcL4YeLHEBoABhcIGiAGZkRKwAQG4AQPAAa3vt-UJ~CBsQDSDiFzgvwAGAkfKHCA~CCgQDRgBIJIYKJIYMM8YOD7AAeKygLkD~CBwQChgBIJ8ZKJ8ZMMgZOClonxlwxhl476oBgAHDqAGIAaG0A7ABAbgBA8AB4tLGugU~CBwQBhgBIKYZKKYZMO4ZOElophlw7Rl4rAKwAQG4AQPAAZSE4rUO~CBwQBhgBIKYZKKYZMO4ZOEhophlw7Rl4rAKwAQG4AQPAAZSE4rUO~CAUQBRgBIK4ZKK4ZMPoZOExorxlw-Rl42gKAAS6IAdsEsAEBuAEDwAGQx7LwCA~CBsQChgBIKIZKKIZMKgaOIYBQKIZSKMZUKMZWPgZYMkZaPgZcKgaePQDgAHIAYgB1gGwAQG4AQPAAeSq4PAC~CC8QBxgBIKUZKKUZMLsaOJYBQKUZSKYZUKYZWPwZYMsZaPwZcLoaeJADgAFkiAFrsAEBuAEDwAHttbKwCg~CC8QBxgBIKYZKKYZML0aOJcBQKYZSKYZUKYZWPwZYMwZaPwZcL0aeJADgAFkiAFrsAEBuAEDwAGb_4nHBw~CBsQBiDxCDiYHsABl_HbzA8~CBsQCDiVJ8AB67a8iQ8~CBsQCiC-JzgjwAGrud36Cw~CCcQDRgBIJUnKJUnMIcoOHNQlSdYxCdglSdoxSdw_Cd4h06AAdtLiAHYY7ABAbgBA8AB8_LLrgs~CCcQChgBIIkoKIkoMJopOJEBwAHiwZvaBQ~CCcQBRgBIKApKKApMPopOFvAAZmVn6AL~CBsQBRgBIKEpKKEpMKsqOIsBwAHPxtriAQ~CBwQBhgBIMArKMArMIssOEtowCtwiix4rAKwAQG4AQPAAZSE4rUO&met.1=1.kzmqg8i8~6.9l~7.9m~8.9m~9.9m~10.ge~11.c9~12.ge~13.uw~14.xj~15.uz~16.1z2~17.1z2~18.1zc~19.3v0~20.3v0~21.3v9~22.vr~23.vr
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20220209/r20110914/rum_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4007:82a::2003 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://manulife-staging.findbob.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Feb 2022 13:29:14 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

88 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| structuredClone object| webpackJsonp function| $ function| jQuery function| setImmediate function| clearImmediate object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome function| Waypoint object| ahoy object| __core-js_shared__ object| core object| global object| System function| asap function| Observable object| regeneratorRuntime boolean| _babelPolyfill object| ReactOnRails boolean| __REACT_ON_RAILS_EVENT_HANDLERS_RAN_ONCE__ number| 2f1acc6c3a606b082e5eef5e54414ffb function| _ function| tmp function| ChoiceField function| ListBox function| ComboBox function| EditBox function| Button function| PushButton function| RadioButton function| CheckBox function| TextField function| PasswordField object| AcroForm function| html2pdf function| _jzlib_Deflater function| Deflater function| RGBColor function| PNG object| dataLayer object| intercomSettings function| Intercom object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| googletag object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint object| google_optimize function| google_sa_impl object| google_rum_config object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| _google_rum_ns_ undefined| google_rum_values function| __intercomAssignLocation object| GoogleGcLKhOms

8 Cookies

Domain/Path Name / Value
manulife-staging.findbob.io/ Name: ahoy_visitor
Value: 0f609f42-4f50-4675-af0e-8c5c1beef804
manulife-staging.findbob.io/ Name: ahoy_visit
Value: d37a248b-9f8e-4b57-b997-126a0b1b72fe
.findbob.io/ Name: _ga
Value: GA1.2.1686587956.1644845350
.findbob.io/ Name: _gid
Value: GA1.2.345737518.1644845350
.findbob.io/ Name: _gat_UA-57621902-1
Value: 1
manulife-staging.findbob.io/ Name: _bob_session
Value: VkhSTkRxZGJhR2JtbGdDSzRIanRsQ1RCYkNxT2M2OW4yTUR3TXJXbFNwd2dERmhsbDI4SURVZnl3UXlpUHhwTG94Wi9FaWlQWHpTYlkrbkpQK2RhVFJVSVl6cXRaZVdkR2pnZVc2S0JnSitoQ3F4RGU5SjdEY3NjYUxwRG1ZVTdNQ1c3WTFFN2dpTEdDSzJJd0ltOHlBPT0tLURMVUIwTk1PRHYreEgzZ0dFNDVrZmc9PQ%3D%3D--9eeda68b9909c11e60eeb2df7c65e24c4b1f994f
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.findbob.io/ Name: __gads
Value: ID=5ae9872c35eb84ac-2249bf423ecd00cf:T=1644845350:RT=1644845350:S=ALNI_MZql340nnPirGDBILX4LimixG9QDw

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdnjs.cloudflare.com
csi.gstatic.com
findbob-production.s3-us-west-2.amazonaws.com
fonts.googleapis.com
googleads.g.doubleclick.net
js.intercomcdn.com
manulife-staging.findbob.io
officesnapshots.com
pagead2.googlesyndication.com
partner.googleadservices.com
static.twentyoverten.com
stats.g.doubleclick.net
tpc.googlesyndication.com
troiancapital.com
widget.intercom.io
www.google-analytics.com
www.google.com
www.googletagmanager.com
13.32.99.47
141.193.213.21
142.250.185.130
18.66.139.109
2404:6800:4007:82a::2003
2600:9000:2240:9000:14:68a3:abc0:93a1
2606:4700::6810:125e
2a00:1450:4001:800::2002
2a00:1450:4001:808::200e
2a00:1450:4001:809::2002
2a00:1450:4001:812::2002
2a00:1450:4001:827::2001
2a00:1450:4001:830::200a
2a00:1450:4001:831::2004
2a00:1450:4001:831::2008
2a00:1450:400c:c0d::9b
52.218.160.29
54.91.6.89
68.71.54.174
00222af43ab2610118ee10a21d33072a4e27564078eee8646b0630bca7157176
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0fce1e5c583c735582696477bec14d42051e60c74680e5d4b3b757c8c6f1ef40
12c42985f60f81ddd262128383214341222f7d06b2cbc3ea77124e34c5d9ec47
12f552248c1fdb76539d9611eb2f41fe9df77cba8d88317033db166b856a82fc
15d6ad4dfdb43d0affad683e70029f97a8f8fc8637a28845009ee0542dccdf81
1868d94315ce45a8670fde5baac673ca5ece1451295ba10996f35212322df7cb
21816c9dee547a1e56f2d75405bcaea002045f8ece215c4d92487b806decb9db
23e8ad351f5094d65657a9ae0f84265ab535ba3aa357759168363bc353278dca
2f380ee192e82daf8729969a1e0e50e1b0cc22096f73dc4995762c1d81206dcf
36b6658343786ca345e8cbbe4e7804edbb133013690e48402643fbd5b6b028f9
3c79c071d9a354356d1a86a79554a97c03fccdc65444b0c7872d7523ffcbb167
505965c5ce217dd5101a8a8108f2ab8c53b83d5e550342179369935584aa72aa
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5d9190292acdd48ba0fc35080f7e7448f3cdf0d79199a4d23f0f49b5341fdf29
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6820ce82cc8f00c206c8c18c163bafd6c7efd03969b454a6b5a7152f5959b764
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
72f669668030eb3f4face676b6a47e3c369db5f4c1aadde7d65243466e9c6753
75a288fc69dc769051f6414f6bdb5f185c05c02075d89a21b24f9c74a87b5d56
7e596facede6a26bb5e80f5073a6d023dab57b3b3667aec6c8adc806d469abf9
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7
88a7e6ad1801c3d4dababaf76e258d899be7310e93caf3b5fd01668a12cd55ae
936e2a79b73ecbd8d53e825de3c18ba942ba0896065872a266115ebe7904bc69
9ea8f002c7cb48068ec1e88bf2cacb8e2cf8062667d27453394fbbb62e5ea7cf
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a233318e5d99cea088aad43dcdad12b3d4763f9c108df13d73588e60db0cc14a
a23985e8a03895f54fa1ec36d9b49afe899f11ebf0cac080dc7b95ecb767f920
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
a76dafe8e298fbedda6e346e89e210b1d7343e4178cf8bcfe4ab7596d20aec2b
bb755aec302dda75c56605f02847d9ba4b37a265b93103eab3f93b6d7702466b
c3473005773121d3a756628b0b32cba203e16376250a05a5446bf7d347938645
d44a3249e2be052d683c7b58d03890937199b056a6313bd7ae0834281a70a2d6
d69ef9e38244dd9db96fbc072c215773eaae661765dd1ca3f6d1edcbe6261842
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e2717d6811a3a0b4c80d5c40ef344eb31534f0e9b595c4ccb7952852cae13053
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec46614c9e5d9185ce158bacd1d89111db96506e001cc1447cd302f486027c1c
f0484f83bbbe4e5dd34dd2b80442e52df8eb5915137a3a93b6f1fed217626697
f322a58657d1cc0f8fb514bab1f13c13f9c6b173595fa52033189467b8323553
f8a5a772a8e31b35307e413d233ee42ab986414c9ab31ee640c6bbdd3e2d7e23
fc7adae53225320f908cd974bfdc32aeba06200b21598a94f8348e2847ec73df