urlscan.io logo urlscan.io
SecurityTrails logo

ca-plans.astfinancial.com Open in urlscan Pro
74.121.165.38  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ca-plans.astfinancial.com/total-wealth
Effective URL: https://ca-plans.astfinancial.com/total-wealth/psapi/login_home.do?selectedLang=100
Submission: On May 12 via manual from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 17 HTTP transactions. The main IP is 74.121.165.38, located in Victoria, Canada and belongs to BACOM2-AS, CA. The main domain is ca-plans.astfinancial.com.
TLS certificate: Issued by GeoTrust TLS RSA CA G1 on September 13th 2019. Valid for: 2 years.
This is the only time ca-plans.astfinancial.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 16 74.121.165.38 603 (BACOM2-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
17 4
Domain Requested by
16 ca-plans.astfinancial.com 2 redirects ca-plans.astfinancial.com
1 fonts.gstatic.com fonts.googleapis.com
1 www.google-analytics.com ca-plans.astfinancial.com
1 fonts.googleapis.com ca-plans.astfinancial.com
17 4

This site contains no links.

Subject Issuer Validity Valid
*.astfinancial.com
GeoTrust TLS RSA CA G1		 2019-09-13 -
2021-10-01		 2 years crt.sh
upload.video.google.com
GTS CA 1O1		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-04-13 -
2021-07-06		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://ca-plans.astfinancial.com/total-wealth/psapi/login_home.do?selectedLang=100
Frame ID: 60C9F36399C5F47B2BAE9FDF938E3C4B
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://ca-plans.astfinancial.com/total-wealth HTTP 302
    https://ca-plans.astfinancial.com/total-wealth/ HTTP 302
    https://ca-plans.astfinancial.com/total-wealth/psapi/login_home.do?selectedLang=100 Page URL

Page Statistics

17
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

1156 kB
Transfer

1171 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ca-plans.astfinancial.com/total-wealth HTTP 302
    https://ca-plans.astfinancial.com/total-wealth/ HTTP 302
    https://ca-plans.astfinancial.com/total-wealth/psapi/login_home.do?selectedLang=100 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set login_home.do
ca-plans.astfinancial.com/total-wealth/psapi/
Redirect Chain
  • https://ca-plans.astfinancial.com/total-wealth
  • https://ca-plans.astfinancial.com/total-wealth/
  • https://ca-plans.astfinancial.com/total-wealth/psapi/login_home.do?selectedLang=100
9 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ca-plans.astfinancial.com/total-wealth/psapi/login_home.do?selectedLang=100
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.121.165.38 Victoria, Canada, ASN603 (BACOM2-AS, CA),
Reverse DNS
Software
/
Resource Hash
ff6ada8a5aeaddc47826e878bb688509e115104c2c5c7276b41f04b899a42cc0
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.astfinancial.com;style-src 'self' fonts.googleapis.com 'unsafe-inline';font-src 'self' fonts.googleapis.com fonts.gstatic.com astfinancial.com;img-src 'self' data: https:;object-src 'self'; script-src 'self' www.google-analytics.com ajax.googleapis.com fonts.googleapis.com astfinancial.com;frame-ancestors 'none';
Strict-Transport-Security max-age=16070400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
ca-plans.astfinancial.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
JSESSIONID=hb-1i_VnyVqYxgTzY2pZlPz4F2Qs5ifHDOd34Gwf.TWPRODCANode1; TS01b4a6f7=01a2c32caf70c17231a1583923583ad7aaf6d221fae15d56bf984cbd5751b181bda42000f07bd5df45ff6f70569dd3f63dfc9dbbe080598e7c2c87aaa3c95ea2dd6523b5e141aea8fb60d8fe515295c084c28ba3fc; BIGipServertw_pool=!zZOSxbflGB1Yzzq333FjrqbZTBIP3aUf/3Bjxz0WyLJV2M1UENiW3GG48Is8p37MrG5LCZvMJs9ppg==; TS01976851=01a2c32caf8cf1f6fed960c9293690d296e9b87a1be15d56bf984cbd5751b181bda42000f07bd5df45ff6f70569dd3f63dfc9dbbe07d4805b15884e632a54bfe4d2d93432a
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-store, no-cache
X-XSS-Protection
1; mode=block
Pragma
no-cache
X-Frame-Options
SAMEORIGIN
Content-Security-Policy
default-src 'self' *.astfinancial.com;style-src 'self' fonts.googleapis.com 'unsafe-inline';font-src 'self' fonts.googleapis.com fonts.gstatic.com astfinancial.com;img-src 'self' data: https:;object-src 'self'; script-src 'self' www.google-analytics.com ajax.googleapis.com fonts.googleapis.com astfinancial.com;frame-ancestors 'none';
Date
Wed, 12 May 2021 15:25:42 GMT
Connection
keep-alive
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
Content-Type
text/html;charset=UTF-8
Content-Language
en-US
Set-Cookie
TS01976851=01a2c32caf8cf1f6fed960c9293690d296e9b87a1be15d56bf984cbd5751b181bda42000f07bd5df45ff6f70569dd3f63dfc9dbbe07d4805b15884e632a54bfe4d2d93432a; Path=/; Domain=.ca-plans.astfinancial.com; Secure; HTTPOnly
Transfer-Encoding
chunked

Redirect headers

Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-store, no-cache
Set-Cookie
JSESSIONID=hb-1i_VnyVqYxgTzY2pZlPz4F2Qs5ifHDOd34Gwf.TWPRODCANode1; path=/total-wealth; secure; HttpOnly TS01976851=01a2c32caf8cf1f6fed960c9293690d296e9b87a1be15d56bf984cbd5751b181bda42000f07bd5df45ff6f70569dd3f63dfc9dbbe07d4805b15884e632a54bfe4d2d93432a; Path=/; Domain=.ca-plans.astfinancial.com; Secure; HTTPOnly TS01b4a6f7=01a2c32caf70c17231a1583923583ad7aaf6d221fae15d56bf984cbd5751b181bda42000f07bd5df45ff6f70569dd3f63dfc9dbbe080598e7c2c87aaa3c95ea2dd6523b5e141aea8fb60d8fe515295c084c28ba3fc; path=/total-wealth; HTTPonly; Secure
X-XSS-Protection
1; mode=block
Pragma
no-cache
X-Frame-Options
SAMEORIGIN
Location
https://ca-plans.astfinancial.com/total-wealth/psapi/login_home.do?selectedLang=100
Content-Security-Policy
default-src 'self' *.astfinancial.com;style-src 'self' fonts.googleapis.com 'unsafe-inline';font-src 'self' fonts.googleapis.com fonts.gstatic.com astfinancial.com;img-src 'self' data: https:;object-src 'self'; script-src 'self' www.google-analytics.com ajax.googleapis.com fonts.googleapis.com astfinancial.com;frame-ancestors 'none';
Date
Wed, 12 May 2021 15:25:42 GMT
Connection
keep-alive
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
Content-Type
text/html
Content-Length
0
Content-Language
en-US
bootstrap.css
ca-plans.astfinancial.com/total-wealth/bootstrap/css/ 		149 KB
150 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ca-plans.astfinancial.com/total-wealth/bootstrap/css/bootstrap.css
Requested by
Host: ca-plans.astfinancial.com
URL: https://ca-plans.astfinancial.com/total-wealth/psapi/login_home.do?selectedLang=100
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.121.165.38 Victoria, Canada, ASN603 (BACOM2-AS, CA),
Reverse DNS
Software
/
Resource Hash
a29236eed54ff257f34dd88abfd5a2f14b9190d84802f6703152d6b4ea511ca9
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.astfinancial.com;style-src 'self' fonts.googleapis.com 'unsafe-inline';font-src 'self' fonts.googleapis.com fonts.gstatic.com astfinancial.com;img-src 'self' data: https:;object-src 'self'; script-src 'self' www.google-analytics.com ajax.googleapis.com fonts.googleapis.com astfinancial.com;frame-ancestors 'none';
Strict-Transport-Security max-age=16070400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ca-plans.astfinancial.com/total-wealth/psapi/login_home.do?selectedLang=100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self' *.astfinancial.com;style-src 'self' fonts.googleapis.com 'unsafe-inline';font-src 'self' fonts.googleapis.com fonts.gstatic.com astfinancial.com;img-src 'self' data: https:;object-src 'self'; script-src 'self' www.google-analytics.com ajax.googleapis.com fonts.googleapis.com astfinancial.com;frame-ancestors 'none';
X-Content-Type-Options
nosniff
Last-Modified
Wed, 25 Sep 2019 17:14:22 GMT
X-Frame-Options
SAMEORIGIN
Date
Wed, 12 May 2021 15:25:42 GMT
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
Content-Language
en-US
Cache-Control
no-store, no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/css
Content-Length
152767
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
jquery-3.4.1.min.js
ca-plans.astfinancial.com/total-wealth/js/jquery/ 		86 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ca-plans.astfinancial.com/total-wealth/js/jquery/jquery-3.4.1.min.js
Requested by
Host: ca-plans.astfinancial.com
URL: https://ca-plans.astfinancial.com/total-wealth/psapi/login_home.do?selectedLang=100
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.121.165.38 Victoria, Canada, ASN603 (BACOM2-AS, CA),
Reverse DNS
Software
/
Resource Hash
412b8ff9c5ab32b9019fcd84bcd4a54c0e265a14528474f4ee45b27a20abeaeb
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.astfinancial.com;style-src 'self' fonts.googleapis.com 'unsafe-inline';font-src 'self' fonts.googleapis.com fonts.gstatic.com astfinancial.com;img-src 'self' data: https:;object-src 'self'; script-src 'self' www.google-analytics.com ajax.googleapis.com fonts.googleapis.com astfinancial.com;frame-ancestors 'none';
Strict-Transport-Security max-age=16070400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ca-plans.astfinancial.com/total-wealth/psapi/login_home.do?selectedLang=100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self' *.astfinancial.com;style-src 'self' fonts.googleapis.com 'unsafe-inline';font-src 'self' fonts.googleapis.com fonts.gstatic.com astfinancial.com;img-src 'self' data: https:;object-src 'self'; script-src 'self' www.google-analytics.com ajax.googleapis.com fonts.googleapis.com astfinancial.com;frame-ancestors 'none';
X-Content-Type-Options
nosniff
Last-Modified
Wed, 19 Feb 2020 10:38:08 GMT
X-Frame-Options
SAMEORIGIN
Date
Wed, 12 May 2021 15:25:43 GMT
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
Content-Language
en-US
Cache-Control
no-store, no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
88147
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
jquery-scripts.min.js
ca-plans.astfinancial.com/total-wealth/js/jquery/ 		506 KB
507 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ca-plans.astfinancial.com/total-wealth/js/jquery/jquery-scripts.min.js
Requested by
Host: ca-plans.astfinancial.com
URL: https://ca-plans.astfinancial.com/total-wealth/psapi/login_home.do?selectedLang=100
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.121.165.38 Victoria, Canada, ASN603 (BACOM2-AS, CA),
Reverse DNS
Software
/
Resource Hash
e446a4fcea754d1dc052f4784e6bc9bf096d120e2dc6cf9ec2a553601d5d3047
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.astfinancial.com;style-src 'self' fonts.googleapis.com 'unsafe-inline';font-src 'self' fonts.googleapis.com fonts.gstatic.com astfinancial.com;img-src 'self' data: https:;object-src 'self'; script-src 'self' www.google-analytics.com ajax.googleapis.com fonts.googleapis.com astfinancial.com;frame-ancestors 'none';
Strict-Transport-Security max-age=16070400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ca-plans.astfinancial.com/total-wealth/psapi/login_home.do?selectedLang=100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self' *.astfinancial.com;style-src 'self' fonts.googleapis.com 'unsafe-inline';font-src 'self' fonts.googleapis.com fonts.gstatic.com astfinancial.com;img-src 'self' data: https:;object-src 'self'; script-src 'self' www.google-analytics.com ajax.googleapis.com fonts.googleapis.com astfinancial.com;frame-ancestors 'none';
X-Content-Type-Options
nosniff
Last-Modified
Wed, 07 Apr 2021 16:43:38 GMT
X-Frame-Options
SAMEORIGIN
Date
Wed, 12 May 2021 15:25:43 GMT
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
Content-Language
en-US
Cache-Control
no-store, no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
518404
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
css
fonts.googleapis.com/ 		2 KB
642 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: ca-plans.astfinancial.com
URL: https://ca-plans.astfinancial.com/total-wealth/psapi/login_home.do?selectedLang=100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c340f2fc9103b3a383daf2262c4c58829e4acd29f2e18e02675a823f89eef33b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ca-plans.astfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 12 May 2021 14:10:58 GMT
server
ESF
date
Wed, 12 May 2021 15:25:42 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 12 May 2021 15:25:42 GMT
icomoon.css
ca-plans.astfinancial.com/total-wealth/css/fonts/icomoon/ 		21 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ca-plans.astfinancial.com/total-wealth/css/fonts/icomoon/icomoon.css
Requested by
Host: ca-plans.astfinancial.com
URL: https://ca-plans.astfinancial.com/total-wealth/psapi/login_home.do?selectedLang=100
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.121.165.38 Victoria, Canada, ASN603 (BACOM2-AS, CA),
Reverse DNS
Software
/
Resource Hash
5f9cc37bf831d9b6cb62130c4841d17b2e387cae18550a38d0c89cdf495189b8
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.astfinancial.com;style-src 'self' fonts.googleapis.com 'unsafe-inline';font-src 'self' fonts.googleapis.com fonts.gstatic.com astfinancial.com;img-src 'self' data: https:;object-src 'self'; script-src 'self' www.google-analytics.com ajax.googleapis.com fonts.googleapis.com astfinancial.com;frame-ancestors 'none';
Strict-Transport-Security max-age=16070400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ca-plans.astfinancial.com/total-wealth/psapi/login_home.do?selectedLang=100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self' *.astfinancial.com;style-src 'self' fonts.googleapis.com 'unsafe-inline';font-src 'self' fonts.googleapis.com fonts.gstatic.com astfinancial.com;img-src 'self' data: https:;object-src 'self'; script-src 'self' www.google-analytics.com ajax.googleapis.com fonts.googleapis.com astfinancial.com;frame-ancestors 'none';
X-Content-Type-Options
nosniff
Last-Modified
Mon, 30 Nov 2020 16:35:06 GMT
X-Frame-Options
SAMEORIGIN
Date
Wed, 12 May 2021 15:25:43 GMT
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
Content-Language
en-US
Cache-Control
no-store, no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/css
Content-Length
21872
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
app-scripts.min.js
ca-plans.astfinancial.com/total-wealth/scripts/ 		20 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ca-plans.astfinancial.com/total-wealth/scripts/app-scripts.min.js
Requested by
Host: ca-plans.astfinancial.com
URL: https://ca-plans.astfinancial.com/total-wealth/psapi/login_home.do?selectedLang=100
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.121.165.38 Victoria, Canada, ASN603 (BACOM2-AS, CA),
Reverse DNS
Software
/
Resource Hash
5a215c1b30926d1d2bef5ad056f3b04f7e15e1e73b87cef084ecfd9a3a38861c
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.astfinancial.com;style-src 'self' fonts.googleapis.com 'unsafe-inline';font-src 'self' fonts.googleapis.com fonts.gstatic.com astfinancial.com;img-src 'self' data: https:;object-src 'self'; script-src 'self' www.google-analytics.com ajax.googleapis.com fonts.googleapis.com astfinancial.com;frame-ancestors 'none';
Strict-Transport-Security max-age=16070400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ca-plans.astfinancial.com/total-wealth/psapi/login_home.do?selectedLang=100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self' *.astfinancial.com;style-src 'self' fonts.googleapis.com 'unsafe-inline';font-src 'self' fonts.googleapis.com fonts.gstatic.com astfinancial.com;img-src 'self' data: https:;object-src 'self'; script-src 'self' www.google-analytics.com ajax.googleapis.com fonts.googleapis.com astfinancial.com;frame-ancestors 'none';
X-Content-Type-Options
nosniff
Last-Modified
Wed, 07 Apr 2021 16:43:36 GMT
X-Frame-Options
SAMEORIGIN
Date
Wed, 12 May 2021 15:25:43 GMT
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
Content-Language
en-US
Cache-Control
no-store, no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
20866
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
app-styles.min.css
ca-plans.astfinancial.com/total-wealth/css/ 		126 KB
127 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ca-plans.astfinancial.com/total-wealth/css/app-styles.min.css
Requested by
Host: ca-plans.astfinancial.com
URL: https://ca-plans.astfinancial.com/total-wealth/psapi/login_home.do?selectedLang=100
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.121.165.38 Victoria, Canada, ASN603 (BACOM2-AS, CA),
Reverse DNS
Software
/
Resource Hash
2b7d2a35dd9dc18f7450726e133d624ee00bc9284a9073b3c29ca6d2de63b91e
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.astfinancial.com;style-src 'self' fonts.googleapis.com 'unsafe-inline';font-src 'self' fonts.googleapis.com fonts.gstatic.com astfinancial.com;img-src 'self' data: https:;object-src 'self'; script-src 'self' www.google-analytics.com ajax.googleapis.com fonts.googleapis.com astfinancial.com;frame-ancestors 'none';
Strict-Transport-Security max-age=16070400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ca-plans.astfinancial.com/total-wealth/psapi/login_home.do?selectedLang=100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self' *.astfinancial.com;style-src 'self' fonts.googleapis.com 'unsafe-inline';font-src 'self' fonts.googleapis.com fonts.gstatic.com astfinancial.com;img-src 'self' data: https:;object-src 'self'; script-src 'self' www.google-analytics.com ajax.googleapis.com fonts.googleapis.com astfinancial.com;frame-ancestors 'none';
X-Content-Type-Options
nosniff
Last-Modified
Wed, 07 Apr 2021 16:43:34 GMT
X-Frame-Options
SAMEORIGIN
Date
Wed, 12 May 2021 15:25:43 GMT
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
Content-Language
en-US
Cache-Control
no-store, no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/css
Content-Length
129311
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
psalogin.js
ca-plans.astfinancial.com/total-wealth/js/psapi/ 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ca-plans.astfinancial.com/total-wealth/js/psapi/psalogin.js
Requested by
Host: ca-plans.astfinancial.com
URL: https://ca-plans.astfinancial.com/total-wealth/psapi/login_home.do?selectedLang=100
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.121.165.38 Victoria, Canada, ASN603 (BACOM2-AS, CA),
Reverse DNS
Software
/
Resource Hash
25716e8b0d9bc929d2c41b3b04be7dbc997d07c7e8025e3bd273cb2f234fe651
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.astfinancial.com;style-src 'self' fonts.googleapis.com 'unsafe-inline';font-src 'self' fonts.googleapis.com fonts.gstatic.com astfinancial.com;img-src 'self' data: https:;object-src 'self'; script-src 'self' www.google-analytics.com ajax.googleapis.com fonts.googleapis.com astfinancial.com;frame-ancestors 'none';
Strict-Transport-Security max-age=16070400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ca-plans.astfinancial.com/total-wealth/psapi/login_home.do?selectedLang=100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self' *.astfinancial.com;style-src 'self' fonts.googleapis.com 'unsafe-inline';font-src 'self' fonts.googleapis.com fonts.gstatic.com astfinancial.com;img-src 'self' data: https:;object-src 'self'; script-src 'self' www.google-analytics.com ajax.googleapis.com fonts.googleapis.com astfinancial.com;frame-ancestors 'none';
X-Content-Type-Options
nosniff
Last-Modified
Thu, 18 Mar 2021 14:33:14 GMT
X-Frame-Options
SAMEORIGIN
Date
Wed, 12 May 2021 15:25:43 GMT
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
Content-Language
en-US
Cache-Control
no-store, no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
5329
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cookie set ast-header-logo-2x.png
ca-plans.astfinancial.com/total-wealth/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ca-plans.astfinancial.com/total-wealth/images/ast-header-logo-2x.png
Requested by
Host: ca-plans.astfinancial.com
URL: https://ca-plans.astfinancial.com/total-wealth/psapi/login_home.do?selectedLang=100
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.121.165.38 Victoria, Canada, ASN603 (BACOM2-AS, CA),
Reverse DNS
Software
/
Resource Hash
572c5462f2910550b4b9b7b43e7669a13415861ed1177a0ef8f9b53641dfa67a
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.astfinancial.com;style-src 'self' fonts.googleapis.com 'unsafe-inline';font-src 'self' fonts.googleapis.com fonts.gstatic.com astfinancial.com;img-src 'self' data: https:;object-src 'self'; script-src 'self' www.google-analytics.com ajax.googleapis.com fonts.googleapis.com astfinancial.com;frame-ancestors 'none';
Strict-Transport-Security max-age=16070400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
ca-plans.astfinancial.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://ca-plans.astfinancial.com/total-wealth/psapi/login_home.do?selectedLang=100
Cookie
JSESSIONID=hb-1i_VnyVqYxgTzY2pZlPz4F2Qs5ifHDOd34Gwf.TWPRODCANode1; TS01b4a6f7=01a2c32caf70c17231a1583923583ad7aaf6d221fae15d56bf984cbd5751b181bda42000f07bd5df45ff6f70569dd3f63dfc9dbbe080598e7c2c87aaa3c95ea2dd6523b5e141aea8fb60d8fe515295c084c28ba3fc; BIGipServertw_pool=!zZOSxbflGB1Yzzq333FjrqbZTBIP3aUf/3Bjxz0WyLJV2M1UENiW3GG48Is8p37MrG5LCZvMJs9ppg==; TS01976851=01a2c32caf8cf1f6fed960c9293690d296e9b87a1be15d56bf984cbd5751b181bda42000f07bd5df45ff6f70569dd3f63dfc9dbbe07d4805b15884e632a54bfe4d2d93432a
Connection
keep-alive
Referer
https://ca-plans.astfinancial.com/total-wealth/psapi/login_home.do?selectedLang=100
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self' *.astfinancial.com;style-src 'self' fonts.googleapis.com 'unsafe-inline';font-src 'self' fonts.googleapis.com fonts.gstatic.com astfinancial.com;img-src 'self' data: https:;object-src 'self'; script-src 'self' www.google-analytics.com ajax.googleapis.com fonts.googleapis.com astfinancial.com;frame-ancestors 'none';
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
5945
X-XSS-Protection
1; mode=block
Pragma
no-cache
Last-Modified
Wed, 19 Feb 2020 10:38:08 GMT
Date
Wed, 12 May 2021 15:25:43 GMT
X-Frame-Options
SAMEORIGIN
Content-Language
en-US
Cache-Control
no-store, no-cache
Set-Cookie
TS01976851=01a2c32caf8cf1f6fed960c9293690d296e9b87a1be15d56bf984cbd5751b181bda42000f07bd5df45ff6f70569dd3f63dfc9dbbe07d4805b15884e632a54bfe4d2d93432a; Path=/; Domain=.ca-plans.astfinancial.com; Secure; HTTPOnly
Accept-Ranges
bytes
Content-Type
image/png
Expires
Thu, 01 Jan 1970 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: ca-plans.astfinancial.com
URL: https://ca-plans.astfinancial.com/total-wealth/scripts/app-scripts.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ca-plans.astfinancial.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
3532
date
Wed, 12 May 2021 14:26:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Wed, 12 May 2021 16:26:52 GMT
Cookie set client-access-header-bg-2x-new.jpg
ca-plans.astfinancial.com/total-wealth/images/ 		123 KB
124 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ca-plans.astfinancial.com/total-wealth/images/client-access-header-bg-2x-new.jpg
Requested by
Host: ca-plans.astfinancial.com
URL: https://ca-plans.astfinancial.com/total-wealth/css/app-styles.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.121.165.38 Victoria, Canada, ASN603 (BACOM2-AS, CA),
Reverse DNS
Software
/
Resource Hash
2bf92afbd9b9d85183cc5bceffe10d7c58766c784215cbb5cfaf4a828a882db0
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.astfinancial.com;style-src 'self' fonts.googleapis.com 'unsafe-inline';font-src 'self' fonts.googleapis.com fonts.gstatic.com astfinancial.com;img-src 'self' data: https:;object-src 'self'; script-src 'self' www.google-analytics.com ajax.googleapis.com fonts.googleapis.com astfinancial.com;frame-ancestors 'none';
Strict-Transport-Security max-age=16070400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
ca-plans.astfinancial.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://ca-plans.astfinancial.com/total-wealth/css/app-styles.min.css
Cookie
JSESSIONID=hb-1i_VnyVqYxgTzY2pZlPz4F2Qs5ifHDOd34Gwf.TWPRODCANode1; TS01b4a6f7=01a2c32caf70c17231a1583923583ad7aaf6d221fae15d56bf984cbd5751b181bda42000f07bd5df45ff6f70569dd3f63dfc9dbbe080598e7c2c87aaa3c95ea2dd6523b5e141aea8fb60d8fe515295c084c28ba3fc; BIGipServertw_pool=!zZOSxbflGB1Yzzq333FjrqbZTBIP3aUf/3Bjxz0WyLJV2M1UENiW3GG48Is8p37MrG5LCZvMJs9ppg==; TS01976851=01a2c32caf8cf1f6fed960c9293690d296e9b87a1be15d56bf984cbd5751b181bda42000f07bd5df45ff6f70569dd3f63dfc9dbbe07d4805b15884e632a54bfe4d2d93432a
Connection
keep-alive
Referer
https://ca-plans.astfinancial.com/total-wealth/css/app-styles.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self' *.astfinancial.com;style-src 'self' fonts.googleapis.com 'unsafe-inline';font-src 'self' fonts.googleapis.com fonts.gstatic.com astfinancial.com;img-src 'self' data: https:;object-src 'self'; script-src 'self' www.google-analytics.com ajax.googleapis.com fonts.googleapis.com astfinancial.com;frame-ancestors 'none';
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
125662
X-XSS-Protection
1; mode=block
Pragma
no-cache
Last-Modified
Mon, 08 Mar 2021 14:07:24 GMT
Date
Wed, 12 May 2021 15:25:44 GMT
X-Frame-Options
SAMEORIGIN
Content-Language
en-US
Cache-Control
no-store, no-cache
Set-Cookie
TS01976851=01a2c32caf8cf1f6fed960c9293690d296e9b87a1be15d56bf984cbd5751b181bda42000f07bd5df45ff6f70569dd3f63dfc9dbbe07d4805b15884e632a54bfe4d2d93432a; Path=/; Domain=.ca-plans.astfinancial.com; Secure; HTTPOnly
Accept-Ranges
bytes
Content-Type
image/jpeg
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cookie set footer-ast-cropped-logo-2x.png
ca-plans.astfinancial.com/total-wealth/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ca-plans.astfinancial.com/total-wealth/images/footer-ast-cropped-logo-2x.png
Requested by
Host: ca-plans.astfinancial.com
URL: https://ca-plans.astfinancial.com/total-wealth/css/app-styles.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.121.165.38 Victoria, Canada, ASN603 (BACOM2-AS, CA),
Reverse DNS
Software
/
Resource Hash
2f8e552af02cc299349780cb5ae89680af975fcd6251c58a84658f56414136bf
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.astfinancial.com;style-src 'self' fonts.googleapis.com 'unsafe-inline';font-src 'self' fonts.googleapis.com fonts.gstatic.com astfinancial.com;img-src 'self' data: https:;object-src 'self'; script-src 'self' www.google-analytics.com ajax.googleapis.com fonts.googleapis.com astfinancial.com;frame-ancestors 'none';
Strict-Transport-Security max-age=16070400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
ca-plans.astfinancial.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://ca-plans.astfinancial.com/total-wealth/css/app-styles.min.css
Cookie
JSESSIONID=hb-1i_VnyVqYxgTzY2pZlPz4F2Qs5ifHDOd34Gwf.TWPRODCANode1; TS01b4a6f7=01a2c32caf70c17231a1583923583ad7aaf6d221fae15d56bf984cbd5751b181bda42000f07bd5df45ff6f70569dd3f63dfc9dbbe080598e7c2c87aaa3c95ea2dd6523b5e141aea8fb60d8fe515295c084c28ba3fc; BIGipServertw_pool=!zZOSxbflGB1Yzzq333FjrqbZTBIP3aUf/3Bjxz0WyLJV2M1UENiW3GG48Is8p37MrG5LCZvMJs9ppg==; TS01976851=01a2c32caf8cf1f6fed960c9293690d296e9b87a1be15d56bf984cbd5751b181bda42000f07bd5df45ff6f70569dd3f63dfc9dbbe07d4805b15884e632a54bfe4d2d93432a
Connection
keep-alive
Referer
https://ca-plans.astfinancial.com/total-wealth/css/app-styles.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self' *.astfinancial.com;style-src 'self' fonts.googleapis.com 'unsafe-inline';font-src 'self' fonts.googleapis.com fonts.gstatic.com astfinancial.com;img-src 'self' data: https:;object-src 'self'; script-src 'self' www.google-analytics.com ajax.googleapis.com fonts.googleapis.com astfinancial.com;frame-ancestors 'none';
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
4479
X-XSS-Protection
1; mode=block
Pragma
no-cache
Last-Modified
Wed, 19 Feb 2020 10:38:08 GMT
Date
Wed, 12 May 2021 15:25:44 GMT
X-Frame-Options
SAMEORIGIN
Content-Language
en-US
Cache-Control
no-store, no-cache
Set-Cookie
TS01976851=01a2c32caf8cf1f6fed960c9293690d296e9b87a1be15d56bf984cbd5751b181bda42000f07bd5df45ff6f70569dd3f63dfc9dbbe07d4805b15884e632a54bfe4d2d93432a; Path=/; Domain=.ca-plans.astfinancial.com; Secure; HTTPOnly
Accept-Ranges
bytes
Content-Type
image/png
Expires
Thu, 01 Jan 1970 00:00:00 GMT
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://ca-plans.astfinancial.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 01:50:37 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:22 GMT
server
sffe
age
135307
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14380
x-xss-protection
0
expires
Wed, 11 May 2022 01:50:37 GMT
Cookie set icomoon.ttf
ca-plans.astfinancial.com/total-wealth/css/fonts/ 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ca-plans.astfinancial.com/total-wealth/css/fonts/icomoon.ttf?twf48c
Requested by
Host: ca-plans.astfinancial.com
URL: https://ca-plans.astfinancial.com/total-wealth/css/app-styles.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.121.165.38 Victoria, Canada, ASN603 (BACOM2-AS, CA),
Reverse DNS
Software
/
Resource Hash
0ab560e4dd206677a1753ffdba49ab2451e5f10b7f8a616b57cd2c5128c51dba
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.astfinancial.com;style-src 'self' fonts.googleapis.com 'unsafe-inline';font-src 'self' fonts.googleapis.com fonts.gstatic.com astfinancial.com;img-src 'self' data: https:;object-src 'self'; script-src 'self' www.google-analytics.com ajax.googleapis.com fonts.googleapis.com astfinancial.com;frame-ancestors 'none';
Strict-Transport-Security max-age=16070400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://ca-plans.astfinancial.com
Accept-Encoding
gzip, deflate, br
Host
ca-plans.astfinancial.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://ca-plans.astfinancial.com/total-wealth/css/app-styles.min.css
Cookie
JSESSIONID=hb-1i_VnyVqYxgTzY2pZlPz4F2Qs5ifHDOd34Gwf.TWPRODCANode1; TS01b4a6f7=01a2c32caf70c17231a1583923583ad7aaf6d221fae15d56bf984cbd5751b181bda42000f07bd5df45ff6f70569dd3f63dfc9dbbe080598e7c2c87aaa3c95ea2dd6523b5e141aea8fb60d8fe515295c084c28ba3fc; BIGipServertw_pool=!zZOSxbflGB1Yzzq333FjrqbZTBIP3aUf/3Bjxz0WyLJV2M1UENiW3GG48Is8p37MrG5LCZvMJs9ppg==; TS01976851=01a2c32caf8cf1f6fed960c9293690d296e9b87a1be15d56bf984cbd5751b181bda42000f07bd5df45ff6f70569dd3f63dfc9dbbe07d4805b15884e632a54bfe4d2d93432a
Connection
keep-alive
Origin
https://ca-plans.astfinancial.com
Referer
https://ca-plans.astfinancial.com/total-wealth/css/app-styles.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self' *.astfinancial.com;style-src 'self' fonts.googleapis.com 'unsafe-inline';font-src 'self' fonts.googleapis.com fonts.gstatic.com astfinancial.com;img-src 'self' data: https:;object-src 'self'; script-src 'self' www.google-analytics.com ajax.googleapis.com fonts.googleapis.com astfinancial.com;frame-ancestors 'none';
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
33636
X-XSS-Protection
1; mode=block
Pragma
no-cache
Last-Modified
Wed, 25 Sep 2019 17:14:22 GMT
Date
Wed, 12 May 2021 15:25:44 GMT
X-Frame-Options
SAMEORIGIN
Content-Language
en-US
Cache-Control
no-cache, no-store, must-revalidate
Set-Cookie
TS01976851=01a2c32caf8cf1f6fed960c9293690d296e9b87a1be15d56bf984cbd5751b181bda42000f07bd5df45ff6f70569dd3f63dfc9dbbe07d4805b15884e632a54bfe4d2d93432a; Path=/; Domain=.ca-plans.astfinancial.com; Secure; HTTPOnly
Accept-Ranges
bytes
Content-Type
application/x-font-ttf
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cookie set glyphicons-halflings-regular.woff2
ca-plans.astfinancial.com/total-wealth/bootstrap/fonts/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ca-plans.astfinancial.com/total-wealth/bootstrap/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: ca-plans.astfinancial.com
URL: https://ca-plans.astfinancial.com/total-wealth/bootstrap/css/bootstrap.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.121.165.38 Victoria, Canada, ASN603 (BACOM2-AS, CA),
Reverse DNS
Software
/
Resource Hash
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.astfinancial.com;style-src 'self' fonts.googleapis.com 'unsafe-inline';font-src 'self' fonts.googleapis.com fonts.gstatic.com astfinancial.com;img-src 'self' data: https:;object-src 'self'; script-src 'self' www.google-analytics.com ajax.googleapis.com fonts.googleapis.com astfinancial.com;frame-ancestors 'none';
Strict-Transport-Security max-age=16070400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://ca-plans.astfinancial.com
Accept-Encoding
gzip, deflate, br
Host
ca-plans.astfinancial.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://ca-plans.astfinancial.com/total-wealth/bootstrap/css/bootstrap.css
Cookie
JSESSIONID=hb-1i_VnyVqYxgTzY2pZlPz4F2Qs5ifHDOd34Gwf.TWPRODCANode1; TS01b4a6f7=01a2c32caf70c17231a1583923583ad7aaf6d221fae15d56bf984cbd5751b181bda42000f07bd5df45ff6f70569dd3f63dfc9dbbe080598e7c2c87aaa3c95ea2dd6523b5e141aea8fb60d8fe515295c084c28ba3fc; BIGipServertw_pool=!zZOSxbflGB1Yzzq333FjrqbZTBIP3aUf/3Bjxz0WyLJV2M1UENiW3GG48Is8p37MrG5LCZvMJs9ppg==; TS01976851=01a2c32caf8cf1f6fed960c9293690d296e9b87a1be15d56bf984cbd5751b181bda42000f07bd5df45ff6f70569dd3f63dfc9dbbe07d4805b15884e632a54bfe4d2d93432a
Connection
keep-alive
Origin
https://ca-plans.astfinancial.com
Referer
https://ca-plans.astfinancial.com/total-wealth/bootstrap/css/bootstrap.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self' *.astfinancial.com;style-src 'self' fonts.googleapis.com 'unsafe-inline';font-src 'self' fonts.googleapis.com fonts.gstatic.com astfinancial.com;img-src 'self' data: https:;object-src 'self'; script-src 'self' www.google-analytics.com ajax.googleapis.com fonts.googleapis.com astfinancial.com;frame-ancestors 'none';
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
18028
X-XSS-Protection
1; mode=block
Pragma
no-cache
Last-Modified
Wed, 25 Sep 2019 17:14:22 GMT
Date
Wed, 12 May 2021 15:25:44 GMT
X-Frame-Options
SAMEORIGIN
Content-Language
en-US
Cache-Control
no-cache, no-store, must-revalidate
Set-Cookie
TS01976851=01a2c32caf8cf1f6fed960c9293690d296e9b87a1be15d56bf984cbd5751b181bda42000f07bd5df45ff6f70569dd3f63dfc9dbbe07d4805b15884e632a54bfe4d2d93432a; Path=/; Domain=.ca-plans.astfinancial.com; Secure; HTTPOnly
Accept-Ranges
bytes
Content-Type
application/font-woff2
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cookie set login_getLanguageList.do
ca-plans.astfinancial.com/total-wealth/psapi/ 		510 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ca-plans.astfinancial.com/total-wealth/psapi/login_getLanguageList.do
Requested by
Host: ca-plans.astfinancial.com
URL: https://ca-plans.astfinancial.com/total-wealth/js/jquery/jquery-3.4.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.121.165.38 Victoria, Canada, ASN603 (BACOM2-AS, CA),
Reverse DNS
Software
/
Resource Hash
77da47be27625b609a731798fbeaa19c6fed33130de141e2498b7d6c0c3861e8
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.astfinancial.com;style-src 'self' fonts.googleapis.com 'unsafe-inline';font-src 'self' fonts.googleapis.com fonts.gstatic.com astfinancial.com;img-src 'self' data: https:;object-src 'self'; script-src 'self' www.google-analytics.com ajax.googleapis.com fonts.googleapis.com astfinancial.com;frame-ancestors 'none';
Strict-Transport-Security max-age=16070400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
cors
Origin
https://ca-plans.astfinancial.com
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest
Cookie
JSESSIONID=hb-1i_VnyVqYxgTzY2pZlPz4F2Qs5ifHDOd34Gwf.TWPRODCANode1; TS01b4a6f7=01a2c32caf70c17231a1583923583ad7aaf6d221fae15d56bf984cbd5751b181bda42000f07bd5df45ff6f70569dd3f63dfc9dbbe080598e7c2c87aaa3c95ea2dd6523b5e141aea8fb60d8fe515295c084c28ba3fc; BIGipServertw_pool=!zZOSxbflGB1Yzzq333FjrqbZTBIP3aUf/3Bjxz0WyLJV2M1UENiW3GG48Is8p37MrG5LCZvMJs9ppg==; TS01976851=01a2c32caf8cf1f6fed960c9293690d296e9b87a1be15d56bf984cbd5751b181bda42000f07bd5df45ff6f70569dd3f63dfc9dbbe07d4805b15884e632a54bfe4d2d93432a
Connection
keep-alive
Content-Length
0
Pragma
no-cache
Host
ca-plans.astfinancial.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Cache-Control
no-cache
Referer
https://ca-plans.astfinancial.com/total-wealth/psapi/login_home.do?selectedLang=100
Sec-Fetch-Site
same-origin
Accept
*/*
Referer
https://ca-plans.astfinancial.com/total-wealth/psapi/login_home.do?selectedLang=100
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self' *.astfinancial.com;style-src 'self' fonts.googleapis.com 'unsafe-inline';font-src 'self' fonts.googleapis.com fonts.gstatic.com astfinancial.com;img-src 'self' data: https:;object-src 'self'; script-src 'self' www.google-analytics.com ajax.googleapis.com fonts.googleapis.com astfinancial.com;frame-ancestors 'none';
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
Date
Wed, 12 May 2021 15:25:44 GMT
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
Connection
keep-alive
Content-Language
en-US
Cache-Control
no-cache
Transfer-Encoding
chunked
Set-Cookie
TS01976851=01a2c32caf8cf1f6fed960c9293690d296e9b87a1be15d56bf984cbd5751b181bda42000f07bd5df45ff6f70569dd3f63dfc9dbbe07d4805b15884e632a54bfe4d2d93432a; Path=/; Domain=.ca-plans.astfinancial.com; Secure; HTTPOnly
Content-Type
text/text;charset=utf-8
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

98 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery undefined| interval undefined| popupinterval undefined| warningtime number| warning string| logoutUrl string| timer2 function| startTimer function| popupLoop function| checkTimer function| warningLoop string| gaAppCode string| gaDomainName string| language string| contextPath string| csrPinReset string| pinValidationURL function| pingToServer function| setBackToTW function| redirectVideo function| redirect function| showPinResetModal function| showAccountUnlockModal function| displayEmbededPopupContent function| setupPinReset function| setupResetConfirmation function| setupAccountUnlock function| unlockSuccess function| unlockFailure function| getDisplayedSubMenuWidth function| toggleDataRowSelection function| dataGridContentAlignmentSingleGrid function| dataGridContentAlignment function| isEmpty function| generateLineChart function| generatePieChart function| showDlcModal function| showMFAModal function| showTaRegistrationWarning function| printConfimationPage boolean| isPopupDisplayed object| popupStack object| modlWindow object| putBackToDom boolean| isPopupModal function| clearPopupStack object| popupInputHandler object| parkedMessages boolean| isDocumentReady function| OnDocumentReadyShowPopup function| getPopupInputHandler function| doSelfSubmit function| takePopupBackup function| showPopupFromStack function| runShowPopupFromURL function| runShowPopupWithContent function| runShowPopupFromContentId function| showConfirmationPopup function| initDialog function| isCurrentPopupHidden function| loadDataToDialog function| openPage function| showModalDialog function| closeCurrentPopup function| closePopup function| getPopupErrorValue function| ClientErrorHandler function| STKClientErrorHandler function| applyStyleToContent function| getActivePopupForm function| putBackElementToDom function| getSortedValues string| GoogleAnalyticsObject function| ga object| validator function| login function| getErrorMessage function| setupLoginValidation function| setupForgotPinValidation function| getLangValue object| languageList string| buttonHTML object| google_tag_data object| gaplugins object| gaGlobal object| gaData

4 Cookies

Domain/Path Name / Value
.ca-plans.astfinancial.com/ Name: TS01976851
Value: 01a2c32caf8cf1f6fed960c9293690d296e9b87a1be15d56bf984cbd5751b181bda42000f07bd5df45ff6f70569dd3f63dfc9dbbe07d4805b15884e632a54bfe4d2d93432a
ca-plans.astfinancial.com/ Name: BIGipServertw_pool
Value: !zZOSxbflGB1Yzzq333FjrqbZTBIP3aUf/3Bjxz0WyLJV2M1UENiW3GG48Is8p37MrG5LCZvMJs9ppg==
ca-plans.astfinancial.com/total-wealth Name: TS01b4a6f7
Value: 01a2c32caf70c17231a1583923583ad7aaf6d221fae15d56bf984cbd5751b181bda42000f07bd5df45ff6f70569dd3f63dfc9dbbe080598e7c2c87aaa3c95ea2dd6523b5e141aea8fb60d8fe515295c084c28ba3fc
ca-plans.astfinancial.com/total-wealth Name: JSESSIONID
Value: hb-1i_VnyVqYxgTzY2pZlPz4F2Qs5ifHDOd34Gwf.TWPRODCANode1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' *.astfinancial.com;style-src 'self' fonts.googleapis.com 'unsafe-inline';font-src 'self' fonts.googleapis.com fonts.gstatic.com astfinancial.com;img-src 'self' data: https:;object-src 'self'; script-src 'self' www.google-analytics.com ajax.googleapis.com fonts.googleapis.com astfinancial.com;frame-ancestors 'none';
Strict-Transport-Security max-age=16070400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block