urlscan.io logo urlscan.io
SecurityTrails logo

creditorselfserve-uat.canadalife.com Open in urlscan Pro
156.11.9.124  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://creditorselfserve-uat.canadalife.com/
Effective URL: https://creditorselfserve-uat.canadalife.com/en/Account/Login
Submission: On August 24 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 7 domains to perform 23 HTTP transactions. The main IP is 156.11.9.124, located in Canada and belongs to GWL-CA-ASN, CA. The main domain is creditorselfserve-uat.canadalife.com.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on November 29th 2021. Valid for: a year.
This is the only time creditorselfserve-uat.canadalife.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 17 156.11.9.124 397433 (GWL-CA-ASN)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
23 7
17    156.11.9.124 (Canada)

ASN397433 (GWL-CA-ASN, CA)
creditorselfserve-uat.canadalife.com
2    2607:f8b0:4006:807::200a (Perth Amboy, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
2    2607:f8b0:4006:80d::200e (Perth Amboy, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2607:f8b0:4006:80c::2003 (Perth Amboy, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2607:f8b0:4004:c06::9a (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
17 canadalife.com
creditorselfserve-uat.canadalife.com
710 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 45
20 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 54
2 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 108
453 B
1 gstatic.com
fonts.gstatic.com
13 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 727
20 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 219
3 KB
23 7
Domain Requested by
17 creditorselfserve-uat.canadalife.com 2 redirects creditorselfserve-uat.canadalife.com
2 www.google-analytics.com creditorselfserve-uat.canadalife.com
www.google-analytics.com
2 fonts.googleapis.com creditorselfserve-uat.canadalife.com
1 stats.g.doubleclick.net www.google-analytics.com
1 fonts.gstatic.com fonts.googleapis.com
1 maxcdn.bootstrapcdn.com creditorselfserve-uat.canadalife.com
1 cdnjs.cloudflare.com creditorselfserve-uat.canadalife.com
23 7

This site contains links to these domains. Also see Links.

Domain
www.canadalife.com
Subject Issuer Validity Valid
creditorselfserve-uat.canadalife.com
Sectigo RSA Organization Validation Secure Server CA		 2021-11-29 -
2022-11-29		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://creditorselfserve-uat.canadalife.com/en/Account/Login
Frame ID: 47C052FD8EB96709CB1FA41A0D6EBDCB
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

LoginGCDM Portal Phase II

Page URL History Show full URLs

  1. http://creditorselfserve-uat.canadalife.com/ HTTP 302
    https://creditorselfserve-uat.canadalife.com/ HTTP 302
    https://creditorselfserve-uat.canadalife.com/en/Account/Login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

23
Requests

100 %
HTTPS

86 %
IPv6

7
Domains

7
Subdomains

7
IPs

2
Countries

767 kB
Transfer

896 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://creditorselfserve-uat.canadalife.com/ HTTP 302
    https://creditorselfserve-uat.canadalife.com/ HTTP 302
    https://creditorselfserve-uat.canadalife.com/en/Account/Login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Login
creditorselfserve-uat.canadalife.com/en/Account/
Redirect Chain
  • http://creditorselfserve-uat.canadalife.com/
  • https://creditorselfserve-uat.canadalife.com/
  • https://creditorselfserve-uat.canadalife.com/en/Account/Login
13 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://creditorselfserve-uat.canadalife.com/en/Account/Login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
156.11.9.124 , Canada, ASN397433 (GWL-CA-ASN, CA),
Reverse DNS
Software
/
Resource Hash
6b675d87fa798a1f5cd97cf0ce70d2db5067e0218f89880baf474b170d5a3f81
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.gwl.ca https://*.canadalife.com https://*.googleapis.com https://*.cloudflare.com; object-src 'self'; script-src 'self' https://www.google-analytics.com https://zn5ilszeqmgtgcub4-gwlcx.siteintercept.qualtrics.com https://siteintercept.qualtrics.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com https://fonts.googleapis.com https://cdnjs.cloudflare.com 'unsafe-inline' https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1
cache-control
no-cache, no-store,no-cache, no-store
content-length
13497
content-security-policy
frame-ancestors https://*.gwl.ca https://*.canadalife.com https://*.googleapis.com https://*.cloudflare.com; object-src 'self'; script-src 'self' https://www.google-analytics.com https://zn5ilszeqmgtgcub4-gwlcx.siteintercept.qualtrics.com https://siteintercept.qualtrics.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com https://fonts.googleapis.com https://cdnjs.cloudflare.com 'unsafe-inline' https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
content-type
text/html; charset=utf-8
date
Wed, 24 Aug 2022 05:23:38 GMT
expires
-1,-1
p3p
CP="NON CUR OTPi OUR NOR UNI"
pragma
no-cache,no-cache
strict-transport-security
max-age=15552000; includeSubDomains
x-frame-options
SAMEORIGIN
x-ua-compatible
IE=edge

Redirect headers

X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1
cache-control
no-cache, no-store,no-cache, no-store
content-length
134
content-security-policy
frame-ancestors https://*.gwl.ca https://*.canadalife.com https://*.googleapis.com https://*.cloudflare.com; object-src 'self'; script-src 'self' https://www.google-analytics.com https://zn5ilszeqmgtgcub4-gwlcx.siteintercept.qualtrics.com https://siteintercept.qualtrics.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com https://fonts.googleapis.com https://cdnjs.cloudflare.com 'unsafe-inline' https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
content-type
text/html; charset=utf-8
date
Wed, 24 Aug 2022 05:23:38 GMT
expires
-1,-1
location
/en/Account/Login
p3p
CP="NON CUR OTPi OUR NOR UNI"
pragma
no-cache,no-cache
strict-transport-security
max-age=15552000; includeSubDomains
x-ua-compatible
IE=edge
css
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro
Requested by
Host: creditorselfserve-uat.canadalife.com
URL: https://creditorselfserve-uat.canadalife.com/en/Account/Login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::200a Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
619a808802b71dd9406f6988a933d1c3893b39066325988f1256598b644e3c83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://creditorselfserve-uat.canadalife.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 24 Aug 2022 04:17:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 24 Aug 2022 05:23:38 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 24 Aug 2022 05:23:38 GMT
css
fonts.googleapis.com/ 		5 KB
645 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nunito:300,400,700
Requested by
Host: creditorselfserve-uat.canadalife.com
URL: https://creditorselfserve-uat.canadalife.com/en/Account/Login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::200a Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d384e7e41b82cb578964bead5c6774f433306485ac5cf75b6c3fa0ededbb5302
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://creditorselfserve-uat.canadalife.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 24 Aug 2022 03:34:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 24 Aug 2022 05:23:38 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 24 Aug 2022 05:23:38 GMT
simple-line-icons.css
cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.3.2/css/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.3.2/css/simple-line-icons.css
Requested by
Host: creditorselfserve-uat.canadalife.com
URL: https://creditorselfserve-uat.canadalife.com/en/Account/Login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdd31dce65b6e3bd3c540a14b265a314bd9bd3718e5eaff74ad0fad9109a838f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://creditorselfserve-uat.canadalife.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 05:23:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
7752589
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2186
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:16:18 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fd2-31d2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T6vQZh28QtuynqaoC7g%2FleGzwBO0qDqFafeb%2B575qum3p7Z7Gtdzh2Fzm2TbE%2BJUiUvbWYyzf1s%2B%2F%2BvhgfMWXXikowrGwRHTOzZOzVTOV4yRKCtmaaz0dukU8orbdezHNq%2B6A7S%2FwnPh9aKPVgsU2%2Bwr"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
73f9a833cba97142-YUL
expires
Mon, 14 Aug 2023 05:23:38 GMT
bootstrap.css
creditorselfserve-uat.canadalife.com/Content/ 		149 KB
150 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://creditorselfserve-uat.canadalife.com/Content/bootstrap.css
Requested by
Host: creditorselfserve-uat.canadalife.com
URL: https://creditorselfserve-uat.canadalife.com/en/Account/Login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
156.11.9.124 , Canada, ASN397433 (GWL-CA-ASN, CA),
Reverse DNS
Software
/
Resource Hash
03fd71b5486c03a9739d7f60d903b94611cf7abe4a70dd044d5be7f7a9f7cba8
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.gwl.ca https://*.canadalife.com https://*.googleapis.com https://*.cloudflare.com; object-src 'self'; script-src 'self' https://www.google-analytics.com https://zn5ilszeqmgtgcub4-gwlcx.siteintercept.qualtrics.com https://siteintercept.qualtrics.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com https://fonts.googleapis.com https://cdnjs.cloudflare.com 'unsafe-inline' https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://creditorselfserve-uat.canadalife.com/en/Account/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 05:23:38 GMT
X-Content-Type-Options
nosniff
p3p
CP="NON CUR OTPi OUR NOR UNI"
content-length
152842
X-XSS-Protection
1
x-ua-compatible
IE=edge
pragma
no-cache
last-modified
Mon, 18 Jul 2022 18:32:40 GMT
X-Frame-Options
SAMEORIGIN
etag
"054d6c2d49ad81:0"
strict-transport-security
max-age=15552000; includeSubDomains
content-type
text/css
cache-control
no-cache, no-store
content-security-policy
frame-ancestors https://*.gwl.ca https://*.canadalife.com https://*.googleapis.com https://*.cloudflare.com; object-src 'self'; script-src 'self' https://www.google-analytics.com https://zn5ilszeqmgtgcub4-gwlcx.siteintercept.qualtrics.com https://siteintercept.qualtrics.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com https://fonts.googleapis.com https://cdnjs.cloudflare.com 'unsafe-inline' https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
accept-ranges
bytes
expires
-1
site.css
creditorselfserve-uat.canadalife.com/Content/ 		25 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://creditorselfserve-uat.canadalife.com/Content/site.css?V=1
Requested by
Host: creditorselfserve-uat.canadalife.com
URL: https://creditorselfserve-uat.canadalife.com/en/Account/Login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
156.11.9.124 , Canada, ASN397433 (GWL-CA-ASN, CA),
Reverse DNS
Software
/
Resource Hash
2edd52efe59005b4873ceecc9c2da7d2ae625106ff494db305dc71cb40b48a4c
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.gwl.ca https://*.canadalife.com https://*.googleapis.com https://*.cloudflare.com; object-src 'self'; script-src 'self' https://www.google-analytics.com https://zn5ilszeqmgtgcub4-gwlcx.siteintercept.qualtrics.com https://siteintercept.qualtrics.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com https://fonts.googleapis.com https://cdnjs.cloudflare.com 'unsafe-inline' https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://creditorselfserve-uat.canadalife.com/en/Account/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 05:23:38 GMT
X-Content-Type-Options
nosniff
p3p
CP="NON CUR OTPi OUR NOR UNI"
content-length
25990
X-XSS-Protection
1
x-ua-compatible
IE=edge
pragma
no-cache
last-modified
Mon, 18 Jul 2022 18:12:02 GMT
X-Frame-Options
SAMEORIGIN
etag
"085eee0d19ad81:0"
strict-transport-security
max-age=15552000; includeSubDomains
content-type
text/css
cache-control
no-cache, no-store
content-security-policy
frame-ancestors https://*.gwl.ca https://*.canadalife.com https://*.googleapis.com https://*.cloudflare.com; object-src 'self'; script-src 'self' https://www.google-analytics.com https://zn5ilszeqmgtgcub4-gwlcx.siteintercept.qualtrics.com https://siteintercept.qualtrics.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com https://fonts.googleapis.com https://cdnjs.cloudflare.com 'unsafe-inline' https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
accept-ranges
bytes
expires
-1
modernizr
creditorselfserve-uat.canadalife.com/bundles/ 		11 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://creditorselfserve-uat.canadalife.com/bundles/modernizr?v=inCVuEFe6J4Q07A0AcRsbJic_UE5MwpRMNGcOtk94TE1
Requested by
Host: creditorselfserve-uat.canadalife.com
URL: https://creditorselfserve-uat.canadalife.com/en/Account/Login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
156.11.9.124 , Canada, ASN397433 (GWL-CA-ASN, CA),
Reverse DNS
Software
/
Resource Hash
9e83216908224ffbc39992a5e60f93ca21b8e2240ba28025ba679c4b70f7112d
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.gwl.ca https://*.canadalife.com https://*.googleapis.com https://*.cloudflare.com; object-src 'self'; script-src 'self' https://www.google-analytics.com https://zn5ilszeqmgtgcub4-gwlcx.siteintercept.qualtrics.com https://siteintercept.qualtrics.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com https://fonts.googleapis.com https://cdnjs.cloudflare.com 'unsafe-inline' https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://creditorselfserve-uat.canadalife.com/en/Account/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 05:23:38 GMT
X-Content-Type-Options
nosniff
last-modified
Wed, 24 Aug 2022 05:23:38 GMT
X-Frame-Options
SAMEORIGIN
p3p
CP="NON CUR OTPi OUR NOR UNI"
expires
Thu, 24 Aug 2023 05:23:38 GMT,-1
cache-control
public,no-cache, no-store
content-security-policy
frame-ancestors https://*.gwl.ca https://*.canadalife.com https://*.googleapis.com https://*.cloudflare.com; object-src 'self'; script-src 'self' https://www.google-analytics.com https://zn5ilszeqmgtgcub4-gwlcx.siteintercept.qualtrics.com https://siteintercept.qualtrics.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com https://fonts.googleapis.com https://cdnjs.cloudflare.com 'unsafe-inline' https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
strict-transport-security
max-age=15552000; includeSubDomains
content-type
text/javascript; charset=utf-8
vary
User-Agent
content-length
11095
X-XSS-Protection
1
x-ua-compatible
IE=edge
CanadaLife_RGB_EN.png
creditorselfserve-uat.canadalife.com/Content/images/ 		108 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creditorselfserve-uat.canadalife.com/Content/images/CanadaLife_RGB_EN.png?V=1
Requested by
Host: creditorselfserve-uat.canadalife.com
URL: https://creditorselfserve-uat.canadalife.com/en/Account/Login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
156.11.9.124 , Canada, ASN397433 (GWL-CA-ASN, CA),
Reverse DNS
Software
/
Resource Hash
9812ead3a26d84b3ac5472e4b476214030ff5be48052cef581862b2fcb0da6c9
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.gwl.ca https://*.canadalife.com https://*.googleapis.com https://*.cloudflare.com; object-src 'self'; script-src 'self' https://www.google-analytics.com https://zn5ilszeqmgtgcub4-gwlcx.siteintercept.qualtrics.com https://siteintercept.qualtrics.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com https://fonts.googleapis.com https://cdnjs.cloudflare.com 'unsafe-inline' https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://creditorselfserve-uat.canadalife.com/en/Account/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 05:23:39 GMT
X-Content-Type-Options
nosniff
p3p
CP="NON CUR OTPi OUR NOR UNI"
content-length
110823
X-XSS-Protection
1
x-ua-compatible
IE=edge
pragma
no-cache
last-modified
Mon, 18 Jul 2022 18:12:02 GMT
X-Frame-Options
SAMEORIGIN
etag
"085eee0d19ad81:0"
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/png
cache-control
no-cache, no-store
content-security-policy
frame-ancestors https://*.gwl.ca https://*.canadalife.com https://*.googleapis.com https://*.cloudflare.com; object-src 'self'; script-src 'self' https://www.google-analytics.com https://zn5ilszeqmgtgcub4-gwlcx.siteintercept.qualtrics.com https://siteintercept.qualtrics.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com https://fonts.googleapis.com https://cdnjs.cloudflare.com 'unsafe-inline' https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
accept-ranges
bytes
expires
-1
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: creditorselfserve-uat.canadalife.com
URL: https://creditorselfserve-uat.canadalife.com/en/Account/Login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://creditorselfserve-uat.canadalife.com/
Origin
https://creditorselfserve-uat.canadalife.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 05:23:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
cdn-edgestorageid
871
access-control-allow-origin
*
cdn-cachedat
07/07/2022 17:49:34
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver
1.02
timing-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
server
cloudflare
cdn-requestpullcode
200
etag
W/"ec3bb52a00e176a7181d454dffaea219"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
a71027bf277d68e0463511ed565e9b7f
cf-ray
73f9a83558d07154-YUL
cdn-requestcountrycode
US
cdn-status
200
cdn-requestpullsuccess
True
style.min.css
creditorselfserve-uat.canadalife.com/Content/ 		16 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://creditorselfserve-uat.canadalife.com/Content/style.min.css
Requested by
Host: creditorselfserve-uat.canadalife.com
URL: https://creditorselfserve-uat.canadalife.com/en/Account/Login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
156.11.9.124 , Canada, ASN397433 (GWL-CA-ASN, CA),
Reverse DNS
Software
/
Resource Hash
928b4e012680981ff9f4fdc4f26879d096db4f6f2327fa1132e40abfa42a0300
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.gwl.ca https://*.canadalife.com https://*.googleapis.com https://*.cloudflare.com; object-src 'self'; script-src 'self' https://www.google-analytics.com https://zn5ilszeqmgtgcub4-gwlcx.siteintercept.qualtrics.com https://siteintercept.qualtrics.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com https://fonts.googleapis.com https://cdnjs.cloudflare.com 'unsafe-inline' https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://creditorselfserve-uat.canadalife.com/en/Account/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 05:23:38 GMT
X-Content-Type-Options
nosniff
p3p
CP="NON CUR OTPi OUR NOR UNI"
content-length
16056
X-XSS-Protection
1
x-ua-compatible
IE=edge
pragma
no-cache
last-modified
Mon, 18 Jul 2022 18:12:02 GMT
X-Frame-Options
SAMEORIGIN
etag
"085eee0d19ad81:0"
strict-transport-security
max-age=15552000; includeSubDomains
content-type
text/css
cache-control
no-cache, no-store
content-security-policy
frame-ancestors https://*.gwl.ca https://*.canadalife.com https://*.googleapis.com https://*.cloudflare.com; object-src 'self'; script-src 'self' https://www.google-analytics.com https://zn5ilszeqmgtgcub4-gwlcx.siteintercept.qualtrics.com https://siteintercept.qualtrics.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com https://fonts.googleapis.com https://cdnjs.cloudflare.com 'unsafe-inline' https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
accept-ranges
bytes
expires
-1
open-new.svg
creditorselfserve-uat.canadalife.com/Content/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creditorselfserve-uat.canadalife.com/Content/images/open-new.svg
Requested by
Host: creditorselfserve-uat.canadalife.com
URL: https://creditorselfserve-uat.canadalife.com/en/Account/Login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
156.11.9.124 , Canada, ASN397433 (GWL-CA-ASN, CA),
Reverse DNS
Software
/
Resource Hash
757e51c6cd19f92e682e173b8c2c6423e384ddf64d5f67d456979d6575d2a455
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.gwl.ca https://*.canadalife.com https://*.googleapis.com https://*.cloudflare.com; object-src 'self'; script-src 'self' https://www.google-analytics.com https://zn5ilszeqmgtgcub4-gwlcx.siteintercept.qualtrics.com https://siteintercept.qualtrics.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com https://fonts.googleapis.com https://cdnjs.cloudflare.com 'unsafe-inline' https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://creditorselfserve-uat.canadalife.com/en/Account/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 05:23:38 GMT
X-Content-Type-Options
nosniff
p3p
CP="NON CUR OTPi OUR NOR UNI"
content-length
1630
X-XSS-Protection
1
x-ua-compatible
IE=edge
pragma
no-cache
last-modified
Mon, 18 Jul 2022 18:12:02 GMT
X-Frame-Options
SAMEORIGIN
etag
"085eee0d19ad81:0"
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/svg+xml
cache-control
no-cache, no-store
content-security-policy
frame-ancestors https://*.gwl.ca https://*.canadalife.com https://*.googleapis.com https://*.cloudflare.com; object-src 'self'; script-src 'self' https://www.google-analytics.com https://zn5ilszeqmgtgcub4-gwlcx.siteintercept.qualtrics.com https://siteintercept.qualtrics.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com https://fonts.googleapis.com https://cdnjs.cloudflare.com 'unsafe-inline' https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
accept-ranges
bytes
expires
-1
jquery
creditorselfserve-uat.canadalife.com/bundles/ 		84 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://creditorselfserve-uat.canadalife.com/bundles/jquery?v=yuMp_AiknJx1CClwZg1H_FF6IUxqQeDHAjt3qZKPvCs1
Requested by
Host: creditorselfserve-uat.canadalife.com
URL: https://creditorselfserve-uat.canadalife.com/en/Account/Login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
156.11.9.124 , Canada, ASN397433 (GWL-CA-ASN, CA),
Reverse DNS
Software
/
Resource Hash
7f643bebe54386bc0855dffd5334d99a8b589eb9d5460b2eadf6683cdefa255e
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.gwl.ca https://*.canadalife.com https://*.googleapis.com https://*.cloudflare.com; object-src 'self'; script-src 'self' https://www.google-analytics.com https://zn5ilszeqmgtgcub4-gwlcx.siteintercept.qualtrics.com https://siteintercept.qualtrics.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com https://fonts.googleapis.com https://cdnjs.cloudflare.com 'unsafe-inline' https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://creditorselfserve-uat.canadalife.com/en/Account/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 05:23:38 GMT
X-Content-Type-Options
nosniff
last-modified
Wed, 24 Aug 2022 05:23:38 GMT
X-Frame-Options
SAMEORIGIN
p3p
CP="NON CUR OTPi OUR NOR UNI"
expires
Thu, 24 Aug 2023 05:23:38 GMT,-1
cache-control
public,no-cache, no-store
content-security-policy
frame-ancestors https://*.gwl.ca https://*.canadalife.com https://*.googleapis.com https://*.cloudflare.com; object-src 'self'; script-src 'self' https://www.google-analytics.com https://zn5ilszeqmgtgcub4-gwlcx.siteintercept.qualtrics.com https://siteintercept.qualtrics.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com https://fonts.googleapis.com https://cdnjs.cloudflare.com 'unsafe-inline' https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
strict-transport-security
max-age=15552000; includeSubDomains
content-type
text/javascript; charset=utf-8
vary
User-Agent
content-length
85640
X-XSS-Protection
1
x-ua-compatible
IE=edge
bootstrap
creditorselfserve-uat.canadalife.com/bundles/ 		40 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://creditorselfserve-uat.canadalife.com/bundles/bootstrap?v=-ktyuuYVm8reiCqek-REkH9kFQQZ53F1Ay-TXz9RIew1
Requested by
Host: creditorselfserve-uat.canadalife.com
URL: https://creditorselfserve-uat.canadalife.com/en/Account/Login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
156.11.9.124 , Canada, ASN397433 (GWL-CA-ASN, CA),
Reverse DNS
Software
/
Resource Hash
e5840bc1fc5ecf2ce08305f4eddf2fd9444ac3a2d79e541ae6775a6011ac4531
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.gwl.ca https://*.canadalife.com https://*.googleapis.com https://*.cloudflare.com; object-src 'self'; script-src 'self' https://www.google-analytics.com https://zn5ilszeqmgtgcub4-gwlcx.siteintercept.qualtrics.com https://siteintercept.qualtrics.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com https://fonts.googleapis.com https://cdnjs.cloudflare.com 'unsafe-inline' https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://creditorselfserve-uat.canadalife.com/en/Account/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 05:23:38 GMT
X-Content-Type-Options
nosniff
last-modified
Wed, 24 Aug 2022 05:23:38 GMT
X-Frame-Options
SAMEORIGIN
p3p
CP="NON CUR OTPi OUR NOR UNI"
expires
Thu, 24 Aug 2023 05:23:38 GMT,-1
cache-control
public,no-cache, no-store
content-security-policy
frame-ancestors https://*.gwl.ca https://*.canadalife.com https://*.googleapis.com https://*.cloudflare.com; object-src 'self'; script-src 'self' https://www.google-analytics.com https://zn5ilszeqmgtgcub4-gwlcx.siteintercept.qualtrics.com https://siteintercept.qualtrics.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com https://fonts.googleapis.com https://cdnjs.cloudflare.com 'unsafe-inline' https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
strict-transport-security
max-age=15552000; includeSubDomains
content-type
text/javascript; charset=utf-8
vary
User-Agent
content-length
40847
X-XSS-Protection
1
x-ua-compatible
IE=edge
Customscripts
creditorselfserve-uat.canadalife.com/bundles/ 		22 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://creditorselfserve-uat.canadalife.com/bundles/Customscripts?v=8Q7zJvlWzXKoSwT_aGt7jUiEyYSRCIkqMMO4LIFMQdg1
Requested by
Host: creditorselfserve-uat.canadalife.com
URL: https://creditorselfserve-uat.canadalife.com/en/Account/Login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
156.11.9.124 , Canada, ASN397433 (GWL-CA-ASN, CA),
Reverse DNS
Software
/
Resource Hash
b42826a380c3f7153c1ed4c3b28ffc6d15daf5bf1f52487b81d8638e025442b8
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.gwl.ca https://*.canadalife.com https://*.googleapis.com https://*.cloudflare.com; object-src 'self'; script-src 'self' https://www.google-analytics.com https://zn5ilszeqmgtgcub4-gwlcx.siteintercept.qualtrics.com https://siteintercept.qualtrics.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com https://fonts.googleapis.com https://cdnjs.cloudflare.com 'unsafe-inline' https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://creditorselfserve-uat.canadalife.com/en/Account/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 05:23:38 GMT
X-Content-Type-Options
nosniff
last-modified
Wed, 24 Aug 2022 05:23:38 GMT
X-Frame-Options
SAMEORIGIN
p3p
CP="NON CUR OTPi OUR NOR UNI"
expires
Thu, 24 Aug 2023 05:23:38 GMT,-1
cache-control
public,no-cache, no-store
content-security-policy
frame-ancestors https://*.gwl.ca https://*.canadalife.com https://*.googleapis.com https://*.cloudflare.com; object-src 'self'; script-src 'self' https://www.google-analytics.com https://zn5ilszeqmgtgcub4-gwlcx.siteintercept.qualtrics.com https://siteintercept.qualtrics.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com https://fonts.googleapis.com https://cdnjs.cloudflare.com 'unsafe-inline' https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
strict-transport-security
max-age=15552000; includeSubDomains
content-type
text/javascript; charset=utf-8
vary
User-Agent
content-length
22994
X-XSS-Protection
1
x-ua-compatible
IE=edge
SourceSansPro-Regular.otf
creditorselfserve-uat.canadalife.com/Content/source-sans-pro/ 		224 KB
225 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://creditorselfserve-uat.canadalife.com/Content/source-sans-pro/SourceSansPro-Regular.otf
Requested by
Host: creditorselfserve-uat.canadalife.com
URL: https://creditorselfserve-uat.canadalife.com/Content/site.css?V=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
156.11.9.124 , Canada, ASN397433 (GWL-CA-ASN, CA),
Reverse DNS
Software
/
Resource Hash
6b096b47206d8f78a2c49af2f2ae46b35d93b0e3cf105a9febef59144aa2eae2
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.gwl.ca https://*.canadalife.com https://*.googleapis.com https://*.cloudflare.com; object-src 'self'; script-src 'self' https://www.google-analytics.com https://zn5ilszeqmgtgcub4-gwlcx.siteintercept.qualtrics.com https://siteintercept.qualtrics.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com https://fonts.googleapis.com https://cdnjs.cloudflare.com 'unsafe-inline' https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://creditorselfserve-uat.canadalife.com/Content/site.css?V=1
Origin
https://creditorselfserve-uat.canadalife.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 05:23:38 GMT
X-Content-Type-Options
nosniff
p3p
CP="NON CUR OTPi OUR NOR UNI"
content-length
229588
X-XSS-Protection
1
x-ua-compatible
IE=edge
pragma
no-cache
last-modified
Mon, 18 Jul 2022 18:12:02 GMT
X-Frame-Options
SAMEORIGIN
etag
"085eee0d19ad81:0"
strict-transport-security
max-age=15552000; includeSubDomains
content-type
application/x-font-otf
cache-control
no-cache, no-store
content-security-policy
frame-ancestors https://*.gwl.ca https://*.canadalife.com https://*.googleapis.com https://*.cloudflare.com; object-src 'self'; script-src 'self' https://www.google-analytics.com https://zn5ilszeqmgtgcub4-gwlcx.siteintercept.qualtrics.com https://siteintercept.qualtrics.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com https://fonts.googleapis.com https://cdnjs.cloudflare.com 'unsafe-inline' https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
accept-ranges
bytes
expires
-1
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: creditorselfserve-uat.canadalife.com
URL: https://creditorselfserve-uat.canadalife.com/en/Account/Login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200e Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://creditorselfserve-uat.canadalife.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
1277
date
Wed, 24 Aug 2022 05:02:21 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 24 Aug 2022 07:02:21 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://creditorselfserve-uat.canadalife.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 09:47:31 GMT
x-content-type-options
nosniff
age
70567
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13036
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:04:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 23 Aug 2023 09:47:31 GMT
arrow.svg
creditorselfserve-uat.canadalife.com/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creditorselfserve-uat.canadalife.com/images/arrow.svg
Requested by
Host: creditorselfserve-uat.canadalife.com
URL: https://creditorselfserve-uat.canadalife.com/Content/style.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
156.11.9.124 , Canada, ASN397433 (GWL-CA-ASN, CA),
Reverse DNS
Software
/
Resource Hash
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.gwl.ca https://*.canadalife.com https://*.googleapis.com https://*.cloudflare.com; object-src 'self'; script-src 'self' https://www.google-analytics.com https://zn5ilszeqmgtgcub4-gwlcx.siteintercept.qualtrics.com https://siteintercept.qualtrics.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com https://fonts.googleapis.com https://cdnjs.cloudflare.com 'unsafe-inline' https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://creditorselfserve-uat.canadalife.com/Content/style.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 05:23:38 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
p3p
CP="NON CUR OTPi OUR NOR UNI"
expires
-1
cache-control
no-cache, no-store
content-security-policy
frame-ancestors https://*.gwl.ca https://*.canadalife.com https://*.googleapis.com https://*.cloudflare.com; object-src 'self'; script-src 'self' https://www.google-analytics.com https://zn5ilszeqmgtgcub4-gwlcx.siteintercept.qualtrics.com https://siteintercept.qualtrics.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com https://fonts.googleapis.com https://cdnjs.cloudflare.com 'unsafe-inline' https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
strict-transport-security
max-age=15552000; includeSubDomains
content-type
text/html
content-length
1245
X-XSS-Protection
1
x-ua-compatible
IE=edge
error-x.svg
creditorselfserve-uat.canadalife.com/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creditorselfserve-uat.canadalife.com/images/error-x.svg
Requested by
Host: creditorselfserve-uat.canadalife.com
URL: https://creditorselfserve-uat.canadalife.com/Content/style.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
156.11.9.124 , Canada, ASN397433 (GWL-CA-ASN, CA),
Reverse DNS
Software
/
Resource Hash
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.gwl.ca https://*.canadalife.com https://*.googleapis.com https://*.cloudflare.com; object-src 'self'; script-src 'self' https://www.google-analytics.com https://zn5ilszeqmgtgcub4-gwlcx.siteintercept.qualtrics.com https://siteintercept.qualtrics.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com https://fonts.googleapis.com https://cdnjs.cloudflare.com 'unsafe-inline' https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://creditorselfserve-uat.canadalife.com/Content/style.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 05:23:38 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
p3p
CP="NON CUR OTPi OUR NOR UNI"
expires
-1
cache-control
no-cache, no-store
content-security-policy
frame-ancestors https://*.gwl.ca https://*.canadalife.com https://*.googleapis.com https://*.cloudflare.com; object-src 'self'; script-src 'self' https://www.google-analytics.com https://zn5ilszeqmgtgcub4-gwlcx.siteintercept.qualtrics.com https://siteintercept.qualtrics.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com https://fonts.googleapis.com https://cdnjs.cloudflare.com 'unsafe-inline' https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
strict-transport-security
max-age=15552000; includeSubDomains
content-type
text/html
content-length
1245
X-XSS-Protection
1
x-ua-compatible
IE=edge
Foco.ttf
creditorselfserve-uat.canadalife.com/font/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://creditorselfserve-uat.canadalife.com/font/Foco.ttf
Requested by
Host: creditorselfserve-uat.canadalife.com
URL: https://creditorselfserve-uat.canadalife.com/Content/style.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
156.11.9.124 , Canada, ASN397433 (GWL-CA-ASN, CA),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.gwl.ca https://*.canadalife.com https://*.googleapis.com https://*.cloudflare.com; object-src 'self'; script-src 'self' https://www.google-analytics.com https://zn5ilszeqmgtgcub4-gwlcx.siteintercept.qualtrics.com https://siteintercept.qualtrics.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com https://fonts.googleapis.com https://cdnjs.cloudflare.com 'unsafe-inline' https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://creditorselfserve-uat.canadalife.com/Content/style.min.css
Origin
https://creditorselfserve-uat.canadalife.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 05:23:38 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
p3p
CP="NON CUR OTPi OUR NOR UNI"
expires
-1
cache-control
no-cache, no-store
content-security-policy
frame-ancestors https://*.gwl.ca https://*.canadalife.com https://*.googleapis.com https://*.cloudflare.com; object-src 'self'; script-src 'self' https://www.google-analytics.com https://zn5ilszeqmgtgcub4-gwlcx.siteintercept.qualtrics.com https://siteintercept.qualtrics.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com https://fonts.googleapis.com https://cdnjs.cloudflare.com 'unsafe-inline' https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
strict-transport-security
max-age=15552000; includeSubDomains
content-type
text/html
content-length
1245
X-XSS-Protection
1
x-ua-compatible
IE=edge
collect
www.google-analytics.com/j/ 		4 B
223 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=405980389&t=pageview&_s=1&dl=https%3A%2F%2Fcreditorselfserve-uat.canadalife.com%2Fen%2FAccount%2FLogin&ul=en-us&de=UTF-8&dt=Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1529992108&gjid=1539896625&cid=1910995930.1661318619&tid=UA-84082849-1&_gid=464545865.1661318619&_r=1&_slc=1&z=1059446876
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200e Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://creditorselfserve-uat.canadalife.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 05:23:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://creditorselfserve-uat.canadalife.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
453 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-84082849-1&cid=1910995930.1661318619&jid=1529992108&gjid=1539896625&_gid=464545865.1661318619&_u=IEBAAEAAAAAAAC~&z=871877222
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://creditorselfserve-uat.canadalife.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 24 Aug 2022 05:23:38 GMT
content-type
text/plain
access-control-allow-origin
https://creditorselfserve-uat.canadalife.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
Foco.ttf
creditorselfserve-uat.canadalife.com/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://creditorselfserve-uat.canadalife.com/fonts/Foco.ttf
Requested by
Host: creditorselfserve-uat.canadalife.com
URL: https://creditorselfserve-uat.canadalife.com/Content/site.css?V=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
156.11.9.124 , Canada, ASN397433 (GWL-CA-ASN, CA),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.gwl.ca https://*.canadalife.com https://*.googleapis.com https://*.cloudflare.com; object-src 'self'; script-src 'self' https://www.google-analytics.com https://zn5ilszeqmgtgcub4-gwlcx.siteintercept.qualtrics.com https://siteintercept.qualtrics.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com https://fonts.googleapis.com https://cdnjs.cloudflare.com 'unsafe-inline' https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://creditorselfserve-uat.canadalife.com/Content/site.css?V=1
Origin
https://creditorselfserve-uat.canadalife.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Aug 2022 05:23:38 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
p3p
CP="NON CUR OTPi OUR NOR UNI"
expires
-1
cache-control
no-cache, no-store
content-security-policy
frame-ancestors https://*.gwl.ca https://*.canadalife.com https://*.googleapis.com https://*.cloudflare.com; object-src 'self'; script-src 'self' https://www.google-analytics.com https://zn5ilszeqmgtgcub4-gwlcx.siteintercept.qualtrics.com https://siteintercept.qualtrics.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com https://fonts.googleapis.com https://cdnjs.cloudflare.com 'unsafe-inline' https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
strict-transport-security
max-age=15552000; includeSubDomains
content-type
text/html
content-length
1245
X-XSS-Protection
1
x-ua-compatible
IE=edge

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| html5 object| Modernizr string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| $ function| jQuery object| respond function| GetFormInfo function| OnSubmitClick function| closeNotificationBox function| populateDaySelect function| dateOfBirthFields function| validateDOB function| getMonthNum function| validatePassword function| isNumberKey function| validateEmail function| addCheck function| preventCopyPaste function| showHidePassword function| showHidePsdValidation function| spaceControl function| validateInput function| validateForm function| errorDisplay function| errorHide function| validateInputs function| progressBar function| validateCheckbox function| validateChbxConfirmNum function| collapse function| hideCollapse function| ariaOnPasswordFocus function| goBack object| $jscomp

8 Cookies

Domain/Path Name / Value
creditorselfserve-uat.canadalife.com/ Name: ASP.NET_SessionId
Value: itngeryu3kaymbn3l20c5dud
creditorselfserve-uat.canadalife.com/ Name: PD_STATEFUL_35ddaf36-cea1-11e5-b184-1a8a536cc902
Value: vhost-creditorselfserve-uat.canadalife.com-https
creditorselfserve-uat.canadalife.com/ Name: ncSuqge9lN
Value: 3456377866.47873.0000
creditorselfserve-uat.canadalife.com/ Name: TS01aa7f7d
Value: 0139919b0ca9c59997d7d1c92286edbae5e0e28b4967af6e3190b116388ebfb68e90bf0e321ad646b19c8a6b4fff00c1ee5dee28ce
creditorselfserve-uat.canadalife.com/ Name: __RequestVerificationToken
Value: UI505VXNZmGRMcrBAt0JYC3a_yyUrbT8ERaW_uB0KYGuU38yOg26_fXkg1pOM7uFKuSX_uDlM5qdlueZCm1oOXQH8uucsojDcqHynuTCBHY1
.canadalife.com/ Name: _ga
Value: GA1.2.1910995930.1661318619
.canadalife.com/ Name: _gid
Value: GA1.2.464545865.1661318619
.canadalife.com/ Name: _gat
Value: 1

4 Console Messages

Source Level URL
Text
network error URL: https://creditorselfserve-uat.canadalife.com/font/Foco.ttf
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://creditorselfserve-uat.canadalife.com/images/arrow.svg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://creditorselfserve-uat.canadalife.com/fonts/Foco.ttf
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://creditorselfserve-uat.canadalife.com/images/error-x.svg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors https://*.gwl.ca https://*.canadalife.com https://*.googleapis.com https://*.cloudflare.com; object-src 'self'; script-src 'self' https://www.google-analytics.com https://zn5ilszeqmgtgcub4-gwlcx.siteintercept.qualtrics.com https://siteintercept.qualtrics.com 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://fonts.googleapis.com https://fonts.googleapis.com https://cdnjs.cloudflare.com 'unsafe-inline' https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
creditorselfserve-uat.canadalife.com
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
stats.g.doubleclick.net
www.google-analytics.com
156.11.9.124
2606:4700::6811:190e
2606:4700::6812:acf
2607:f8b0:4004:c06::9a
2607:f8b0:4006:807::200a
2607:f8b0:4006:80c::2003
2607:f8b0:4006:80d::200e
03fd71b5486c03a9739d7f60d903b94611cf7abe4a70dd044d5be7f7a9f7cba8
2edd52efe59005b4873ceecc9c2da7d2ae625106ff494db305dc71cb40b48a4c
619a808802b71dd9406f6988a933d1c3893b39066325988f1256598b644e3c83
6b096b47206d8f78a2c49af2f2ae46b35d93b0e3cf105a9febef59144aa2eae2
6b675d87fa798a1f5cd97cf0ce70d2db5067e0218f89880baf474b170d5a3f81
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
757e51c6cd19f92e682e173b8c2c6423e384ddf64d5f67d456979d6575d2a455
7f643bebe54386bc0855dffd5334d99a8b589eb9d5460b2eadf6683cdefa255e
928b4e012680981ff9f4fdc4f26879d096db4f6f2327fa1132e40abfa42a0300
9812ead3a26d84b3ac5472e4b476214030ff5be48052cef581862b2fcb0da6c9
9e83216908224ffbc39992a5e60f93ca21b8e2240ba28025ba679c4b70f7112d
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b42826a380c3f7153c1ed4c3b28ffc6d15daf5bf1f52487b81d8638e025442b8
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
cdd31dce65b6e3bd3c540a14b265a314bd9bd3718e5eaff74ad0fad9109a838f
d384e7e41b82cb578964bead5c6774f433306485ac5cf75b6c3fa0ededbb5302
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
e5840bc1fc5ecf2ce08305f4eddf2fd9444ac3a2d79e541ae6775a6011ac4531
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c