tc.benefitscanada.com Open in urlscan Pro
208.91.248.10 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://tc.benefitscanada.com/T/OFC4/L2S/7291/B23646/gyT5/13454/263815/jZ2YlK/1/101756557/JEVPQ7oZ/I/13450/tNjtLv.html?h=birnb...
Effective URL:
http://tc.benefitscanada.com/T/WF/4426/YZWzJM/Subscription/CL473613/UZnlsX/Form.ofsys?fpid=819933&m32_fp_id=lEPJWS&ctx=newsle...
Submission: On December 10 via api (December 10th 2021, 6:25:42 pm UTC) from US — Scanned from CA

Summary HTTP 33 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 9 IPs in 2 countries across 9 domains to perform 33 HTTP transactions. The main IP is 208.91.248.10, located in Canada and belongs to RSI-CA-SITE1, CA. The main domain is tc.benefitscanada.com.

This is the only time tc.benefitscanada.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 21	208.91.248.10 208.91.248.10	46095 (RSI-CA-SITE1) (RSI-CA-SITE1)
1	2607:f8b0:400... 2607:f8b0:4006:80a::2008	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:809::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:807::200e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:402... 2607:f8b0:4023:1404::9b	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80a::2004	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81e::2003	15169 (GOOGLE) (GOOGLE)
33	9

21 208.91.248.10 (Canada) 1 redirects

ASN46095 (RSI-CA-SITE1, CA)
PTR: secure.ofsys.com

tc.benefitscanada.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80a::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:809::200a (United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:807::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4023:1404::9b (Columbus, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80a::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81e::2003 (United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	benefitscanada.com 1 redirects tc.benefitscanada.com	659 KB
5	bootstrapcdn.com maxcdn.bootstrapcdn.com	57 KB
2	google-analytics.com www.google-analytics.com	20 KB
1	google.ca www.google.ca	501 B
1	google.com www.google.com	501 B
1	doubleclick.net stats.g.doubleclick.net	445 B
1	cloudflare.com cdnjs.cloudflare.com	12 KB
1	googleapis.com ajax.googleapis.com	30 KB
1	googletagmanager.com www.googletagmanager.com	36 KB
33	9

	Domain	Requested by
21	tc.benefitscanada.com	1 redirects tc.benefitscanada.com
5	maxcdn.bootstrapcdn.com	tc.benefitscanada.com maxcdn.bootstrapcdn.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	www.google.ca	tc.benefitscanada.com
1	www.google.com	tc.benefitscanada.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	cdnjs.cloudflare.com	tc.benefitscanada.com
1	ajax.googleapis.com	tc.benefitscanada.com
1	www.googletagmanager.com	tc.benefitscanada.com
33	9

This site contains links to these domains. Also see Links.

Domain
ladingpage.tcmlesaffaires.pages.dialoginsight.com

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://tc.benefitscanada.com/T/WF/4426/YZWzJM/Subscription/CL473613/UZnlsX/Form.ofsys?fpid=819933&m32_fp_id=lEPJWS&ctx=newsletter&m32_fp_ctx=DI_MASTER_Relational
Frame ID: 02D83F33CD0B2EE63CE1814C1DB61BE9
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Benefits Canada

Page URL History Show full URLs

http://tc.benefitscanada.com/T/OFC4/L2S/7291/B23646/gyT5/13454/263815/jZ2YlK/1/101756557/JEVPQ7oZ/I/13450... HTTP 302
http://tc.benefitscanada.com/T/WF/4426/YZWzJM/Subscription/CL473613/UZnlsX/Form.ofsys?fpid=819933&m32_fp_... Page URL

Page Statistics

33
Requests

36 %
HTTPS

89 %
IPv6

9
Domains

9
Subdomains

9
IPs

2
Countries

815 kB
Transfer

1139 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://ladingpage.tcmlesaffaires.pages.dialoginsight.com/Privacy_Policy
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://tc.benefitscanada.com/T/OFC4/L2S/7291/B23646/gyT5/13454/263815/jZ2YlK/1/101756557/JEVPQ7oZ/I/13450/tNjtLv.html?h=birnbQK6K8t2C6xKjbHKZ7A93m4RKoEHSdNujMW34xc&p1=473613&p2=UZnlsX HTTP 302
http://tc.benefitscanada.com/T/WF/4426/YZWzJM/Subscription/CL473613/UZnlsX/Form.ofsys?fpid=819933&m32_fp_id=lEPJWS&ctx=newsletter&m32_fp_ctx=DI_MASTER_Relational Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

http://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css HTTP 307
https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css

33 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request Form.ofsys Show response
tc.benefitscanada.com/T/WF/4426/YZWzJM/Subscription/CL473613/UZnlsX/
Redirect Chain

http://tc.benefitscanada.com/T/OFC4/L2S/7291/B23646/gyT5/13454/263815/jZ2YlK/1/101756557/JEVPQ7oZ/I/13450/tNjtLv.html?h=birnbQK6K8t2C6xKjbHKZ7A93m4RKoEHSdNujMW34xc&p1=473613&p2=UZnlsX
http://tc.benefitscanada.com/T/WF/4426/YZWzJM/Subscription/CL473613/UZnlsX/Form.ofsys?fpid=819933&m32_fp_id=lEPJWS&ctx=newsletter&m32_fp_ctx=DI_MASTER_Relational

25 KB
26 KB

294ms
294ms

Document
text/html

208.91.248.10
RSI-CA-SITE1

General

Check archive.org

Show headers Download Go to

Full URL

http://tc.benefitscanada.com/T/WF/4426/YZWzJM/Subscription/CL473613/UZnlsX/Form.ofsys?fpid=819933&m32_fp_id=lEPJWS&ctx=newsletter&m32_fp_ctx=DI_MASTER_Relational

Protocol

HTTP/1.1

Server

208.91.248.10 , Canada, ASN46095 (RSI-CA-SITE1, CA),

Reverse DNS

secure.ofsys.com

Software

/ ASP.NET

Resource Hash

4226ff10d3245ffd45e8a7588603c92c64f44867e08765cebd99dd8c82288b2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-CA,en;q=0.9

Response headers

Cache-Control: private
Content-Length: 25961
Content-Type: text/html; charset=utf-8
Date: Fri, 10 Dec 2021 18:25:35 GMT
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
X-Powered-By: ASP.NET
X-Robots-Tag: noindex
X-Ua-Compatible: IE=Edge
X-Xss-Protection: 1; mode=block

Redirect headers

Cache-Control: no-store
Content-Length: 0
Date: Fri, 10 Dec 2021 18:25:35 GMT
Location: http://tc.benefitscanada.com/T/WF/4426/YZWzJM/Subscription/CL473613/UZnlsX/Form.ofsys?fpid=819933&m32_fp_id=lEPJWS&ctx=newsletter&m32_fp_ctx=DI_MASTER_Relational
Server

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 422ms
146ms Script
application/javascript 2607:f8b0:4006:80a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-2314729-4

Requested by

Host: tc.benefitscanada.com
URL: http://tc.benefitscanada.com/T/WF/4426/YZWzJM/Subscription/CL473613/UZnlsX/Form.ofsys?fpid=819933&m32_fp_id=lEPJWS&ctx=newsletter&m32_fp_ctx=DI_MASTER_Relational

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c8d8388981b9af3b3f4ce498d46e3a71082d387bed4468ed68946264bcaf79ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 18:25:37 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36214
x-xss-protection: 0
last-modified: Fri, 10 Dec 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 10 Dec 2021 18:25:37 GMT

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 118 KB
20 KB 480ms
237ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: http://tc.benefitscanada.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 18:25:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 674, 617, 617
age: 24306
cdn-cachedat: 2021-06-08 15:06:10
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 4a2fbe6a2bb19cb3aca0868f65fd9edb
cf-ray: 6bb8844e3c497133-YUL
cdn-requestcountrycode: CA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 bootstrap-theme.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 23 KB
3 KB 375ms
131ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap-theme.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

653e073e97423adda5bc3917a241ee8497dd38a48f14bcde0098a4e54fd0fa5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: http://tc.benefitscanada.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 18:25:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 674, 617, 617
age: 24306
cdn-cachedat: 2021-06-07 23:37:45
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 399c53266f602e40d01e3c15c1ffb38d
cf-ray: 6bb8844e3c4b7133-YUL
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 85 KB
30 KB 419ms
131ms Script
text/javascript 2607:f8b0:4006:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 04:13:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51135
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30306
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Dec 2022 04:13:22 GMT

GET
H2 200 jquery.validate.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.16.0/ 47 KB
12 KB 378ms
125ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.16.0/jquery.validate.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3980637d10c8be157e33048db192981d022c22a028fce4f54b77b65c75041c5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 18:25:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3182894
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10997
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-ba49"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ijwd4aydUeG6Hy9m4r94p5NUl56wMhV2bK2qamMEUYamrcw%2F7MYjDp%2BSouMZaknafow7wCCPPofRdlvn29oaVSuZl8GFkXXhkt9K0PLv3vLDO2iMWJHu%2FeV%2B1wHEsAlMleEVMBAOFoIQu05I%2FWfddSiv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6bb8844e48127139-YUL
expires: Wed, 30 Nov 2022 18:25:37 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 36 KB
10 KB 382ms
139ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: http://tc.benefitscanada.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 18:25:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 617, 617, 617, 617, 617, 617, 617, 617, 617
age: 355736
cdn-cachedat: 2021-06-08 14:35:59
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 8f981be5252906a2a2a5b8c13edbe79f
cf-ray: 6bb8844e3c4c7133-YUL
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2

200

font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/
Redirect Chain

http://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css

23 KB
6 KB

371ms
128ms

Stylesheet
text/css

2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css

Requested by

Protocol

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 18:25:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 617, 617
age: 19987333
cdn-cachedat: 2021-03-10 13:26:28
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 9de03c320bd826dd854266be13ad082b
cf-ray: 6bb8844e3ab14bbe-YUL
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

Redirect headers

Location: https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK ben-logo.png
tc.benefitscanada.com/T/OFSYS/H/C1024/82/yU4Wi1/ 13 KB
13 KB 283ms
283ms Image
image/png 208.91.248.10
RSI-CA-SITE1

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://tc.benefitscanada.com/T/OFSYS/H/C1024/82/yU4Wi1/ben-logo.png

Requested by

Protocol

HTTP/1.1

Server

208.91.248.10 , Canada, ASN46095 (RSI-CA-SITE1, CA),

Reverse DNS

secure.ofsys.com

Software

/ ASP.NET

Resource Hash

604c158f824d4593151189384d8282f2d0c7102dbda9f3f87efb30f97f390108

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://tc.benefitscanada.com/T/WF/4426/YZWzJM/Subscription/CL473613/UZnlsX/Form.ofsys?fpid=819933&m32_fp_id=lEPJWS&ctx=newsletter&m32_fp_ctx=DI_MASTER_Relational
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 18:25:37 GMT
Referrer-Policy: same-origin
X-Powered-By: ASP.NET
Content-Type: image/png
Access-Control-Allow-Origin: *
Expires: Sat, 11 Dec 2021 18:25:37 GMT
Cache-Control: public
X-Content-Type-Options: nosniff
Content-Disposition: filename="ben_logo.png";
X-Robots-Tag: noindex
Content-Length: 13396
X-Xss-Protection: 1; mode=block
X-Ua-Compatible: IE=Edge

GET
H/1.1 200
OK benefits-enews-69x69.png
tc.benefitscanada.com/T/OFSYS/H/C1024/85/Q9AarJ/ 3 KB
4 KB 437ms
192ms Image
image/png 208.91.248.10
RSI-CA-SITE1

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://tc.benefitscanada.com/T/OFSYS/H/C1024/85/Q9AarJ/benefits-enews-69x69.png

Requested by

Protocol

HTTP/1.1

Server

208.91.248.10 , Canada, ASN46095 (RSI-CA-SITE1, CA),

Reverse DNS

secure.ofsys.com

Software

/ ASP.NET

Resource Hash

5e4927f053cb3420477ca168270950f104940cb5eb9fcb0625b26782cbe78cec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://tc.benefitscanada.com/T/WF/4426/YZWzJM/Subscription/CL473613/UZnlsX/Form.ofsys?fpid=819933&m32_fp_id=lEPJWS&ctx=newsletter&m32_fp_ctx=DI_MASTER_Relational
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 18:25:37 GMT
Referrer-Policy: same-origin
X-Powered-By: ASP.NET
Content-Type: image/png
Access-Control-Allow-Origin: *
Expires: Sat, 11 Dec 2021 18:25:37 GMT
Cache-Control: public
X-Content-Type-Options: nosniff
Content-Disposition: filename="Benefits_enews_69x69.png";
X-Robots-Tag: noindex
Content-Length: 3379
X-Xss-Protection: 1; mode=block
X-Ua-Compatible: IE=Edge

GET
H/1.1 200
OK benefits-breaking-news-69x69.png
tc.benefitscanada.com/T/OFSYS/H/C1024/83/QMAvUq/ 3 KB
4 KB 436ms
154ms Image
image/png 208.91.248.10
RSI-CA-SITE1

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://tc.benefitscanada.com/T/OFSYS/H/C1024/83/QMAvUq/benefits-breaking-news-69x69.png

Requested by

Protocol

HTTP/1.1

Server

208.91.248.10 , Canada, ASN46095 (RSI-CA-SITE1, CA),

Reverse DNS

secure.ofsys.com

Software

/ ASP.NET

Resource Hash

1ada34fc2b2d41e28982115ba9e28c4a3fda30f690729b4e6fbf2a9daf0a28fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://tc.benefitscanada.com/T/WF/4426/YZWzJM/Subscription/CL473613/UZnlsX/Form.ofsys?fpid=819933&m32_fp_id=lEPJWS&ctx=newsletter&m32_fp_ctx=DI_MASTER_Relational
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 18:25:37 GMT
Referrer-Policy: same-origin
X-Powered-By: ASP.NET
Content-Type: image/png
Access-Control-Allow-Origin: *
Expires: Sat, 11 Dec 2021 18:25:37 GMT
Cache-Control: public
X-Content-Type-Options: nosniff
Content-Disposition: filename="Benefits_breaking-news_69x69.png";
X-Robots-Tag: noindex
Content-Length: 3415
X-Xss-Protection: 1; mode=block
X-Ua-Compatible: IE=Edge

GET
H/1.1 200
OK benefits-canada-conference-newsletter-image-small-20170518.png
tc.benefitscanada.com/T/OFSYS/H/C1024/97/nw5Imp/ 5 KB
5 KB 546ms
238ms Image
image/png 208.91.248.10
RSI-CA-SITE1

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://tc.benefitscanada.com/T/OFSYS/H/C1024/97/nw5Imp/benefits-canada-conference-newsletter-image-small-20170518.png

Requested by

Protocol

HTTP/1.1

Server

208.91.248.10 , Canada, ASN46095 (RSI-CA-SITE1, CA),

Reverse DNS

secure.ofsys.com

Software

/ ASP.NET

Resource Hash

057c2c6900fc85735255d64da820100cb30bac43e8ec6d763f2693e32cf42d7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://tc.benefitscanada.com/T/WF/4426/YZWzJM/Subscription/CL473613/UZnlsX/Form.ofsys?fpid=819933&m32_fp_id=lEPJWS&ctx=newsletter&m32_fp_ctx=DI_MASTER_Relational
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 18:25:37 GMT
Referrer-Policy: same-origin
X-Powered-By: ASP.NET
Content-Type: image/png
Access-Control-Allow-Origin: *
Expires: Sat, 11 Dec 2021 18:25:37 GMT
Cache-Control: public
X-Content-Type-Options: nosniff
Content-Disposition: filename="benefits-canada-conference-newsletter-image-small-20170518.png";
X-Robots-Tag: noindex
Content-Length: 4744
X-Xss-Protection: 1; mode=block
X-Ua-Compatible: IE=Edge

GET
H/1.1 200
OK benefits-events-69x69.png
tc.benefitscanada.com/T/OFSYS/H/C1024/87/KFndSN/ 4 KB
4 KB 524ms
176ms Image
image/png 208.91.248.10
RSI-CA-SITE1

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://tc.benefitscanada.com/T/OFSYS/H/C1024/87/KFndSN/benefits-events-69x69.png

Requested by

Protocol

HTTP/1.1

Server

208.91.248.10 , Canada, ASN46095 (RSI-CA-SITE1, CA),

Reverse DNS

secure.ofsys.com

Software

/ ASP.NET

Resource Hash

77f90d3540af12e3e8098a19b3a91b77f87e285514ad2f0e0f983734d1827762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://tc.benefitscanada.com/T/WF/4426/YZWzJM/Subscription/CL473613/UZnlsX/Form.ofsys?fpid=819933&m32_fp_id=lEPJWS&ctx=newsletter&m32_fp_ctx=DI_MASTER_Relational
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 18:25:37 GMT
Referrer-Policy: same-origin
X-Powered-By: ASP.NET
Content-Type: image/png
Access-Control-Allow-Origin: *
Expires: Sat, 11 Dec 2021 18:25:37 GMT
Cache-Control: public
X-Content-Type-Options: nosniff
Content-Disposition: filename="Benefits_events_69x69.png";
X-Robots-Tag: noindex
Content-Length: 4150
X-Xss-Protection: 1; mode=block
X-Ua-Compatible: IE=Edge

GET
H/1.1 200
OK benefits-survey-69x69.png
tc.benefitscanada.com/T/OFSYS/H/C1024/95/XYrzwl/ 3 KB
3 KB 522ms
167ms Image
image/png 208.91.248.10
RSI-CA-SITE1

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://tc.benefitscanada.com/T/OFSYS/H/C1024/95/XYrzwl/benefits-survey-69x69.png

Requested by

Protocol

HTTP/1.1

Server

208.91.248.10 , Canada, ASN46095 (RSI-CA-SITE1, CA),

Reverse DNS

secure.ofsys.com

Software

/ ASP.NET

Resource Hash

6d9f1c0b3cae6e3e1fbb0a416d8993fd0fa3ff530f9d147a383133590e09d53c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://tc.benefitscanada.com/T/WF/4426/YZWzJM/Subscription/CL473613/UZnlsX/Form.ofsys?fpid=819933&m32_fp_id=lEPJWS&ctx=newsletter&m32_fp_ctx=DI_MASTER_Relational
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 18:25:37 GMT
Referrer-Policy: same-origin
X-Powered-By: ASP.NET
Content-Type: image/png
Access-Control-Allow-Origin: *
Expires: Sat, 11 Dec 2021 18:25:37 GMT
Cache-Control: public
X-Content-Type-Options: nosniff
Content-Disposition: filename="Benefits_survey_69x69.png";
X-Robots-Tag: noindex
Content-Length: 2919
X-Xss-Protection: 1; mode=block
X-Ua-Compatible: IE=Edge

GET
H/1.1 200
OK benefits-free-content-69x69.png
tc.benefitscanada.com/T/OFSYS/H/C1024/89/lM45G9/ 3 KB
4 KB 270ms
189ms Image
image/png 208.91.248.10
RSI-CA-SITE1

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://tc.benefitscanada.com/T/OFSYS/H/C1024/89/lM45G9/benefits-free-content-69x69.png

Requested by

Protocol

HTTP/1.1

Server

208.91.248.10 , Canada, ASN46095 (RSI-CA-SITE1, CA),

Reverse DNS

secure.ofsys.com

Software

/ ASP.NET

Resource Hash

686a8c7f29836d3060705a7b28911085a5896407197d0b675ed577aca53e6873

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://tc.benefitscanada.com/T/WF/4426/YZWzJM/Subscription/CL473613/UZnlsX/Form.ofsys?fpid=819933&m32_fp_id=lEPJWS&ctx=newsletter&m32_fp_ctx=DI_MASTER_Relational
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 18:25:37 GMT
Referrer-Policy: same-origin
X-Powered-By: ASP.NET
Content-Type: image/png
Access-Control-Allow-Origin: *
Expires: Sat, 11 Dec 2021 18:25:37 GMT
Cache-Control: public
X-Content-Type-Options: nosniff
Content-Disposition: filename="Benefits_free-content_69x69.png";
X-Robots-Tag: noindex
Content-Length: 3428
X-Xss-Protection: 1; mode=block
X-Ua-Compatible: IE=Edge

GET
H/1.1 200
OK benefits-special-offers-69x69.png
tc.benefitscanada.com/T/OFSYS/H/C1024/91/I7FO4g/ 5 KB
5 KB 244ms
164ms Image
image/png 208.91.248.10
RSI-CA-SITE1

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://tc.benefitscanada.com/T/OFSYS/H/C1024/91/I7FO4g/benefits-special-offers-69x69.png

Requested by

Protocol

HTTP/1.1

Server

208.91.248.10 , Canada, ASN46095 (RSI-CA-SITE1, CA),

Reverse DNS

secure.ofsys.com

Software

/ ASP.NET

Resource Hash

784674d9212ec7998bb2dc405479070f69c27e346f1b0d2eae63ce50e05325d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://tc.benefitscanada.com/T/WF/4426/YZWzJM/Subscription/CL473613/UZnlsX/Form.ofsys?fpid=819933&m32_fp_id=lEPJWS&ctx=newsletter&m32_fp_ctx=DI_MASTER_Relational
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 18:25:37 GMT
Referrer-Policy: same-origin
X-Powered-By: ASP.NET
Content-Type: image/png
Access-Control-Allow-Origin: *
Expires: Sat, 11 Dec 2021 18:25:37 GMT
Cache-Control: public
X-Content-Type-Options: nosniff
Content-Disposition: filename="Benefits_Special-Offers_69x69.png";
X-Robots-Tag: noindex
Content-Length: 4720
X-Xss-Protection: 1; mode=block
X-Ua-Compatible: IE=Edge

GET
H/1.1 200
OK benefits-sponsored-messages-69x69.png
tc.benefitscanada.com/T/OFSYS/H/C1024/93/2yMbyD/ 4 KB
4 KB 314ms
233ms Image
image/png 208.91.248.10
RSI-CA-SITE1

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://tc.benefitscanada.com/T/OFSYS/H/C1024/93/2yMbyD/benefits-sponsored-messages-69x69.png

Requested by

Protocol

HTTP/1.1

Server

208.91.248.10 , Canada, ASN46095 (RSI-CA-SITE1, CA),

Reverse DNS

secure.ofsys.com

Software

/ ASP.NET

Resource Hash

4e237dfed58eac33d196eac545afb5783ea4eee5297b96ca62a485ac28a2c33c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://tc.benefitscanada.com/T/WF/4426/YZWzJM/Subscription/CL473613/UZnlsX/Form.ofsys?fpid=819933&m32_fp_id=lEPJWS&ctx=newsletter&m32_fp_ctx=DI_MASTER_Relational
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 18:25:37 GMT
Referrer-Policy: same-origin
X-Powered-By: ASP.NET
Content-Type: image/png
Access-Control-Allow-Origin: *
Expires: Sat, 11 Dec 2021 18:25:37 GMT
Cache-Control: public
X-Content-Type-Options: nosniff
Content-Disposition: filename="Benefits_sponsored-messages_69x69.png";
X-Robots-Tag: noindex
Content-Length: 3689
X-Xss-Protection: 1; mode=block
X-Ua-Compatible: IE=Edge

GET
H/1.1 200
OK benefits-enews-600h.png
tc.benefitscanada.com/T/OFSYS/H/C1024/86/OEFB6K/ 59 KB
60 KB 180ms
180ms Image
image/png 208.91.248.10
RSI-CA-SITE1

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://tc.benefitscanada.com/T/OFSYS/H/C1024/86/OEFB6K/benefits-enews-600h.png

Requested by

Protocol

HTTP/1.1

Server

208.91.248.10 , Canada, ASN46095 (RSI-CA-SITE1, CA),

Reverse DNS

secure.ofsys.com

Software

/ ASP.NET

Resource Hash

84c414e95718c046f8831a46ad9b9eb98459e1c935422df089467ccc3c29248f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://tc.benefitscanada.com/T/WF/4426/YZWzJM/Subscription/CL473613/UZnlsX/Form.ofsys?fpid=819933&m32_fp_id=lEPJWS&ctx=newsletter&m32_fp_ctx=DI_MASTER_Relational
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 18:25:37 GMT
Referrer-Policy: same-origin
X-Powered-By: ASP.NET
Content-Type: image/png
Access-Control-Allow-Origin: *
Expires: Sat, 11 Dec 2021 18:25:37 GMT
Cache-Control: public
X-Content-Type-Options: nosniff
Content-Disposition: filename="Benefits_enews_600H.png";
X-Robots-Tag: noindex
Content-Length: 60798
X-Xss-Protection: 1; mode=block
X-Ua-Compatible: IE=Edge

GET
H/1.1 200
OK benefits-breaking-news-600h.png
tc.benefitscanada.com/T/OFSYS/H/C1024/84/90kfyI/ 70 KB
70 KB 146ms
145ms Image
image/png 208.91.248.10
RSI-CA-SITE1

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://tc.benefitscanada.com/T/OFSYS/H/C1024/84/90kfyI/benefits-breaking-news-600h.png

Requested by

Protocol

HTTP/1.1

Server

208.91.248.10 , Canada, ASN46095 (RSI-CA-SITE1, CA),

Reverse DNS

secure.ofsys.com

Software

/ ASP.NET

Resource Hash

b27ab2e3fce175371bfd19be54969243ab8cc2f178e8e62a9f9b9eba0f1d6a37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://tc.benefitscanada.com/T/WF/4426/YZWzJM/Subscription/CL473613/UZnlsX/Form.ofsys?fpid=819933&m32_fp_id=lEPJWS&ctx=newsletter&m32_fp_ctx=DI_MASTER_Relational
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 18:25:37 GMT
Referrer-Policy: same-origin
X-Powered-By: ASP.NET
Content-Type: image/png
Access-Control-Allow-Origin: *
Expires: Sat, 11 Dec 2021 18:25:37 GMT
Cache-Control: public
X-Content-Type-Options: nosniff
Content-Disposition: filename="Benefits_breaking-news_600H.png";
X-Robots-Tag: noindex
Content-Length: 71215
X-Xss-Protection: 1; mode=block
X-Ua-Compatible: IE=Edge

GET
H/1.1 200
OK benefits-canada-conference-newsletter-image-20170518.png
tc.benefitscanada.com/T/OFSYS/H/C1024/98/YnN3E0/ 74 KB
74 KB 196ms
196ms Image
image/png 208.91.248.10
RSI-CA-SITE1

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://tc.benefitscanada.com/T/OFSYS/H/C1024/98/YnN3E0/benefits-canada-conference-newsletter-image-20170518.png

Requested by

Protocol

HTTP/1.1

Server

208.91.248.10 , Canada, ASN46095 (RSI-CA-SITE1, CA),

Reverse DNS

secure.ofsys.com

Software

/ ASP.NET

Resource Hash

94637706f71f6fda37d668b36de53f5011fa1f39fab5ad5d613c0487fe71a2ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://tc.benefitscanada.com/T/WF/4426/YZWzJM/Subscription/CL473613/UZnlsX/Form.ofsys?fpid=819933&m32_fp_id=lEPJWS&ctx=newsletter&m32_fp_ctx=DI_MASTER_Relational
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 18:25:37 GMT
Referrer-Policy: same-origin
X-Powered-By: ASP.NET
Content-Type: image/png
Access-Control-Allow-Origin: *
Expires: Sat, 11 Dec 2021 18:25:37 GMT
Cache-Control: public
X-Content-Type-Options: nosniff
Content-Disposition: filename="benefits-canada-conference-newsletter-image-20170518.png";
X-Robots-Tag: noindex
Content-Length: 75670
X-Xss-Protection: 1; mode=block
X-Ua-Compatible: IE=Edge

GET
H/1.1 200
OK benefits-events-600h.png
tc.benefitscanada.com/T/OFSYS/H/C1024/88/NEFpgH/ 81 KB
81 KB 131ms
131ms Image
image/png 208.91.248.10
RSI-CA-SITE1

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://tc.benefitscanada.com/T/OFSYS/H/C1024/88/NEFpgH/benefits-events-600h.png

Requested by

Protocol

HTTP/1.1

Server

208.91.248.10 , Canada, ASN46095 (RSI-CA-SITE1, CA),

Reverse DNS

secure.ofsys.com

Software

/ ASP.NET

Resource Hash

fcd976b9d3769e6a2aad138cb5996e8c6630fa1ca9304e1310b89da464e1fd8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://tc.benefitscanada.com/T/WF/4426/YZWzJM/Subscription/CL473613/UZnlsX/Form.ofsys?fpid=819933&m32_fp_id=lEPJWS&ctx=newsletter&m32_fp_ctx=DI_MASTER_Relational
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 18:25:37 GMT
Referrer-Policy: same-origin
X-Powered-By: ASP.NET
Content-Type: image/png
Access-Control-Allow-Origin: *
Expires: Sat, 11 Dec 2021 18:25:37 GMT
Cache-Control: public
X-Content-Type-Options: nosniff
Content-Disposition: filename="Benefits_events_600H.png";
X-Robots-Tag: noindex
Content-Length: 82561
X-Xss-Protection: 1; mode=block
X-Ua-Compatible: IE=Edge

GET
H/1.1 200
OK benefits-survey-600h.png
tc.benefitscanada.com/T/OFSYS/H/C1024/96/ncFYsZ/ 46 KB
47 KB 283ms
283ms Image
image/png 208.91.248.10
RSI-CA-SITE1

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://tc.benefitscanada.com/T/OFSYS/H/C1024/96/ncFYsZ/benefits-survey-600h.png

Requested by

Protocol

HTTP/1.1

Server

208.91.248.10 , Canada, ASN46095 (RSI-CA-SITE1, CA),

Reverse DNS

secure.ofsys.com

Software

/ ASP.NET

Resource Hash

920897ed000e7be9c2d3fc3d95df56a92a42330ed4e3c719064bcce8e9598df7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://tc.benefitscanada.com/T/WF/4426/YZWzJM/Subscription/CL473613/UZnlsX/Form.ofsys?fpid=819933&m32_fp_id=lEPJWS&ctx=newsletter&m32_fp_ctx=DI_MASTER_Relational
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 18:25:37 GMT
Referrer-Policy: same-origin
X-Powered-By: ASP.NET
Content-Type: image/png
Access-Control-Allow-Origin: *
Expires: Sat, 11 Dec 2021 18:25:37 GMT
Cache-Control: public
X-Content-Type-Options: nosniff
Content-Disposition: filename="Benefits_survey_600H.png";
X-Robots-Tag: noindex
Content-Length: 47360
X-Xss-Protection: 1; mode=block
X-Ua-Compatible: IE=Edge

GET
H/1.1 200
OK benefits-free-content-600h.png
tc.benefitscanada.com/T/OFSYS/H/C1024/90/aJRflg/ 65 KB
66 KB 138ms
137ms Image
image/png 208.91.248.10
RSI-CA-SITE1

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://tc.benefitscanada.com/T/OFSYS/H/C1024/90/aJRflg/benefits-free-content-600h.png

Requested by

Protocol

HTTP/1.1

Server

208.91.248.10 , Canada, ASN46095 (RSI-CA-SITE1, CA),

Reverse DNS

secure.ofsys.com

Software

/ ASP.NET

Resource Hash

f4b005cc04d9af7bc9a32f377a057d49c6f8413fe01278b7b25cf5ded8fed808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://tc.benefitscanada.com/T/WF/4426/YZWzJM/Subscription/CL473613/UZnlsX/Form.ofsys?fpid=819933&m32_fp_id=lEPJWS&ctx=newsletter&m32_fp_ctx=DI_MASTER_Relational
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 18:25:37 GMT
Referrer-Policy: same-origin
X-Powered-By: ASP.NET
Content-Type: image/png
Access-Control-Allow-Origin: *
Expires: Sat, 11 Dec 2021 18:25:37 GMT
Cache-Control: public
X-Content-Type-Options: nosniff
Content-Disposition: filename="Benefits_free-content_600H.png";
X-Robots-Tag: noindex
Content-Length: 66846
X-Xss-Protection: 1; mode=block
X-Ua-Compatible: IE=Edge

GET
H/1.1 200
OK benefits-special-offers-600h.png
tc.benefitscanada.com/T/OFSYS/H/C1024/92/ojMuYB/ 103 KB
104 KB 91ms
90ms Image
image/png 208.91.248.10
RSI-CA-SITE1

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://tc.benefitscanada.com/T/OFSYS/H/C1024/92/ojMuYB/benefits-special-offers-600h.png

Requested by

Protocol

HTTP/1.1

Server

208.91.248.10 , Canada, ASN46095 (RSI-CA-SITE1, CA),

Reverse DNS

secure.ofsys.com

Software

/ ASP.NET

Resource Hash

c0c790f59792cd80e28dc304e4889122acecc5538c9e160f8b61ef488b8ebbb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://tc.benefitscanada.com/T/WF/4426/YZWzJM/Subscription/CL473613/UZnlsX/Form.ofsys?fpid=819933&m32_fp_id=lEPJWS&ctx=newsletter&m32_fp_ctx=DI_MASTER_Relational
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 18:25:37 GMT
Referrer-Policy: same-origin
X-Powered-By: ASP.NET
Content-Type: image/png
Access-Control-Allow-Origin: *
Expires: Sat, 11 Dec 2021 18:25:38 GMT
Cache-Control: public
X-Content-Type-Options: nosniff
Content-Disposition: filename="Benefits_Special-Offers_600H.png";
X-Robots-Tag: noindex
Content-Length: 105760
X-Xss-Protection: 1; mode=block
X-Ua-Compatible: IE=Edge

GET
H/1.1 200
OK benefits-sponsored-messages-600h.png
tc.benefitscanada.com/T/OFSYS/H/C1024/94/dfNv54/ 64 KB
64 KB 183ms
182ms Image
image/png 208.91.248.10
RSI-CA-SITE1

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://tc.benefitscanada.com/T/OFSYS/H/C1024/94/dfNv54/benefits-sponsored-messages-600h.png

Requested by

Protocol

HTTP/1.1

Server

208.91.248.10 , Canada, ASN46095 (RSI-CA-SITE1, CA),

Reverse DNS

secure.ofsys.com

Software

/ ASP.NET

Resource Hash

6cfb2f41059f93ce01bedb28469d0b18f015fe98fa7af87e172ba93a5c711ce4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://tc.benefitscanada.com/T/WF/4426/YZWzJM/Subscription/CL473613/UZnlsX/Form.ofsys?fpid=819933&m32_fp_id=lEPJWS&ctx=newsletter&m32_fp_ctx=DI_MASTER_Relational
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 18:25:37 GMT
Referrer-Policy: same-origin
X-Powered-By: ASP.NET
Content-Type: image/png
Access-Control-Allow-Origin: *
Expires: Sat, 11 Dec 2021 18:25:38 GMT
Cache-Control: public
X-Content-Type-Options: nosniff
Content-Disposition: filename="Benefits_sponsored-messages_600H.png";
X-Robots-Tag: noindex
Content-Length: 65146
X-Xss-Protection: 1; mode=block
X-Ua-Compatible: IE=Edge

GET
H/1.1 200
OK contex-logo.png
tc.benefitscanada.com/T/OFSYS/H/C1024/4676/ZCc4Cm/ 19 KB
19 KB 298ms
217ms Image
image/png 208.91.248.10
RSI-CA-SITE1

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://tc.benefitscanada.com/T/OFSYS/H/C1024/4676/ZCc4Cm/contex-logo.png

Requested by

Protocol

HTTP/1.1

Server

208.91.248.10 , Canada, ASN46095 (RSI-CA-SITE1, CA),

Reverse DNS

secure.ofsys.com

Software

/ ASP.NET

Resource Hash

a13c38a270d29ece6d19306f4bd31281657b1f91aadfc6a4f2448952863a87e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://tc.benefitscanada.com/T/WF/4426/YZWzJM/Subscription/CL473613/UZnlsX/Form.ofsys?fpid=819933&m32_fp_id=lEPJWS&ctx=newsletter&m32_fp_ctx=DI_MASTER_Relational
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 18:25:37 GMT
Referrer-Policy: same-origin
X-Powered-By: ASP.NET
Content-Type: image/png
Access-Control-Allow-Origin: *
Expires: Sat, 11 Dec 2021 18:25:37 GMT
Cache-Control: public
X-Content-Type-Options: nosniff
Content-Disposition: filename="contex-logo.png";
X-Robots-Tag: noindex
Content-Length: 19317
X-Xss-Protection: 1; mode=block
X-Ua-Compatible: IE=Edge

GET
H/1.1 200
OK ben-header-bg.jpg
tc.benefitscanada.com/T/OFSYS/H/C1024/81/pRATrg/ 1 KB
2 KB 213ms
133ms Image
image/jpeg 208.91.248.10
RSI-CA-SITE1

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://tc.benefitscanada.com/T/OFSYS/H/C1024/81/pRATrg/ben-header-bg.jpg

Requested by

Protocol

HTTP/1.1

Server

208.91.248.10 , Canada, ASN46095 (RSI-CA-SITE1, CA),

Reverse DNS

secure.ofsys.com

Software

/ ASP.NET

Resource Hash

365923ceff4b913dc12ad5e8baa2374acc4b34f9c7b913c5d40f63daf36e94f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: http://tc.benefitscanada.com/T/WF/4426/YZWzJM/Subscription/CL473613/UZnlsX/Form.ofsys?fpid=819933&m32_fp_id=lEPJWS&ctx=newsletter&m32_fp_ctx=DI_MASTER_Relational
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 18:25:37 GMT
Referrer-Policy: same-origin
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Expires: Sat, 11 Dec 2021 18:25:37 GMT
Cache-Control: public
X-Content-Type-Options: nosniff
Content-Disposition: filename="ben_header_bg.jpg";
X-Robots-Tag: noindex
Content-Length: 1376
X-Xss-Protection: 1; mode=block
X-Ua-Compatible: IE=Edge

GET
H2 200 glyphicons-halflings-regular.woff2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/fonts/ 18 KB
18 KB 120ms
119ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/fonts/glyphicons-halflings-regular.woff2

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Origin: http://tc.benefitscanada.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 18:25:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 625, 617, 617
age: 353914
cdn-cachedat: 2021-06-07 20:53:28
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 18028
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 70981239437f08573f9a195864bfaf61
accept-ranges: bytes
cf-ray: 6bb884506f547133-YUL
cdn-requestcountrycode: CA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 352ms
105ms Script
text/javascript 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-2314729-4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 222
date: Fri, 10 Dec 2021 18:21:55 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 10 Dec 2021 20:21:55 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 181ms
87ms XHR
text/plain 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=319570622&t=pageview&_s=1&dl=http%3A%2F%2Ftc.benefitscanada.com%2FT%2FWF%2F4426%2FYZWzJM%2FSubscription%2FCL473613%2FUZnlsX%2FForm.ofsys%3Ffpid%3D819933%26m32_fp_id%3DlEPJWS%26ctx%3Dnewsletter%26m32_fp_ctx%3DDI_MASTER_Relational&ul=en-us&de=UTF-8&dt=Benefits%20Canada&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1515517126&gjid=636239065&cid=1770779372.1639160738&tid=UA-2314729-4&_gid=611484265.1639160738&_r=1&gtm=2ouc10&z=718189948

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 18:25:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://tc.benefitscanada.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
445 B 224ms
72ms XHR
text/plain 2607:f8b0:4023:1404::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-2314729-4&cid=1770779372.1639160738&jid=1515517126&gjid=636239065&_gid=611484265.1639160738&_u=YEBAAUAAAAAAAC~&z=396802256

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1404::9b Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 10 Dec 2021 18:25:38 GMT
content-type: text/plain
access-control-allow-origin: http://tc.benefitscanada.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 114ms
46ms Image
image/gif 2607:f8b0:4006:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-2314729-4&cid=1770779372.1639160738&jid=1515517126&_u=YEBAAUAAAAAAAC~&z=350888269

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 18:25:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
501 B 115ms
42ms Image
image/gif 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-2314729-4&cid=1770779372.1639160738&jid=1515517126&_u=YEBAAUAAAAAAAC~&z=350888269

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 18:25:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.benefitscanada.com/	1970-01-20 16:50:32	Name: _ga Value: GA1.2.1770779372.1639160738
.benefitscanada.com/	1970-01-19 23:20:47	Name: _gid Value: GA1.2.611484265.1639160738
.benefitscanada.com/	1970-01-19 23:19:20	Name: _gat_gtag_UA_2314729_4 Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
maxcdn.bootstrapcdn.com
stats.g.doubleclick.net
tc.benefitscanada.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
208.91.248.10
2606:4700::6810:125e
2606:4700::6812:acf
2607:f8b0:4006:807::200e
2607:f8b0:4006:809::200a
2607:f8b0:4006:80a::2004
2607:f8b0:4006:80a::2008
2607:f8b0:4006:81e::2003
2607:f8b0:4023:1404::9b
057c2c6900fc85735255d64da820100cb30bac43e8ec6d763f2693e32cf42d7b
1ada34fc2b2d41e28982115ba9e28c4a3fda30f690729b4e6fbf2a9daf0a28fc
365923ceff4b913dc12ad5e8baa2374acc4b34f9c7b913c5d40f63daf36e94f6
3980637d10c8be157e33048db192981d022c22a028fce4f54b77b65c75041c5a
4226ff10d3245ffd45e8a7588603c92c64f44867e08765cebd99dd8c82288b2f
4e237dfed58eac33d196eac545afb5783ea4eee5297b96ca62a485ac28a2c33c
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
5e4927f053cb3420477ca168270950f104940cb5eb9fcb0625b26782cbe78cec
604c158f824d4593151189384d8282f2d0c7102dbda9f3f87efb30f97f390108
653e073e97423adda5bc3917a241ee8497dd38a48f14bcde0098a4e54fd0fa5e
686a8c7f29836d3060705a7b28911085a5896407197d0b675ed577aca53e6873
6cfb2f41059f93ce01bedb28469d0b18f015fe98fa7af87e172ba93a5c711ce4
6d9f1c0b3cae6e3e1fbb0a416d8993fd0fa3ff530f9d147a383133590e09d53c
77f90d3540af12e3e8098a19b3a91b77f87e285514ad2f0e0f983734d1827762
784674d9212ec7998bb2dc405479070f69c27e346f1b0d2eae63ce50e05325d5
84c414e95718c046f8831a46ad9b9eb98459e1c935422df089467ccc3c29248f
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
920897ed000e7be9c2d3fc3d95df56a92a42330ed4e3c719064bcce8e9598df7
94637706f71f6fda37d668b36de53f5011fa1f39fab5ad5d613c0487fe71a2ea
a13c38a270d29ece6d19306f4bd31281657b1f91aadfc6a4f2448952863a87e8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
b27ab2e3fce175371bfd19be54969243ab8cc2f178e8e62a9f9b9eba0f1d6a37
c0c790f59792cd80e28dc304e4889122acecc5538c9e160f8b61ef488b8ebbb7
c8d8388981b9af3b3f4ce498d46e3a71082d387bed4468ed68946264bcaf79ab
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4b005cc04d9af7bc9a32f377a057d49c6f8413fe01278b7b25cf5ded8fed808
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fcd976b9d3769e6a2aad138cb5996e8c6630fa1ca9304e1310b89da464e1fd8a
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

tc.benefitscanada.com Open in urlscan Pro 208.91.248.10 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

33 Requests

36 %HTTPS

89 %IPv6

9 Domains

9 Subdomains

9 IPs

2 Countries

815 kBTransfer

1139 kBSize

3 Cookies

1 Outgoing links

Page URL History

Redirected requests

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

tc.benefitscanada.com Open in urlscan Pro
208.91.248.10 Public Scan

Screenshot
Live screenshot

Full Image

33
Requests

36 %
HTTPS

89 %
IPv6

9
Domains

9
Subdomains

9
IPs

2
Countries

815 kB
Transfer

1139 kB
Size

3
Cookies

33 HTTP transactions
0 data transactions