canadianbenefits.citrixdata.com Open in urlscan Pro
52.200.24.193 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://canadianbenefits.citrixdata.com/d/f14547f3c53644a9
Submission: On June 25 via api (June 25th 2020, 6:30:57 pm UTC) from US

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 13 HTTP transactions. The main IP is 52.200.24.193, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is canadianbenefits.citrixdata.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on August 29th 2019. Valid for: a year.

This is the only time canadianbenefits.citrixdata.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	52.200.24.193 52.200.24.193	14618 (AMAZON-AES) (AMAZON-AES)
1 2	35.241.57.45 35.241.57.45	15169 (GOOGLE) (GOOGLE)
1	143.204.94.76 143.204.94.76	16509 (AMAZON-02) (AMAZON-02)
1	104.225.98.131 104.225.98.131	36236 (NETACTUATE) (NETACTUATE)
1	2607:f740:e61... 2607:f740:e619::1	63911 (NETACTUAT...) (NETACTUATE-AS-AP NetActuate)
13	6

8 52.200.24.193 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-24-193.compute-1.amazonaws.com

canadianbenefits.citrixdata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.241.57.45 (Ascension Island) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 45.57.241.35.bc.googleusercontent.com

radar.cedexis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.94.76 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-94-76.fra50.r.cloudfront.net

cdn.pendo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.225.98.131 (Amsterdam, Netherlands)

ASN36236 (NETACTUATE, US)
PTR: 131.98.225.104.ptr.anycast.net

i2-woqbykixogwayyqfrwkqxbuxbuverq.init.cedexis-radar.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f740:e619::1 (United States)

ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US)

rpt.cedexis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	citrixdata.com canadianbenefits.citrixdata.com	575 KB
3	cedexis.com 1 redirects radar.cedexis.com rpt.cedexis.com	19 KB
1	cedexis-radar.net i2-woqbykixogwayyqfrwkqxbuxbuverq.init.cedexis-radar.net	1 KB
1	pendo.io cdn.pendo.io	109 KB
0	sf-api.com Failed canadianbenefits.sf-api.com Failed
13	5

	Domain	Requested by
8	canadianbenefits.citrixdata.com	canadianbenefits.citrixdata.com
2	radar.cedexis.com	1 redirects canadianbenefits.citrixdata.com
1	rpt.cedexis.com	radar.cedexis.com
1	i2-woqbykixogwayyqfrwkqxbuxbuverq.init.cedexis-radar.net	radar.cedexis.com
1	cdn.pendo.io	canadianbenefits.citrixdata.com
0	canadianbenefits.sf-api.com Failed	canadianbenefits.citrixdata.com
13	6

This site contains no links.

Subject Issuer	Validity	Valid
*.citrixdata.com DigiCert SHA2 Secure Server CA	`2019-08-29` - `2020-09-28`	a year	crt.sh
radar.cedexis.com Go Daddy Secure Certificate Authority - G2	`2019-06-26` - `2021-08-25`	2 years	crt.sh
cdn.pendo.io DigiCert SHA2 Extended Validation Server CA	`2019-06-04` - `2021-09-02`	2 years	crt.sh
*.init.cedexis-radar.net Go Daddy Secure Certificate Authority - G2	`2019-11-14` - `2022-01-13`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://canadianbenefits.citrixdata.com/d/f14547f3c53644a9
Frame ID: 414E824F381FE0A61B3E9F0A3C608454
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

13
Requests

92 %
HTTPS

20 %
IPv6

5
Domains

6
Subdomains

6
IPs

3
Countries

705 kB
Transfer

2298 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://radar.cedexis.com/1/55156/radar.js HTTP 302
https://radar.cedexis.com/1571758301/radar.js

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request f14547f3c53644a9 Show response
canadianbenefits.citrixdata.com/d/ 3 KB
2 KB 14516ms
13596ms Document
text/html 52.200.24.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://canadianbenefits.citrixdata.com/d/f14547f3c53644a9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.200.24.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-200-24-193.compute-1.amazonaws.com

Software

Resource Hash

8e0671ce5f89b3dec54ec47da287d7556520985a8925ed9bd426a8367a9decef

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline' https://.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'nonce-TovX2oYhskDVSYn9yncQyw==' https://request.eprotect.vantivcnp.com https://radar.cedexis.com https://c.evidon.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'none'; report-uri /api/cspviolation
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: canadianbenefits.citrixdata.com
:scheme: https
:path: /d/f14547f3c53644a9
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
cache-control: private,no-cache, no-store, must-revalidate
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: 0
vary: Accept-Encoding
set-cookie: ASP.NET_SessionId=4wqdcwirygaenlpr5draxhcn; path=/; secure; HttpOnly SFWEB_SRVNAME=i-044a306ceac228e4d; path=/
x-frame-options: DENY
content-security-policy: style-src 'self' 'unsafe-inline' https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'nonce-TovX2oYhskDVSYn9yncQyw==' https://request.eprotect.vantivcnp.com https://radar.cedexis.com https://c.evidon.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://*.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'none'; report-uri /api/cspviolation
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: same-origin
date: Thu, 25 Jun 2020 18:30:35 GMT
content-length: 1285
x-sf-server: web_new_ssl/i-044a306ceac228e4d_us-east-1b
strict-transport-security: max-age=16000000; includeSubDomains; preload;

GET
H2 200 spinner.css
canadianbenefits.citrixdata.com/css/ 1 KB
793 B 817ms
815ms Stylesheet
text/css 52.200.24.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://canadianbenefits.citrixdata.com/css/spinner.css

Requested by

Host: canadianbenefits.citrixdata.com
URL: https://canadianbenefits.citrixdata.com/d/f14547f3c53644a9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.200.24.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-200-24-193.compute-1.amazonaws.com

Software

Resource Hash

170f89d7bca549530c81b3e9d19af00ce907009338a0918be660a0c9d78370dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://canadianbenefits.citrixdata.com/d/f14547f3c53644a9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Jun 2020 18:30:35 GMT
content-encoding: gzip
referrer-policy: same-origin
last-modified: Mon, 22 Jun 2020 13:03:30 GMT
x-sf-server: web_new_ssl/i-044a306ceac228e4d_us-east-1b
etag: "07da0869548d61:0"
vary: Accept-Encoding
content-type: text/css
status: 200
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
strict-transport-security: max-age=16000000; includeSubDomains; preload;
accept-ranges: bytes
content-length: 425
x-content-type-options: nosniff

GET
H2 200 ShimSham Show response
canadianbenefits.citrixdata.com/javascript/bundles/ 86 KB
26 KB 817ms
816ms Script
text/javascript 52.200.24.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://canadianbenefits.citrixdata.com/javascript/bundles/ShimSham?v=YI7jcHjDPZWaPuSce2iD-SQbxfrOb_H9fHIMVZ3NddQ1

Requested by

Host: canadianbenefits.citrixdata.com
URL: https://canadianbenefits.citrixdata.com/d/f14547f3c53644a9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.200.24.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-200-24-193.compute-1.amazonaws.com

Software

Resource Hash

c869aaf363c5a48cfec2264539bed2e3c56f6b204b2234f6242805687315edba

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://canadianbenefits.citrixdata.com/d/f14547f3c53644a9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jun 2020 18:30:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 Jun 2020 18:30:36 GMT
x-sf-server: web_new_ssl/i-044a306ceac228e4d_us-east-1b
vary: User-Agent,Accept-Encoding
content-type: text/javascript; charset=utf-8
status: 200
cache-control: public
strict-transport-security: max-age=16000000; includeSubDomains; preload;
content-length: 25784
x-xss-protection: 1; mode=block
referrer-policy: same-origin
expires: Fri, 25 Jun 2021 18:30:36 GMT

GET
H2 200 index.2971619b014af8597ae9.js Show response
canadianbenefits.citrixdata.com/bundles/ 2 MB
527 KB 823ms
823ms Script
application/javascript 52.200.24.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://canadianbenefits.citrixdata.com/bundles/index.2971619b014af8597ae9.js

Requested by

Host: canadianbenefits.citrixdata.com
URL: https://canadianbenefits.citrixdata.com/d/f14547f3c53644a9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.200.24.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-200-24-193.compute-1.amazonaws.com

Software

Resource Hash

451776b8e5768df39b98b2c0cc292633f9104c6bca4e333ed259f195b51d2e70

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://canadianbenefits.citrixdata.com/d/f14547f3c53644a9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Jun 2020 18:30:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
content-length: 539199
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 22 Jun 2020 13:06:28 GMT
x-sf-server: web_new_ssl/i-044a306ceac228e4d_us-east-1b
etag: "022b9f09548d61:0"
strict-transport-security: max-age=16000000; includeSubDomains; preload;
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes

GET
H2 200 spinner.svg
canadianbenefits.citrixdata.com/css/ 1 KB
1 KB 3146ms
3146ms Image
image/svg+xml 52.200.24.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://canadianbenefits.citrixdata.com/css/spinner.svg

Requested by

Host: canadianbenefits.citrixdata.com
URL: https://canadianbenefits.citrixdata.com/d/f14547f3c53644a9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.200.24.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-200-24-193.compute-1.amazonaws.com

Software

Resource Hash

033e766a385edf1c3ecf4a7846fbb3f412af940c56a8c2d23af394c24ba8b3b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://canadianbenefits.citrixdata.com/css/spinner.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Jun 2020 18:30:37 GMT
referrer-policy: same-origin
last-modified: Mon, 22 Jun 2020 13:03:30 GMT
x-sf-server: web_new_ssl/i-044a306ceac228e4d_us-east-1b
etag: "07da0869548d61:0"
strict-transport-security: max-age=16000000; includeSubDomains; preload;
content-type: image/svg+xml
status: 200
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 1093
x-content-type-options: nosniff

GET
H2

200

radar.js Show response
radar.cedexis.com/1571758301/
Redirect Chain

https://radar.cedexis.com/1/55156/radar.js
https://radar.cedexis.com/1571758301/radar.js

44 KB
18 KB

76ms
73ms

Script
application/javascript

35.241.57.45
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://radar.cedexis.com/1571758301/radar.js
Requested by: Host: canadianbenefits.citrixdata.com
URL: https://canadianbenefits.citrixdata.com/share/view/f14547f3c53644a9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.57.45 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS: 45.57.241.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2d4bc9e5c7c94b708122d7e9a538acad6687b959875981d60dac16c4af93a337

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Jun 2020 18:30:44 GMT
content-encoding: gzip
last-modified: Tue, 22 Oct 2019 15:40:21 GMT
server: nginx
etag: W/"5daf22e5-aed4"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=1209600, public
alt-svc: clear
via: 1.1 google
expires: Thu, 09 Jul 2020 18:30:44 GMT

Redirect headers

date: Thu, 25 Jun 2020 18:30:44 GMT
via: 1.1 google
server: nginx
status: 302
vary: User-Agent,DNT
content-type: text/html
location: /1571758301/radar.js
cache-control: max-age=600
alt-svc: clear
content-length: 154
expires: Thu, 25 Jun 2020 18:40:44 GMT

GET
H2 200 4ff497990ee4edfc606e.js Show response
canadianbenefits.citrixdata.com/bundles/ 29 KB
10 KB 2910ms
2909ms Script
application/javascript 52.200.24.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://canadianbenefits.citrixdata.com/bundles/4ff497990ee4edfc606e.js

Requested by

Host: canadianbenefits.citrixdata.com
URL: https://canadianbenefits.citrixdata.com/bundles/index.2971619b014af8597ae9.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.200.24.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-200-24-193.compute-1.amazonaws.com

Software

Resource Hash

434e9fb3373647eba1243f46003c2d1c42fffe9afe692a4b872fc65d12992445

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://canadianbenefits.citrixdata.com/share/view/f14547f3c53644a9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Jun 2020 18:30:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
content-length: 9672
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 22 Jun 2020 13:06:28 GMT
x-sf-server: web_new_ssl/i-025a1d1808912b0f4_us-east-1c
etag: "022b9f09548d61:0"
strict-transport-security: max-age=16000000; includeSubDomains; preload;
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600, private
accept-ranges: bytes

GET
H2 200 86b6358ad654c5c7e000.js Show response
canadianbenefits.citrixdata.com/bundles/ 2 KB
1 KB 2911ms
2910ms Script
application/javascript 52.200.24.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://canadianbenefits.citrixdata.com/bundles/86b6358ad654c5c7e000.js

Requested by

Host: canadianbenefits.citrixdata.com
URL: https://canadianbenefits.citrixdata.com/bundles/index.2971619b014af8597ae9.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.200.24.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-200-24-193.compute-1.amazonaws.com

Software

Resource Hash

6b1f53c37e4034a55775b3ef2d30acf1d30cfa29dd3b39566af893e54fdefd34

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://canadianbenefits.citrixdata.com/share/view/f14547f3c53644a9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Jun 2020 18:30:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
content-length: 868
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 22 Jun 2020 13:06:28 GMT
x-sf-server: web_new_ssl/i-042358b7a1fcb3ed7_us-east-1c
etag: "022b9f09548d61:0"
strict-transport-security: max-age=16000000; includeSubDomains; preload;
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600, private
accept-ranges: bytes

GET
H2 200 21c6ba61ed050a240d7e.js Show response
canadianbenefits.citrixdata.com/bundles/ 17 KB
7 KB 2911ms
2910ms Script
application/javascript 52.200.24.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://canadianbenefits.citrixdata.com/bundles/21c6ba61ed050a240d7e.js

Requested by

Host: canadianbenefits.citrixdata.com
URL: https://canadianbenefits.citrixdata.com/bundles/index.2971619b014af8597ae9.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.200.24.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-200-24-193.compute-1.amazonaws.com

Software

Resource Hash

27b6311698517437efedbc2c49d400fc0baadebf7ad574263cc330629cdc9f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://canadianbenefits.citrixdata.com/share/view/f14547f3c53644a9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Jun 2020 18:30:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
content-length: 6548
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 22 Jun 2020 13:06:28 GMT
x-sf-server: web_new_ssl/i-0f226fc91579f5e8c_us-east-1c
etag: "022b9f09548d61:0"
strict-transport-security: max-age=16000000; includeSubDomains; preload;
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600, private
accept-ranges: bytes

GET
H/1.1 200
OK pendo.js Show response
cdn.pendo.io/agent/static/74b07336-7560-45fc-7cd1-95032a784d52/ 343 KB
109 KB 219ms
55ms Script
application/javascript 143.204.94.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pendo.io/agent/static/74b07336-7560-45fc-7cd1-95032a784d52/pendo.js
Requested by: Host: canadianbenefits.citrixdata.com
URL: https://canadianbenefits.citrixdata.com/share/view/f14547f3c53644a9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.94.76 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-94-76.fra50.r.cloudfront.net
Software: UploadServer /
Resource Hash: 4898ffefa942caced6faf9fdfcde71ca26795021ecfcb9e1e2266ccc3026c2e3

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Jun 2020 18:29:54 GMT
Content-Encoding: gzip
Content-Type: application/javascript
Age: 52
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Alt-Svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: *
Last-Modified: Tue, 16 Jun 2020 19:08:08 GMT
Server: UploadServer
ETag: "5d23f9b0310880249c4d08b198fe2c0b"
Vary: Accept-Encoding
x-goog-hash: crc32c=lZzAag==, md5=XSP5sDEIgCScTQixmP4sCw==
x-goog-generation: 1592334488185674
Via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
Access-Control-Expose-Headers: *
Cache-Control: max-age=450
x-goog-stored-content-length: 110794
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
X-GUploader-UploadID: AAANsUlG2UXrJSsdv42UJleQBSU61S1MRsStu4e_TsmTQaOPHXWvpric-RJRscJM9vdxD0aECkiqHdXEn7QPwILLog
X-Amz-Cf-Id: 8llmUwI2mvpJpGBCCqmXJL7273JEpzjqJeon9AOAs4Wr-Hxz9DFGFg==
Expires: Thu, 25 Jun 2020 18:37:23 GMT

GET
H/1.1 200
Ok providers.json Show response
i2-woqbykixogwayyqfrwkqxbuxbuverq.init.cedexis-radar.net/i2/1/55156/j1/20/119/1593109845/0/0/ 3 KB
1 KB 223ms
72ms XHR
application/json 104.225.98.131
NETACTUATE

General

Check archive.org

Show headers Download Go to

Full URL: https://i2-woqbykixogwayyqfrwkqxbuxbuverq.init.cedexis-radar.net/i2/1/55156/j1/20/119/1593109845/0/0/providers.json?imagesok=1&n=1&p=1&r=1&s=1&t=1
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1571758301/radar.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.225.98.131 Amsterdam, Netherlands, ASN36236 (NETACTUATE, US),
Reverse DNS: 131.98.225.104.ptr.anycast.net
Software: nginx/1.10.3 /
Resource Hash: 6fa7beb63d79ea0f0e004d25a7c4f59e5326d4f616829fa6efebf5f0f7928c42

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Jun 2020 18:30:45 GMT
Content-Encoding: gzip
Server: nginx/1.10.3
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1

GET Branding
canadianbenefits.sf-api.com/sf/v3/Accounts/ 0
0

GET
H/1.1 200
Ok 1593109836587 Show response
rpt.cedexis.com/n1/0/1593109821245/0/0/0/0/1593109821245/1593109821246/1593109821292/1593109821292/1593109822165/1593109821321/1593109822165/1593109835761/1593109835761/1593109835763/1593109844732/... 16 B
283 B 50ms
13ms XHR
text/plain 2607:f740:e619::1
NETACTUATE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://rpt.cedexis.com/n1/0/1593109821245/0/0/0/0/1593109821245/1593109821246/1593109821292/1593109821292/1593109822165/1593109821321/1593109822165/1593109835761/1593109835761/1593109835763/1593109844732/1593109844732/1593109844732/1593109847662/1593109847662/1593109847663/_CgJqMRAUGHciBggBEPSuAyj90sreAzDV2tP3BTjV2tP3BUDYjK8kShAIAxA1GOzCASAAKO6DgKAEUABaCggAEAAYACAAKABgAWoTYnV0dG9uMy5hbXMuaHYucHJvZIIBEAgDEKsBGLFGIAAo-I2AoASIAcLHpZsGkAEAmAEA/0/1593109836587
Requested by: Host: radar.cedexis.com
URL: https://radar.cedexis.com/1571758301/radar.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f740:e619::1 , United States, ASN63911 (NETACTUATE-AS-AP NetActuate, Inc, US),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Jun 2020 18:30:47 GMT
Server: nginx/1.10.3
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=1
Content-Length: 16

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: canadianbenefits.sf-api.com
URL: https://canadianbenefits.sf-api.com/sf/v3/Accounts/Branding

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			canadianbenefits.citrixdata.com/	1969-12-31 23:59:59	Name: SFWEB_SRVNAME Value: i-0f226fc91579f5e8c

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline' https://.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://fonts.googleapis.com; script-src 'self' 'unsafe-inline' 'nonce-TovX2oYhskDVSYn9yncQyw==' https://request.eprotect.vantivcnp.com https://radar.cedexis.com https://c.evidon.com https://www.googletagmanager.com https://www.gstatic.com/recaptcha/ https://.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5352587489443840.storage.googleapis.com https://maps.googleapis.com; frame-ancestors 'none'; report-uri /api/cspviolation
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

canadianbenefits.citrixdata.com
canadianbenefits.sf-api.com
cdn.pendo.io
i2-woqbykixogwayyqfrwkqxbuxbuverq.init.cedexis-radar.net
radar.cedexis.com
rpt.cedexis.com
canadianbenefits.sf-api.com
104.225.98.131
143.204.94.76
2607:f740:e619::1
35.241.57.45
52.200.24.193
033e766a385edf1c3ecf4a7846fbb3f412af940c56a8c2d23af394c24ba8b3b5
170f89d7bca549530c81b3e9d19af00ce907009338a0918be660a0c9d78370dc
27b6311698517437efedbc2c49d400fc0baadebf7ad574263cc330629cdc9f90
2d4bc9e5c7c94b708122d7e9a538acad6687b959875981d60dac16c4af93a337
434e9fb3373647eba1243f46003c2d1c42fffe9afe692a4b872fc65d12992445
451776b8e5768df39b98b2c0cc292633f9104c6bca4e333ed259f195b51d2e70
4898ffefa942caced6faf9fdfcde71ca26795021ecfcb9e1e2266ccc3026c2e3
6b1f53c37e4034a55775b3ef2d30acf1d30cfa29dd3b39566af893e54fdefd34
6fa7beb63d79ea0f0e004d25a7c4f59e5326d4f616829fa6efebf5f0f7928c42
8aed5e340cf6a71108b30bd80e05ea7abfb02b5b9ccf9439cae12382df68d2a4
8e0671ce5f89b3dec54ec47da287d7556520985a8925ed9bd426a8367a9decef
c869aaf363c5a48cfec2264539bed2e3c56f6b204b2234f6242805687315edba

canadianbenefits.citrixdata.com Open in urlscan Pro 52.200.24.193 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

13 Requests

92 %HTTPS

20 %IPv6

5 Domains

6 Subdomains

6 IPs

3 Countries

705 kBTransfer

2298 kBSize

1 Cookies

0 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

canadianbenefits.citrixdata.com Open in urlscan Pro
52.200.24.193 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

92 %
HTTPS

20 %
IPv6

5
Domains

6
Subdomains

6
IPs

3
Countries

705 kB
Transfer

2298 kB
Size

1
Cookies

13 HTTP transactions
0 data transactions