Submitted URL: https://www.benefitscanada.com/archives_/benefits-canada
Effective URL: https://www.benefitscanada.com/writer/benefits-canada/
Submission: On December 27 via api from UA — Scanned from PL

Summary

This website contacted 45 IPs in 9 countries across 49 domains to perform 137 HTTP transactions. The main IP is 3.160.150.53, located in United States and belongs to AMAZON-02, US. The main domain is www.benefitscanada.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on December 9th 2024. Valid for: a year.
This is the only time www.benefitscanada.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 26 3.160.150.53 16509 (AMAZON-02)
2 142.250.185.100 15169 (GOOGLE)
1 52.92.177.32 16509 (AMAZON-02)
2 208.91.248.5 46095 (RSI-CA-SITE1)
4 142.250.181.234 15169 (GOOGLE)
9 142.250.186.40 15169 (GOOGLE)
2 2.16.164.10 20940 (AKAMAI-AS...)
1 199.232.188.157 54113 (FASTLY)
3 142.250.186.35 15169 (GOOGLE)
1 172.217.16.195 15169 (GOOGLE)
1 162.159.140.229 13335 (CLOUDFLAR...)
1 104.244.42.67 13414 (TWITTER)
3 13.107.42.14 8068 (MICROSOFT...)
4 142.250.185.78 15169 (GOOGLE)
4 151.101.2.132 54113 (FASTLY)
3 216.239.32.36 15169 (GOOGLE)
2 3.126.178.73 16509 (AMAZON-02)
1 64.233.166.154 15169 (GOOGLE)
1 142.250.186.99 15169 (GOOGLE)
10 52.31.218.18 16509 (AMAZON-02)
3 172.217.16.194 15169 (GOOGLE)
1 52.50.226.47 16509 (AMAZON-02)
1 216.58.206.34 15169 (GOOGLE)
24 142.250.185.226 15169 (GOOGLE)
4 142.250.185.225 15169 (GOOGLE)
1 54.195.177.127 16509 (AMAZON-02)
1 104.18.27.193 13335 (CLOUDFLAR...)
1 23.35.236.201 16625 (AKAMAI-AS)
2 2 37.252.171.149 29990 (ASN-APPNEX)
1 3.213.29.127 14618 (AMAZON-AES)
1 3.68.145.123 16509 (AMAZON-02)
1 35.227.252.103 396982 (GOOGLE-CL...)
1 185.64.191.214 62713 (AS-PUBMATIC)
1 1 208.93.169.131 46244 (WEBMD-IDC...)
4 4 46.228.174.117 56396 (Amobee NE...)
1 1 46.228.164.11 56396 (Amobee NE...)
1 1 69.166.1.35 27630 (AS-XFERNET)
1 2 35.168.46.194 14618 (AMAZON-AES)
1 13.248.245.213 16509 (AMAZON-02)
1 52.30.199.206 16509 (AMAZON-02)
1 1 5.196.111.68 16276 (OVH OVH SAS)
1 87.248.119.252 203220 (YAHOO-DEB...)
1 2 35.186.194.101 15169 (GOOGLE)
1 18.184.206.66 16509 (AMAZON-02)
1 35.214.136.108 19527 (GOOGLE-2)
2 2 3.125.196.33 16509 (AMAZON-02)
1 23.32.185.35 16625 (AKAMAI-AS)
1 69.173.144.165 26667 (RUBICONPR...)
1 1 23.212.88.20 16625 (AKAMAI-AS)
1 1 154.54.250.80 26558 (FREEWHEEL)
1 8.2.110.17 46636 (NATCOWEB)
1 15.197.193.217 16509 (AMAZON-02)
2 2 35.213.17.49 15169 (GOOGLE)
3 172.217.16.193 15169 (GOOGLE)
137 45
Apex Domain
Subdomains
Transfer
29 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
d51b26871f2acea15d86ac175bc4cda0.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 173
322 KB
26 benefitscanada.com
www.benefitscanada.com
692 KB
11 springserve.com
sync.springserve.com — Cisco Umbrella Rank: 3084
tv.springserve.com — Cisco Umbrella Rank: 5002
vid-io-dub.springserve.com — Cisco Umbrella Rank: 33283
10 KB
9 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
746 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
region1.google-analytics.com — Cisco Umbrella Rank: 3353
22 KB
4 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 135
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218
209 KB
4 m32.media
rdc.m32.media — Cisco Umbrella Rank: 297305
fastlygeo.m32.media — Cisco Umbrella Rank: 450968
27 KB
4 gstatic.com
fonts.gstatic.com
www.gstatic.com
281 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
3 KB
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 513
2 KB
3 adtrafficquality.google
ep1.adtrafficquality.google — Cisco Umbrella Rank: 389
ep2.adtrafficquality.google — Cisco Umbrella Rank: 403
20 KB
3 rubiconproject.com
mia-placement-server.rubiconproject.com — Cisco Umbrella Rank: 66218
pixel.rubiconproject.com — Cisco Umbrella Rank: 419
2 KB
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 333
2 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 3
region1.analytics.google.com — Cisco Umbrella Rank: 4108
966 B
2 impact-ad.jp
y.one.impact-ad.jp — Cisco Umbrella Rank: 8453
844 B
2 adscale.de
ih.adscale.de — Cisco Umbrella Rank: 4295
949 B
2 smartclip.net
sync.sxp.smartclip.net — Cisco Umbrella Rank: 8138
701 B
2 tremorhub.com
pbs.publishers.tremorhub.com — Cisco Umbrella Rank: 6805
533 B
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 281
2 KB
2 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 570
image8.pubmatic.com — Cisco Umbrella Rank: 684
42 B
2 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 831
22 KB
2 ofsys.com
t.ofsys.com — Cisco Umbrella Rank: 290201
41 KB
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 377
149 B
1 admanmedia.com
sync.admanmedia.com — Cisco Umbrella Rank: 4597
60 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 619
914 B
1 media.net
cs.media.net — Cisco Umbrella Rank: 1071
709 B
1 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1684
163 B
1 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 393
183 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 530
58 B
1 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 548
160 B
1 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 775
356 B
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 576
35 B
1 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 429
140 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 915
675 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1246
526 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 959
434 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 665
929 B
1 openx.net
rtb.openx.net — Cisco Umbrella Rank: 552
267 B
1 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 2720
44 B
1 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 1532
192 B
1 casalemedia.com
ssum.casalemedia.com — Cisco Umbrella Rank: 1646
1 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1533
1 google.pl
www.google.pl — Cisco Umbrella Rank: 28032
408 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 991
723 B
1 t.co
t.co — Cisco Umbrella Rank: 904
628 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 1016
16 KB
1 amazonaws.com
s3.us-west-2.amazonaws.com
40 KB
0 richaudience.com Failed
sync.richaudience.com Failed
0 advertising.com Failed
pixel.advertising.com Failed
137 49
Domain Requested by
26 www.benefitscanada.com 1 redirects www.benefitscanada.com
24 pagead2.googlesyndication.com securepubads.g.doubleclick.net
www.benefitscanada.com
pagead2.googlesyndication.com
9 www.googletagmanager.com www.benefitscanada.com
www.googletagmanager.com
www.google-analytics.com
7 vid-io-dub.springserve.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 fonts.googleapis.com www.benefitscanada.com
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
3 sync.1rx.io 3 redirects
3 securepubads.g.doubleclick.net rdc.m32.media
securepubads.g.doubleclick.net
3 sync.springserve.com s3.us-west-2.amazonaws.com
3 rdc.m32.media www.benefitscanada.com
www.googletagmanager.com
rdc.m32.media
3 px.ads.linkedin.com snap.licdn.com
www.benefitscanada.com
3 fonts.gstatic.com fonts.googleapis.com
2 ep2.adtrafficquality.google securepubads.g.doubleclick.net
ep2.adtrafficquality.google
2 y.one.impact-ad.jp 2 redirects
2 ih.adscale.de 2 redirects
2 sync.sxp.smartclip.net 1 redirects
2 pbs.publishers.tremorhub.com 1 redirects
2 ib.adnxs.com 2 redirects
2 d51b26871f2acea15d86ac175bc4cda0.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 mia-placement-server.rubiconproject.com s3.us-west-2.amazonaws.com
2 region1.google-analytics.com www.googletagmanager.com
2 snap.licdn.com www.benefitscanada.com
snap.licdn.com
2 t.ofsys.com www.benefitscanada.com
2 www.google.com www.benefitscanada.com
www.googletagmanager.com
1 match.adsrvr.org
1 sync.admanmedia.com
1 ads.stickyadstv.com 1 redirects
1 cs.media.net 1 redirects
1 pixel.rubiconproject.com
1 sync.teads.tv
1 x.bidswitch.net
1 match.sharethrough.com
1 ups.analytics.yahoo.com
1 ssbsync.smartadserver.com 1 redirects
1 ads.yieldmo.com
1 eb2.3lift.com
1 sync.go.sonobi.com 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 ad.turn.com 1 redirects
1 bh.contextweb.com 1 redirects
1 image8.pubmatic.com
1 rtb.openx.net
1 cs.emxdgt.com
1 sync.bfmio.com
1 ads.pubmatic.com www.benefitscanada.com
1 ssum.casalemedia.com www.benefitscanada.com
1 rtb.gumgum.com www.benefitscanada.com
1 ep1.adtrafficquality.google securepubads.g.doubleclick.net
1 tv.springserve.com s3.us-west-2.amazonaws.com
1 fastlygeo.m32.media rdc.m32.media
1 www.google.pl www.benefitscanada.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 analytics.twitter.com www.benefitscanada.com
1 t.co www.benefitscanada.com
1 www.gstatic.com www.google.com
1 static.ads-twitter.com www.benefitscanada.com
1 s3.us-west-2.amazonaws.com www.benefitscanada.com
0 sync.richaudience.com Failed
0 pixel.advertising.com Failed
137 61
Subject Issuer Validity Valid
avatar.tcmediasaffaires.com
Amazon RSA 2048 M03
2024-12-09 -
2026-01-06
a year crt.sh
*.google.com
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
*.s3-us-west-2.amazonaws.com
Amazon RSA 2048 M01
2024-11-14 -
2025-11-11
a year crt.sh
t.ofsys.com
RapidSSL TLS RSA CA G1
2024-04-03 -
2025-04-06
a year crt.sh
upload.video.google.com
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
*.google-analytics.com
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA
2024-12-02 -
2025-12-01
a year crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-06-25 -
2025-06-24
a year crt.sh
*.gstatic.com
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
t.co
E6
2024-11-26 -
2025-02-24
3 months crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-08-19 -
2025-08-18
a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA
2024-10-14 -
2025-04-14
6 months crt.sh
*.m32.media
Sectigo RSA Domain Validation Secure Server CA
2024-11-21 -
2025-12-22
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2024-07-30 -
2025-04-03
8 months crt.sh
*.g.doubleclick.net
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
*.google.pl
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
*.springserve.com
Amazon RSA 2048 M02
2024-08-27 -
2025-09-25
a year crt.sh
adtrafficquality.google
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
ie-ad-exch-prd-two-eks.prd.eks.ie.adexchange.gumgum.com
Amazon RSA 2048 M03
2024-07-02 -
2025-08-01
a year crt.sh
casalemedia.com
E5
2024-12-11 -
2025-03-11
3 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1
2024-11-27 -
2025-11-30
a year crt.sh
*.bfmio.com
Amazon RSA 2048 M02
2024-02-15 -
2025-03-14
a year crt.sh
*.emxdgt.com
Amazon RSA 2048 M03
2024-04-02 -
2025-05-01
a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1
2024-08-14 -
2025-08-18
a year crt.sh
*.3lift.com
Amazon RSA 2048 M02
2024-03-13 -
2025-04-11
a year crt.sh
*.yieldmo.com
Amazon RSA 2048 M02
2024-03-04 -
2025-04-03
a year crt.sh
sp.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2024-11-22 -
2025-05-21
6 months crt.sh
*.sharethrough.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1
2024-07-15 -
2025-08-15
a year crt.sh
*.bidswitch.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-11-29 -
2025-02-23
3 months crt.sh
teads.tv
R10
2024-11-25 -
2025-02-23
3 months crt.sh
*.admanmedia.com
Sectigo RSA Domain Validation Secure Server CA
2024-05-15 -
2025-05-15
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2024-04-23 -
2025-05-25
a year crt.sh
tpc.googlesyndication.com
WR2
2024-12-02 -
2025-02-24
3 months crt.sh

This page contains 11 frames:

Primary Page: https://www.benefitscanada.com/writer/benefits-canada/
Frame ID: BB50E95556F0E34FA55A6AD1A7B20CB6
Requests: 106 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fwww.benefitscanada.com
Frame ID: 689AC208FFCF656E871E0D464BE365AA
Requests: 1 HTTP requests in this frame

Frame: https://d51b26871f2acea15d86ac175bc4cda0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D33B93C8B9BF5C613FB09ECCE7BCBF0A
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/14048?gdpr=0&gdpr_consent=0&us_privacy=&r=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D0%26gdpr_consent%3D0%26us_privacy%3D%26uuid%3D
Frame ID: 2EC12EAF98553678FBAD36C08B3D7883
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=191709&gdpr=0&gdpr_consent=0&us_privacy=&cb=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000005%26gdpr%3D0%26gdpr_consent%3D0%26us_privacy%3D%26uuid%3D
Frame ID: FC90ACD5E547F35C76624E16C5333B55
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=0&us_privacy=&predirect=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000010%26gdpr%3D0%26gdpr_consent%3D0%26us_privacy%3D%26uuid%3D
Frame ID: 99BA56C33DD923A37FB250891E6675F9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssXPU-c9fiyBuP24_dIRf1cPo_DKqTwwH6eBIa9gBfV_etmQhZmCQAtUkt367VZUwCg0dcEjQIWAtLRhnYQIi9gIqd_wpE9wPP8muGdAuVYzC8LmkYnTB5DKaV4ICP3APzPwvdIkmqGajfqngm8ilR_soeoGN8ScmHN___qlHx2dO36UFBX-P9mNrDuV3yfUwKvGp5IycPZENDVLu7OP1oLRchfjdon2l6INO0M7R5jZ7vQmvQod7aC9BsPsVNQyM-0U8IFZORyi7LS9x_6rStEUeXRa3cS9fmzADHqk2-4swhtTFbbiYnd27TLbHJXlJmyShRdakL4OhgPXkhaqwl2LXfrv9Y6nOI7FnZG_9jTRDqS3n_rRvbHBtfdreJu2mMBdIAHDKWhIlg_txv8ramZ5UTJXG5uwSIoPhqwgCe9D6efvLF1v-4NkNMQFcPRRGLOfNMWDfm2UlJEcB0j4HsjWg&sig=Cg0ArKJSzLyR1NB2jXpuEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 6E39457E5727A95A476A69ACC9B4595C
Requests: 10 HTTP requests in this frame

Frame: https://d51b26871f2acea15d86ac175bc4cda0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6110E45EFA8E5711AE176A8CA8854CBF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstnaUvZtp6VLM1XB7T4Lk1acgwLzVKH_FJXN0Bu65XlcslILPC5cVvOy9_vU4Jrfgu1wpRnPyzArcBYjrJcFLkR4GafTtgan9Z7Jk-3VN-zQfX-FKl5BGOb7rNBcT8EAAT4hc1zSCbBMBC_I6DSwqWQKssyGnZUsv9rmJralxT0c_9tVM0sY3hwU0UMJwQ12nTrkVkPonUijQ_958L7vxc5kO_oWKnBV56waUj6UQrEq2ZSMpus5_6A75LqRXht_UGuVAABdR1fbekdLSe4p1xQTBs_rTOl1eQIsRz7qNYG4lxQ4sg1M-MMHvhA12LBEilAkvqb5DjNxA_-FoSPOHvWSBAsMguY0HWquQx2AZUtEWrziKbkGXe7rUjtaxwvCHs6EGw_cXrXFsb3xi5oeaVISzJQQePJWk3__K7396ubao_lX9fcAUn7mKJh15y-A1urmPg&sig=Cg0ArKJSzFswLjXjcaeAEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 49FAFC93C1B4404398C0126827FF2A56
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsutaonnfhsTLJUTW3GpvR4UNq3cJTLbYCKKbMQXdyV9IkqypMrQiLAia8Ul0Ads03MXBgoNF8q7jKuO6FUe-Ci7Xq_DOF4FGcWpWMN929fIbDTDBdGFD0usSKh0PVt4Y9FAoKhwdnN0VcpN7ADdyq38QxGiMsWOKJ7k3xj2H6tBJrJjuUlH1T3FI_k_2icwfGCi1T7q0KaOVKgRiTHYP-CeMHmcgN4xyzlBFfGmBrmNUzg9jvDq4us3izTwy11GZsbVccmSM8Z0Clg8QRlIEzq6dYnRUCd9RwzVXdwg5eHo_7yfv6Ebwo_RQG2G8KYVm9zynu5ensf42kOJHPcw7vxWYh00X0HF3wsQ6DuF8_TI9hfhcCG-JkTk3TK2rSa2Bf9d043ObmNy5xE4yeLhwH2hxiuoYnIJz0YORvZO0OMX2DFSigCRjiOFL8DdJjSSnQz49YM&sig=Cg0ArKJSzMQQ8whUViL2EAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 846EB6F2395DEBA5F0F8376FCCBAD739
Requests: 9 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: 320293D1043D2A2C1F7E9BEB432CA9D0
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Benefits Canada | Benefits Canada.com

Page URL History Show full URLs

  1. https://www.benefitscanada.com/archives_/benefits-canada HTTP 301
    https://www.benefitscanada.com/writer/benefits-canada/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

137
Requests

90 %
HTTPS

0 %
IPv6

49
Domains

61
Subdomains

45
IPs

9
Countries

2458 kB
Transfer

6658 kB
Size

42
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.benefitscanada.com/archives_/benefits-canada HTTP 301
    https://www.benefitscanada.com/writer/benefits-canada/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 79
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000001%26gdpr%3D0%26gdpr_consent%3D0%26us_privacy%3D%26uuid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fvid-io-dub.springserve.com%252Fusersync%253Faid%253D1000001%2526gdpr%253D0%2526gdpr_consent%253D0%2526us_privacy%253D%2526uuid%253D%2524UID HTTP 302
  • https://vid-io-dub.springserve.com/usersync?aid=1000001&gdpr=0&gdpr_consent=0&us_privacy=&uuid=8204807367830100456
Request Chain 85
  • https://bh.contextweb.com/rtset?gdpr=0&gdpr_consent=0&us_privacy=&pid=561910&ev=1&rurl=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000011%26gdpr%3D0%26gdpr_consent%3D0%26us_privacy%3D%26uuid%3D%25%25VGUID%25%25 HTTP 302
  • https://vid-io-dub.springserve.com/usersync?aid=1000011&gdpr=0&gdpr_consent=0&us_privacy=&uuid=hXOJ6aWSwkIX&ev=1&us_privacy=&gdpr_consent=0&pid=561910&gdpr=0
Request Chain 86
  • https://sync.1rx.io/usersync2/rmphb?gdpr=0&gdpr_consent=0&us_privacy=&redir=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000012%26gdpr%3D0%26gdpr_consent%3D0%26us_privacy%3D%26uuid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmphb?zcc=1&redir=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000012%26gdpr%3D0%26gdpr_consent%3D0%26us_privacy%3D%26uuid%3D%5BRX_UUID%5D&cb=1735298784121 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&id=RX-03d708ee-3e19-4e46-a72c-47e102cb4783-003&rndcb=3073989508 HTTP 302
  • https://sync.1rx.io/usersync/turn/3031319725204927714?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-03d708ee-3e19-4e46-a72c-47e102cb4783-003?redir=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000012%26gdpr%3D0%26gdpr_consent%3D0%26us_privacy%3D%26uuid%3DRX-03d708ee-3e19-4e46-a72c-47e102cb4783-003 HTTP 302
  • https://vid-io-dub.springserve.com/usersync?aid=1000012&gdpr=0&gdpr_consent=0&us_privacy=&uuid=RX-03d708ee-3e19-4e46-a72c-47e102cb4783-003
Request Chain 87
  • https://sync.go.sonobi.com/us.gif?gdpr=0&gdpr_consent=0&us_privacy=&loc=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000013%26gdpr%3D0%26gdpr_consent%3D0%26us_privacy%3D%26uuid%3D%5BUID%5D HTTP 302
  • https://vid-io-dub.springserve.com/usersync?aid=1000013&gdpr=0&gdpr_consent=0&us_privacy=&uuid=6359173f-99fc-431c-a396-9c9691a6844e
Request Chain 88
  • https://pbs.publishers.tremorhub.com/pubsync?gdpr=0&gdpr_consent=0&us_privacy=&redir=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000015%26gdpr%3D0%26gdpr_consent%3D0%26us_privacy%3D%26uuid%3D%5Btvid%5D HTTP 302
  • https://pbs.publishers.tremorhub.com/pubsync/verify?gdpr=0&gdpr_consent=0&us_privacy=&redir=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000015%26gdpr%3D0%26gdpr_consent%3D0%26us_privacy%3D%26uuid%3D%5Btvid%5D
Request Chain 91
  • https://ssbsync.smartadserver.com/api/sync?callerId=52&gdpr=0&gdpr_consent=0&us_privacy=&redirectUri=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000018%26gdpr%3D0%26gdpr_consent%3D0%26us_privacy%3D%26uuid%3D%5Bssb_sync_pid%5D HTTP 302
  • https://sync.springserve.com/usersync?aid=1000018&gdpr=0&gdpr_consent=&uuid=5734696040016866960
Request Chain 93
  • https://sync.sxp.smartclip.net/sync?type=red&dsp=116&gdpr_consent=0 HTTP 302
  • https://sync.sxp.smartclip.net/sync?type=red&dsp=116&gdpr_consent=0&ang_testid=1
Request Chain 96
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=0&tpid=22144&cburl=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000023%26gdpr%3D0%26gdpr_consent%3D0%26us_privacy%3D%26uuid%3D__STROEER_USER_ID__ HTTP 302
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=0&tpid=22144&cburl=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000023%26gdpr%3D0%26gdpr_consent%3D0%26us_privacy%3D%26uuid%3D__STROEER_USER_ID__&nut&uu=3537715cdaf0494f9cef036dbf00a35d HTTP 302
  • https://vid-io-dub.springserve.com/usersync?aid=1000023&gdpr=0&gdpr_consent=0&us_privacy=&uuid=3537715cdaf0494f9cef036dbf00a35d
Request Chain 99
  • https://cs.media.net/cksync?cs=60&type=ss&gdpr=0&gdpr_consent=0&us_privacy=&redirect=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000026%26gdpr%3D0%26gdpr_consent%3D0%26us_privacy%3D%26uuid%3D%3Cvsid%3E HTTP 302
  • https://vid-io-dub.springserve.com/usersync?aid=1000026&gdpr=0&gdpr_consent=0&us_privacy=&uuid=3783003850243573000V10
Request Chain 101
  • https://ads.stickyadstv.com/user-matching?id=3691&_fw_gdpr=0&_fw_gdpr_consent=0&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000028%26gdpr%3D0%26gdpr_consent%3D0%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26uuid%3D%7Bviewerid%7D HTTP 302
  • https://sync.springserve.com/usersync?aid=1000028&uuid=f6378a886f4ce240ba75ed1c6517f3bd&gdpr=0&0=&us_privacy=&gpp={gpp_string}&gpp_sid={gpp_sid}&gpp_sid=&gpp=&us_privacy=&_fw_gdpr=0&_fw_gdpr_consent=0&redir=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000028%26gdpr%3D0%26gdpr_consent%3D0%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26uuid%3D%7Bviewerid%7D
Request Chain 104
  • https://y.one.impact-ad.jp/hbs_cs?redirectUri=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000031%26gdpr%3D0%26gdpr_consent%3D0%26us_privacy%3D%26uuid%3D%24UID HTTP 302
  • https://y.one.impact-ad.jp/ul_cb/hbs_cs?redirectUri=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000031%26gdpr%3D0%26gdpr_consent%3D0%26us_privacy%3D%26uuid%3D%24UID HTTP 302
  • https://vid-io-dub.springserve.com/usersync?aid=1000031&gdpr=0&gdpr_consent=0&us_privacy=&uuid=f93aeeb1-c7e0-474a-992b-5533e4331f17

137 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.benefitscanada.com/writer/benefits-canada/
Redirect Chain
  • https://www.benefitscanada.com/archives_/benefits-canada
  • https://www.benefitscanada.com/writer/benefits-canada/
87 KB
16 KB
Document
General
Full URL
https://www.benefitscanada.com/writer/benefits-canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-53.fra60.r.cloudfront.net
Software
Apache/2.4.61 (Amazon) PHP/7.1.33 / PHP/7.1.33
Resource Hash
7f2bf860f43b7667e06aa5c943990f44cd77c2fe0cc1f3c847758b4ce88faf8b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
cache-control
max-age=0
content-encoding
gzip
content-length
16414
content-type
text/html; charset=UTF-8
date
Fri, 27 Dec 2024 11:26:20 GMT
expires
Fri, 27 Dec 2024 11:26:20 GMT
last-modified
Fri, 27 Dec 2024 11:25:25 GMT
server
Apache/2.4.61 (Amazon) PHP/7.1.33
vary
Accept-Encoding
via
1.1 dc468f8259c800daf36aec7b41b2dac8.cloudfront.net (CloudFront)
x-amz-cf-id
Po7_jyXLK6-V75FTeTnszOXKZGefxUThsHicQ8Fnd2o-uTg39sohAg==
x-amz-cf-pop
FRA60-P7
x-cache
Miss from cloudfront
x-powered-by
PHP/7.1.33

Redirect headers

access-control-allow-origin
*
age
55
cache-control
max-age=3600
content-length
1
content-type
text/html; charset=UTF-8
date
Fri, 27 Dec 2024 11:25:24 GMT
expires
Fri, 27 Dec 2024 12:25:24 GMT
location
https://www.benefitscanada.com/writer/benefits-canada/
server
Apache/2.4.61 (Amazon) PHP/7.1.33
vary
Accept-Encoding
via
1.1 dc468f8259c800daf36aec7b41b2dac8.cloudfront.net (CloudFront)
x-amz-cf-id
YsQnRJfsM4IeY8eze5zwrS2D5HLGhW7BuN27HZB0wRtDXjbXHqPYbA==
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
x-powered-by
PHP/7.1.33
vendors.min-1.0.2.css
www.benefitscanada.com/wp-content/cache/busting/7/wp-content/themes/avatar-tcm/assets/css/
164 KB
29 KB
Stylesheet
General
Full URL
https://www.benefitscanada.com/wp-content/cache/busting/7/wp-content/themes/avatar-tcm/assets/css/vendors.min-1.0.2.css
Requested by
Host: www.benefitscanada.com
URL: https://www.benefitscanada.com/writer/benefits-canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-53.fra60.r.cloudfront.net
Software
Apache/2.4.61 (Amazon) PHP/7.1.33 /
Resource Hash
b59668075b67f78c188d4186567ebc8077567486445d17c65c4ea836ffa0ac42

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/writer/benefits-canada/

Response headers

content-encoding
gzip
age
51543
expires
Fri, 26 Dec 2025 21:07:17 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
ZdrgXjVN2dbIG3GW28LOgLsqjRPhBYxG7eAem615fW1ZwPQNG7hSaw==
date
Thu, 26 Dec 2024 21:07:17 GMT
content-type
text/css; charset=utf-8
last-modified
Thu, 30 May 2024 17:58:30 GMT
vary
Accept-Encoding
cache-control
max-age=31536000, public
via
1.1 dc468f8259c800daf36aec7b41b2dac8.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
29529
x-amz-cf-pop
FRA60-P7
server
Apache/2.4.61 (Amazon) PHP/7.1.33
style-2.4.css
www.benefitscanada.com/wp-content/cache/busting/7/wp-content/themes/avatar-tcm/
532 KB
74 KB
Stylesheet
General
Full URL
https://www.benefitscanada.com/wp-content/cache/busting/7/wp-content/themes/avatar-tcm/style-2.4.css
Requested by
Host: www.benefitscanada.com
URL: https://www.benefitscanada.com/writer/benefits-canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-53.fra60.r.cloudfront.net
Software
Apache/2.4.61 (Amazon) PHP/7.1.33 /
Resource Hash
07ff015d1a1147e70fdc0f24cbc4077a8094d902309544eddc6722e462b6e853

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/writer/benefits-canada/

Response headers

cache-control
max-age=31536000, public
content-encoding
gzip
age
387
via
1.1 dc468f8259c800daf36aec7b41b2dac8.cloudfront.net (CloudFront)
expires
Sat, 27 Dec 2025 11:19:52 GMT
accept-ranges
bytes
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-id
V7YdQAnwLhxvCkTGs6WtZ7NzZxM1mFDRUi5txn3taL3dX9_rVAtAiw==
date
Fri, 27 Dec 2024 11:19:52 GMT
content-type
text/css; charset=utf-8
last-modified
Thu, 30 May 2024 17:58:30 GMT
server
Apache/2.4.61 (Amazon) PHP/7.1.33
x-amz-cf-pop
FRA60-P7
vary
Accept-Encoding
style-1.1.7.css
www.benefitscanada.com/wp-content/cache/busting/7/wp-content/themes/avatar-be/
8 KB
3 KB
Stylesheet
General
Full URL
https://www.benefitscanada.com/wp-content/cache/busting/7/wp-content/themes/avatar-be/style-1.1.7.css
Requested by
Host: www.benefitscanada.com
URL: https://www.benefitscanada.com/writer/benefits-canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-53.fra60.r.cloudfront.net
Software
Apache/2.4.61 (Amazon) PHP/7.1.33 /
Resource Hash
ff823a9edbf91a5cc0df894573f186edcb29d38381311aa9e27b2741b95b3795

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/writer/benefits-canada/

Response headers

cache-control
max-age=31536000, public
content-encoding
gzip
via
1.1 dc468f8259c800daf36aec7b41b2dac8.cloudfront.net (CloudFront)
expires
Sat, 27 Dec 2025 11:26:20 GMT
accept-ranges
bytes
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
2336
x-amz-cf-id
Snuivp1ynN2pEs3D7YUqnuYrhJETd6cMyH-m3O3LskacgVPPG0qsjQ==
date
Fri, 27 Dec 2024 11:26:20 GMT
content-type
text/css; charset=utf-8
last-modified
Thu, 30 May 2024 17:58:30 GMT
server
Apache/2.4.61 (Amazon) PHP/7.1.33
x-amz-cf-pop
FRA60-P7
vary
Accept-Encoding
jquery-1.12.4.js
www.benefitscanada.com/wp-content/cache/busting/7/wp-includes/js/jquery/
95 KB
33 KB
Script
General
Full URL
https://www.benefitscanada.com/wp-content/cache/busting/7/wp-includes/js/jquery/jquery-1.12.4.js
Requested by
Host: www.benefitscanada.com
URL: https://www.benefitscanada.com/writer/benefits-canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-53.fra60.r.cloudfront.net
Software
Apache/2.4.61 (Amazon) PHP/7.1.33 /
Resource Hash
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/writer/benefits-canada/

Response headers

content-encoding
gzip
age
71628
expires
Sat, 25 Jan 2025 15:32:31 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
mzr3OYDSP-jVe1fQKmRXr6drbpiP5qi1gr9bx0WZST-kW-lKN-5Vtw==
date
Thu, 26 Dec 2024 15:32:31 GMT
content-type
text/javascript; charset=utf-8
last-modified
Thu, 30 May 2024 17:58:30 GMT
vary
Accept-Encoding
cache-control
max-age=2592000, public
via
1.1 dc468f8259c800daf36aec7b41b2dac8.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
33766
x-amz-cf-pop
FRA60-P7
server
Apache/2.4.61 (Amazon) PHP/7.1.33
jquery-migrate.min-1.4.1.js
www.benefitscanada.com/wp-content/cache/busting/7/wp-includes/js/jquery/
10 KB
4 KB
Script
General
Full URL
https://www.benefitscanada.com/wp-content/cache/busting/7/wp-includes/js/jquery/jquery-migrate.min-1.4.1.js
Requested by
Host: www.benefitscanada.com
URL: https://www.benefitscanada.com/writer/benefits-canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-53.fra60.r.cloudfront.net
Software
Apache/2.4.61 (Amazon) PHP/7.1.33 /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/writer/benefits-canada/

Response headers

content-encoding
gzip
age
22452
expires
Sun, 26 Jan 2025 05:12:09 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
iA2DPLx6FrZ-s19wvJResU2xyPI2u9luTic436gkbgYshhwR49pf5g==
date
Fri, 27 Dec 2024 05:12:09 GMT
content-type
text/javascript; charset=utf-8
last-modified
Thu, 30 May 2024 17:58:30 GMT
vary
Accept-Encoding
cache-control
max-age=2592000, public
via
1.1 dc468f8259c800daf36aec7b41b2dac8.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
4014
x-amz-cf-pop
FRA60-P7
server
Apache/2.4.61 (Amazon) PHP/7.1.33
api.js
www.google.com/recaptcha/
1 KB
966 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: www.benefitscanada.com
URL: https://www.benefitscanada.com/writer/benefits-canada/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f4.1e100.net
Software
ESF /
Resource Hash
258a7d87e72b96aa2cb3d05130f52e0660ec1d07fb88147f8583c05c14fab392
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Fri, 27 Dec 2024 11:26:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Fri, 27 Dec 2024 11:26:21 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
pub.js
s3.us-west-2.amazonaws.com/application-mia-player-prod.rubiconproject.com/
39 KB
40 KB
Script
General
Full URL
https://s3.us-west-2.amazonaws.com/application-mia-player-prod.rubiconproject.com/pub.js
Requested by
Host: www.benefitscanada.com
URL: https://www.benefitscanada.com/writer/benefits-canada/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.92.177.32 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
2594d4b330d2cce12d75540e7535d674155fd072dbf0cd9051124cec391710c7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

x-amz-id-2
AYmLW0l03ujL1aIeVDYWqLRD+78oCggNiHpmOS+/XY4UX5b2adKl/UzMpGUvxpRonusJU/dVBT8=
ETag
"53a068f8aa462482f065a4a31d34bb2e"
x-amz-request-id
BP3N00H3720D3JTF
Accept-Ranges
bytes
Content-Length
40274
Date
Fri, 27 Dec 2024 11:26:22 GMT
Last-Modified
Thu, 12 Dec 2024 16:56:14 GMT
Content-Type
text/javascript
Server
AmazonS3
x-amz-server-side-encryption
AES256
Benefits_logo-1.png
www.benefitscanada.com/wp-content/uploads/sites/7/2023/07/
49 KB
49 KB
Image
General
Full URL
https://www.benefitscanada.com/wp-content/uploads/sites/7/2023/07/Benefits_logo-1.png
Requested by
Host: www.benefitscanada.com
URL: https://www.benefitscanada.com/writer/benefits-canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-53.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ea0ae4fae8924dd26f897ee18cb3b8477306b682a8d7a758abd8da7fb55c1cb7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/writer/benefits-canada/

Response headers

x-amz-version-id
nYg8YYVHQ4iwjwqbnm6AdBuSDlc4tNkJ
etag
"668ea174228fb803e42d7a6e210e18df"
age
17027
expires
Tue, 09 Jul 2024 13:32:19 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
RO8LnDzI3qDqbg6xkRItcEnrMHGrVgyR58xFOQcPTTi_TMgtSmBKlg==
date
Fri, 27 Dec 2024 06:42:34 GMT
content-type
image/png
vary
accept-encoding
last-modified
Mon, 10 Jul 2023 13:32:20 GMT
cache-control
max-age=31536000
via
1.1 dc468f8259c800daf36aec7b41b2dac8.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
50083
x-amz-cf-pop
FRA60-P7
server
AmazonS3
x-amz-server-side-encryption
AES256
Banner-Widget-Ad_-Drug-Report_2024_EN.jpg
www.benefitscanada.com/wp-content/uploads/sites/7/2024/12/
53 KB
54 KB
Image
General
Full URL
https://www.benefitscanada.com/wp-content/uploads/sites/7/2024/12/Banner-Widget-Ad_-Drug-Report_2024_EN.jpg
Requested by
Host: www.benefitscanada.com
URL: https://www.benefitscanada.com/writer/benefits-canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-53.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e167dc251881987ee75529e941a9ae0a02ef0df1e89ec7c68371bd08102bd434

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/writer/benefits-canada/

Response headers

x-amz-version-id
415xIiZ_HsRYPAGZk72oq2vf7R6Hfzki
etag
"5c6677d0be5e4d8330d89062a4a0b52b"
age
435083
expires
Fri, 05 Dec 2025 13:38:05 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
dHg_EonKzY13htPhpkGCHH-WdKkqQefGn2lAns0E0HXoX2UMzB5DRw==
date
Sun, 22 Dec 2024 10:34:58 GMT
content-type
image/jpeg
vary
accept-encoding
last-modified
Thu, 05 Dec 2024 13:38:06 GMT
cache-control
max-age=31536000
via
1.1 dc468f8259c800daf36aec7b41b2dac8.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
54589
x-amz-cf-pop
FRA60-P7
server
AmazonS3
x-amz-server-side-encryption
AES256
FoW-2024-assets-ads_HomepageWidget-RTR.jpg
www.benefitscanada.com/wp-content/uploads/sites/7/2024/12/
64 KB
64 KB
Image
General
Full URL
https://www.benefitscanada.com/wp-content/uploads/sites/7/2024/12/FoW-2024-assets-ads_HomepageWidget-RTR.jpg
Requested by
Host: www.benefitscanada.com
URL: https://www.benefitscanada.com/writer/benefits-canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-53.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9fcc88665542ce8e1896e32253a821bd29130033649553ce8b90f7da0b3993c1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/writer/benefits-canada/

Response headers

x-amz-version-id
RnYnWUqN8mI.omr8.PoyD06c3zdmFE0d
etag
"56637d843c8db48f0867b0fd475e95ce"
age
182572
expires
Wed, 10 Dec 2025 15:21:42 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
Qy3vHAfzlzEXH-1q0d91o3DqLK-Gef4V3IXGiANemfMCdSVfjPGFVQ==
date
Wed, 25 Dec 2024 08:43:29 GMT
content-type
image/jpeg
vary
accept-encoding
last-modified
Tue, 10 Dec 2024 15:21:43 GMT
cache-control
max-age=31536000
via
1.1 dc468f8259c800daf36aec7b41b2dac8.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
65311
x-amz-cf-pop
FRA60-P7
server
AmazonS3
x-amz-server-side-encryption
AES256
CAP2024_Homepage-Widget2.jpg
www.benefitscanada.com/wp-content/uploads/sites/7/2024/11/
48 KB
49 KB
Image
General
Full URL
https://www.benefitscanada.com/wp-content/uploads/sites/7/2024/11/CAP2024_Homepage-Widget2.jpg
Requested by
Host: www.benefitscanada.com
URL: https://www.benefitscanada.com/writer/benefits-canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-53.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b63747ef28e7986008f9a9c7e7150e7e8a2120471e5bef415a987a474f4af53c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/writer/benefits-canada/

Response headers

x-amz-version-id
pFzkCiQRZ7JJvkpbxgLsY_gbRvuFJIqz
etag
"478ffcd396d77babe9b83bd1a65eb0a1"
age
182572
expires
Wed, 10 Dec 2025 15:57:01 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
7TdDwI76B15KxBGWfJaMJrh1lvfLjV3X2IkpMRZVavR_KdSHk42fiw==
date
Wed, 25 Dec 2024 08:43:29 GMT
content-type
image/jpeg
vary
accept-encoding
last-modified
Tue, 10 Dec 2024 15:57:02 GMT
cache-control
max-age=31536000
via
1.1 dc468f8259c800daf36aec7b41b2dac8.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
49257
x-amz-cf-pop
FRA60-P7
server
AmazonS3
x-amz-server-side-encryption
AES256
PSGC-345x150-v2.jpg
www.benefitscanada.com/wp-content/uploads/sites/7/2024/11/
23 KB
24 KB
Image
General
Full URL
https://www.benefitscanada.com/wp-content/uploads/sites/7/2024/11/PSGC-345x150-v2.jpg
Requested by
Host: www.benefitscanada.com
URL: https://www.benefitscanada.com/writer/benefits-canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-53.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7688da38c7dd3e2c8876bae066a9e763bbf45247723458aa0174c3d9a2b5a796

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/writer/benefits-canada/

Response headers

x-amz-version-id
ZBCZJUiTbngQqy6.YFzTz8BTO2DGor1B
etag
"8c490733d88debe531f90045a850c2bb"
age
201843
expires
Wed, 03 Dec 2025 16:59:17 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
zM75n64cNlpBIh_XyEnDbfN-uj_f6HMWQpC4XLKhLJhhWNT_b8dsSw==
date
Wed, 25 Dec 2024 03:22:18 GMT
content-type
image/jpeg
vary
accept-encoding
last-modified
Tue, 03 Dec 2024 16:59:18 GMT
cache-control
max-age=31536000
via
1.1 dc468f8259c800daf36aec7b41b2dac8.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
23898
x-amz-cf-pop
FRA60-P7
server
AmazonS3
x-amz-server-side-encryption
AES256
BCHS-Report-2024-ENG-homepage-widget-345x150.jpg
www.benefitscanada.com/wp-content/uploads/sites/7/2024/05/
30 KB
31 KB
Image
General
Full URL
https://www.benefitscanada.com/wp-content/uploads/sites/7/2024/05/BCHS-Report-2024-ENG-homepage-widget-345x150.jpg
Requested by
Host: www.benefitscanada.com
URL: https://www.benefitscanada.com/writer/benefits-canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-53.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c62255a9595ac60ffffcb56b75fa9848fcac7e339d230f6e78bad651ed63c3a5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/writer/benefits-canada/

Response headers

x-amz-version-id
ldXwP_.P4AfTMjZr0o4YHnhXi7r8AhIV
etag
"5d5dfd5122cf5ce8f81b8f37f83d70a6"
age
182573
expires
Wed, 03 Dec 2025 17:03:21 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
OXOKdoZndstdsmqEhsamAZAsQgLXcmlq9LepAJ4wqUpbv_14UgR02Q==
date
Wed, 25 Dec 2024 08:43:29 GMT
content-type
image/jpeg
vary
accept-encoding
last-modified
Tue, 03 Dec 2024 17:03:22 GMT
cache-control
max-age=31536000
via
1.1 dc468f8259c800daf36aec7b41b2dac8.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
31111
x-amz-cf-pop
FRA60-P7
server
AmazonS3
x-amz-server-side-encryption
AES256
2024-Money-Managers-ready_widget-viewdirectory.png
www.benefitscanada.com/wp-content/uploads/sites/7/2020/12/
56 KB
57 KB
Image
General
Full URL
https://www.benefitscanada.com/wp-content/uploads/sites/7/2020/12/2024-Money-Managers-ready_widget-viewdirectory.png
Requested by
Host: www.benefitscanada.com
URL: https://www.benefitscanada.com/writer/benefits-canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-53.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
68bf4e40e33fb95ebe16b7d4335a7b46cd28d446d0beff0f900c6ff15550c3be

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/writer/benefits-canada/

Response headers

x-amz-version-id
PgzTNGGQ4pGvtl10BlNHmhZAzAd5KKHC
etag
"a3c0c3300a309c0aab39364a80b7f1e7"
age
363199
expires
Tue, 18 Nov 2025 18:20:38 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
BQgTmX9DhNpLadBBopx3RgmBqbbGO5zsq8UnKHLDC4oKPP7XCO0y8g==
date
Mon, 23 Dec 2024 06:33:03 GMT
content-type
image/png
vary
accept-encoding
last-modified
Mon, 18 Nov 2024 18:20:39 GMT
cache-control
max-age=31536000
via
1.1 dc468f8259c800daf36aec7b41b2dac8.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
57478
x-amz-cf-pop
FRA60-P7
server
AmazonS3
x-amz-server-side-encryption
AES256
LOGO-Acquizition-blanc.png
www.benefitscanada.com/wp-content/uploads/sites/7/2023/06/
6 KB
6 KB
Image
General
Full URL
https://www.benefitscanada.com/wp-content/uploads/sites/7/2023/06/LOGO-Acquizition-blanc.png
Requested by
Host: www.benefitscanada.com
URL: https://www.benefitscanada.com/writer/benefits-canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-53.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
59dad5a09fa6be9c1a998f2a899ef182de3e1d204d5b2e5dd72c41b6317d1995

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/writer/benefits-canada/

Response headers

x-amz-version-id
XP4mxuzIBu9ws9PGkgOGMm11iC8rxxFX
etag
"863295195815740554439e9d700dbc2d"
age
115544
expires
Wed, 05 Jun 2024 13:51:46 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
8S17UGJCbFsbU_A283PM9PGoXBUayjm5KI4T06wT7Ye8mZRRuodsOA==
date
Thu, 26 Dec 2024 03:20:38 GMT
content-type
image/png
vary
accept-encoding
last-modified
Tue, 06 Jun 2023 13:51:47 GMT
cache-control
max-age=31536000
via
1.1 dc468f8259c800daf36aec7b41b2dac8.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
6075
x-amz-cf-pop
FRA60-P7
server
AmazonS3
x-amz-server-side-encryption
AES256
Avantages_2012w.png
www.benefitscanada.com/wp-content/uploads/sites/7/2019/06/
7 KB
7 KB
Image
General
Full URL
https://www.benefitscanada.com/wp-content/uploads/sites/7/2019/06/Avantages_2012w.png
Requested by
Host: www.benefitscanada.com
URL: https://www.benefitscanada.com/writer/benefits-canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-53.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
14466f041b4b990865284bd6eb409aed61ebf2fa42ae0dbc3b467ab95146d71c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/writer/benefits-canada/

Response headers

x-amz-version-id
null
etag
"451e6e18eafdc309d1237697344fde13"
age
92824
expires
Thu, 25 Jun 2020 13:06:42 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
LdFoJ_QbwTpdm8eH8WR_OfYQ3_5obxP47yxEhGc0E1jAOrQY44seEA==
date
Thu, 26 Dec 2024 09:39:18 GMT
content-type
image/png
last-modified
Wed, 26 Jun 2019 13:06:43 GMT
vary
accept-encoding
cache-control
max-age=31536000
via
1.1 dc468f8259c800daf36aec7b41b2dac8.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
6948
x-amz-cf-pop
FRA60-P7
server
AmazonS3
BenefitsCanada-Logo-White.png
www.benefitscanada.com/wp-content/uploads/sites/7/2019/08/
7 KB
7 KB
Image
General
Full URL
https://www.benefitscanada.com/wp-content/uploads/sites/7/2019/08/BenefitsCanada-Logo-White.png
Requested by
Host: www.benefitscanada.com
URL: https://www.benefitscanada.com/writer/benefits-canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-53.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8f42cfa3c8ef87f84cbf220cab248f0c451f3ac31411e0240f1f3cf4bd2e85c7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/writer/benefits-canada/

Response headers

x-amz-version-id
null
etag
"1796a1f8e64abf557181b1ba1743e398"
age
201844
expires
Wed, 12 Aug 2020 16:51:05 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
KX2zP6A9lpTyOxLphvAKNxsq0AsdgXMS-V1Y29FdhdhfBC9BlXw1oA==
date
Wed, 25 Dec 2024 03:22:18 GMT
content-type
image/png
last-modified
Tue, 13 Aug 2019 16:51:06 GMT
vary
accept-encoding
cache-control
max-age=31536000
via
1.1 dc468f8259c800daf36aec7b41b2dac8.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
7141
x-amz-cf-pop
FRA60-P7
server
AmazonS3
CIIN-logo.png
www.benefitscanada.com/wp-content/uploads/sites/7/2019/09/
57 KB
58 KB
Image
General
Full URL
https://www.benefitscanada.com/wp-content/uploads/sites/7/2019/09/CIIN-logo.png
Requested by
Host: www.benefitscanada.com
URL: https://www.benefitscanada.com/writer/benefits-canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-53.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e9ad5f2249841dc7d21706f582f33dc92bfd3629abe38db96a02226bf45fa003

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/writer/benefits-canada/

Response headers

cache-control
max-age=31536000
etag
"58c1ef865c9fff36ffdcc4c8e5956df8"
x-amz-version-id
null
age
531548
via
1.1 dc468f8259c800daf36aec7b41b2dac8.cloudfront.net (CloudFront)
expires
Thu, 03 Sep 2020 17:51:07 GMT
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
58456
x-amz-cf-id
xnw5VNNhIw4HKcUvkKo2fzK-MEHT8xMsGDeQwTVRvJuHKlkNV7hH_Q==
date
Sat, 21 Dec 2024 07:47:14 GMT
content-type
image/png
last-modified
Wed, 04 Sep 2019 17:51:08 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
CIR_Logo_Horizontal_CMYK_white.png
www.benefitscanada.com/wp-content/uploads/sites/7/2019/09/
20 KB
21 KB
Image
General
Full URL
https://www.benefitscanada.com/wp-content/uploads/sites/7/2019/09/CIR_Logo_Horizontal_CMYK_white.png
Requested by
Host: www.benefitscanada.com
URL: https://www.benefitscanada.com/writer/benefits-canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-53.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e81f118d334e426146c5b6e3c672d89309e45d448e35f9e0c8f28c0c82f8cc1f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/writer/benefits-canada/

Response headers

x-amz-version-id
null
etag
"d183acd54411b3523b3d238f1c087779"
age
465879
expires
Tue, 08 Sep 2020 17:28:15 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
8nxRJ_BaPslrU016dybukFCVPRQXMINKd6fV0pvP31kHxak5Sti2ZA==
date
Sun, 22 Dec 2024 02:01:43 GMT
content-type
image/png
last-modified
Mon, 09 Sep 2019 17:28:16 GMT
vary
accept-encoding
cache-control
max-age=31536000
via
1.1 dc468f8259c800daf36aec7b41b2dac8.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
20654
x-amz-cf-pop
FRA60-P7
server
AmazonS3
DI.Journey-min.js
t.ofsys.com/js/Journey/1/AAQAAGxhWkhJcHscAABORDBkbnhKAgAA/
41 KB
41 KB
Script
General
Full URL
https://t.ofsys.com/js/Journey/1/AAQAAGxhWkhJcHscAABORDBkbnhKAgAA/DI.Journey-min.js
Requested by
Host: www.benefitscanada.com
URL: https://www.benefitscanada.com/writer/benefits-canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
208.91.248.5 , Canada, ASN46095 (RSI-CA-SITE1, CA),
Reverse DNS
smtp.repsolution.com
Software
/
Resource Hash
5b0fd74211eef1d87a6250d7f038e478369c43e77c0c3c4115cd29503daaf13f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

cache-control
max-age=900
date
Fri, 27 Dec 2024 11:26:20 GMT
etag
"56063464"
content-type
application/javascript
server
sow-image-default-31c423e8ff7c.css
www.benefitscanada.com/wp-content/uploads/sites/7/siteorigin-widgets/
332 B
712 B
Stylesheet
General
Full URL
https://www.benefitscanada.com/wp-content/uploads/sites/7/siteorigin-widgets/sow-image-default-31c423e8ff7c.css
Requested by
Host: www.benefitscanada.com
URL: https://www.benefitscanada.com/writer/benefits-canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-53.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
02e6ce06aa80e54396627815bf290251527c866c95af067359f5ef70027fe16f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/writer/benefits-canada/

Response headers

x-amz-version-id
Q9LWZQ1sUv9B0nutYdkutHhdhtlEIyxH
etag
"2b9b5a5228757a3216b154ee13b9f3d5"
via
1.1 dc468f8259c800daf36aec7b41b2dac8.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
RefreshHit from cloudfront
content-length
332
x-amz-cf-id
VOLr_lSS_hi-6pLLEx_vFHTBYzzJ8ThHqdolYe_znNGyr2JeKG1oEQ==
date
Fri, 27 Dec 2024 11:26:22 GMT
content-type
text/css
last-modified
Mon, 16 Aug 2021 17:14:51 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
vary
accept-encoding
front-flex.min-2.15.0.css
www.benefitscanada.com/wp-content/cache/busting/7/wp-content/plugins/siteorigin-panels/css/
1 KB
927 B
Stylesheet
General
Full URL
https://www.benefitscanada.com/wp-content/cache/busting/7/wp-content/plugins/siteorigin-panels/css/front-flex.min-2.15.0.css
Requested by
Host: www.benefitscanada.com
URL: https://www.benefitscanada.com/writer/benefits-canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-53.fra60.r.cloudfront.net
Software
Apache/2.4.61 (Amazon) PHP/7.1.33 /
Resource Hash
9043986fde648c179ce63d202242b956fe5bae1cbba32612c721e28aeeae65ab

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/writer/benefits-canada/

Response headers

content-encoding
gzip
age
17028
expires
Sat, 27 Dec 2025 06:42:33 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
G3YlB43qlQUpAXeLjC-0Cavd4vUKOasl1yKbgmytLTpcQq5h0eguLQ==
date
Fri, 27 Dec 2024 06:42:33 GMT
content-type
text/css; charset=utf-8
last-modified
Thu, 30 May 2024 17:58:30 GMT
vary
Accept-Encoding
cache-control
max-age=31536000, public
via
1.1 dc468f8259c800daf36aec7b41b2dac8.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
485
x-amz-cf-pop
FRA60-P7
server
Apache/2.4.61 (Amazon) PHP/7.1.33
vendors.min.js
www.benefitscanada.com/wp-content/themes/avatar-tcm/assets/javascripts/
76 KB
21 KB
Script
General
Full URL
https://www.benefitscanada.com/wp-content/themes/avatar-tcm/assets/javascripts/vendors.min.js
Requested by
Host: www.benefitscanada.com
URL: https://www.benefitscanada.com/writer/benefits-canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-53.fra60.r.cloudfront.net
Software
Apache/2.4.61 (Amazon) PHP/7.1.33 /
Resource Hash
fad6921438493bdaccf27caa773ed5a79e7a1498b4c8d1a23ccb620e6d8c4dbf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/writer/benefits-canada/

Response headers

content-encoding
gzip
age
22452
expires
Sun, 26 Jan 2025 05:12:09 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
17PQNbaRFSquOTe2hNbKrSqBn7i5QnzFmKTcWCZ7xVL6C3n7wKjQVw==
date
Fri, 27 Dec 2024 05:12:09 GMT
content-type
text/javascript; charset=utf-8
last-modified
Thu, 21 Nov 2024 15:26:06 GMT
vary
Accept-Encoding
cache-control
max-age=2592000, public
via
1.1 dc468f8259c800daf36aec7b41b2dac8.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
21266
x-amz-cf-pop
FRA60-P7
server
Apache/2.4.61 (Amazon) PHP/7.1.33
main.min.js
www.benefitscanada.com/wp-content/themes/avatar-tcm/assets/javascripts/
12 KB
4 KB
Script
General
Full URL
https://www.benefitscanada.com/wp-content/themes/avatar-tcm/assets/javascripts/main.min.js
Requested by
Host: www.benefitscanada.com
URL: https://www.benefitscanada.com/writer/benefits-canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-53.fra60.r.cloudfront.net
Software
Apache/2.4.61 (Amazon) PHP/7.1.33 /
Resource Hash
ee30dfefc3b21776329dcdcc03bd10c08b79afadcae7dfbd2df9bad0319767fb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/writer/benefits-canada/

Response headers

content-encoding
gzip
age
387
expires
Sun, 26 Jan 2025 11:19:54 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
9GfaIzb5i0kC6yvfDVZSpXl9HbutJ4XhJAQ_EdAZOyt51M4YYAvsyA==
date
Fri, 27 Dec 2024 11:19:54 GMT
content-type
text/javascript; charset=utf-8
last-modified
Thu, 21 Nov 2024 15:26:06 GMT
vary
Accept-Encoding
cache-control
max-age=2592000, public
via
1.1 dc468f8259c800daf36aec7b41b2dac8.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
3766
x-amz-cf-pop
FRA60-P7
server
Apache/2.4.61 (Amazon) PHP/7.1.33
css
fonts.googleapis.com/
7 KB
850 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700
Requested by
Host: www.benefitscanada.com
URL: https://www.benefitscanada.com/wp-content/cache/busting/7/wp-content/themes/avatar-tcm/style-2.4.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f10.1e100.net
Software
ESF /
Resource Hash
7eecf8c320d4d1920c95d44aca1c8a01fc0cb1905bf0101168ae27cc3ce4af75
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 27 Dec 2024 11:26:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Dec 2024 11:26:21 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 27 Dec 2024 11:15:44 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css
fonts.googleapis.com/
10 KB
996 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Tinos:400,400i,700,700i
Requested by
Host: www.benefitscanada.com
URL: https://www.benefitscanada.com/wp-content/cache/busting/7/wp-content/themes/avatar-tcm/style-2.4.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f10.1e100.net
Software
ESF /
Resource Hash
ae311b8c4eb7ed5fe00bf8ec810b91abfa620a1f80529e9223573e5eb653d013
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 27 Dec 2024 11:26:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Dec 2024 11:26:21 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 27 Dec 2024 11:26:21 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css
fonts.googleapis.com/
4 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700
Requested by
Host: www.benefitscanada.com
URL: https://www.benefitscanada.com/wp-content/cache/busting/7/wp-content/themes/avatar-tcm/style-2.4.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f10.1e100.net
Software
ESF /
Resource Hash
32f95e06752eed31f536332c3d257e10241239d70e322c54bfa75faaba09ab53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 27 Dec 2024 11:26:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Dec 2024 11:26:21 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 27 Dec 2024 11:04:13 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css
fonts.googleapis.com/
3 KB
546 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Libre+Baskerville:400,400i,700
Requested by
Host: www.benefitscanada.com
URL: https://www.benefitscanada.com/wp-content/cache/busting/7/wp-content/themes/avatar-tcm/style-2.4.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f10.1e100.net
Software
ESF /
Resource Hash
9c6300006e335b8dcf2356e3a233ed56756c451d43d324dc76d5c4d92e70d9b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 27 Dec 2024 11:26:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Dec 2024 11:26:21 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 27 Dec 2024 11:26:21 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
gtm.js
www.googletagmanager.com/
231 KB
82 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KX3CRJW
Requested by
Host: www.benefitscanada.com
URL: https://www.benefitscanada.com/writer/benefits-canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
de454974348d52e58388ed39043e269d47893dbfdb5eabcccc6f5e39f91536c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Fri, 27 Dec 2024 11:26:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Dec 2024 11:26:21 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 27 Dec 2024 09:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
82865
x-xss-protection
0
server
Google Tag Manager
gtm.js
www.googletagmanager.com/
300 KB
103 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NDQKHZN
Requested by
Host: www.benefitscanada.com
URL: https://www.benefitscanada.com/writer/benefits-canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
388c5b3c15dc5ae3068a6462be140928672200a28eaf9d592f28e9bd5eb54e8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Fri, 27 Dec 2024 11:26:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Dec 2024 11:26:21 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 27 Dec 2024 09:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
105272
x-xss-protection
0
server
Google Tag Manager
truncated
/
35 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a3479b45d477eb8429f4be8a396050d90f894559a72068ec3593ec43f586d138

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/gif
insight.min.js
snap.licdn.com/li.lms-analytics/
19 KB
8 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.benefitscanada.com
URL: https://www.benefitscanada.com/writer/benefits-canada/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.164.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-16-164-10.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6c0d4e3bd890a4bf01c9a301d3e3ff127af22636c4f94250cc230815eb701593
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

vary
Accept-Encoding
cache-control
max-age=8920
content-encoding
gzip
x-cdn
AKAM
x-content-type-options
nosniff
accept-ranges
bytes
content-length
7404
date
Fri, 27 Dec 2024 11:26:21 GMT
last-modified
Wed, 18 Dec 2024 09:08:52 GMT
content-type
application/javascript;charset=utf-8
x-edgeconnect-midmile-rtt
0, 0
x-edgeconnect-origin-mex-latency
470, 470
x-amz-server-side-encryption
AES256
uwt.js
static.ads-twitter.com/
57 KB
16 KB
Script
General
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.benefitscanada.com
URL: https://www.benefitscanada.com/writer/benefits-canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d4963b8afebfa0063b5d17b4c80f49bce702a37ea5c9b91bb3c996bb9dea4b60

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

vary
Accept-Encoding,Host
cache-control
no-cache
content-encoding
gzip
etag
"4328e910de583ad53b3a7a76455af005+gzip+gzip"
accept-ranges
bytes
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
15926
date
Fri, 27 Dec 2024 11:26:21 GMT
x-tw-cdn
FT
last-modified
Tue, 29 Oct 2024 20:04:45 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-iad-kcgs7200099-IAD, cache-muc13940-MUC
x-amz-server-side-encryption
AES256
fontawesome-webfont.woff2
www.benefitscanada.com/wp-content/themes/avatar-tcm/assets/fonts/
75 KB
76 KB
Font
General
Full URL
https://www.benefitscanada.com/wp-content/themes/avatar-tcm/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: www.benefitscanada.com
URL: https://www.benefitscanada.com/wp-content/cache/busting/7/wp-content/themes/avatar-tcm/assets/css/vendors.min-1.0.2.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-53.fra60.r.cloudfront.net
Software
Apache/2.4.61 (Amazon) PHP/7.1.33 /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.benefitscanada.com
Referer
https://www.benefitscanada.com/wp-content/cache/busting/7/wp-content/themes/avatar-tcm/assets/css/vendors.min-1.0.2.css

Response headers

cache-control
max-age=2592000
content-encoding
gzip
age
71627
via
1.1 dc468f8259c800daf36aec7b41b2dac8.cloudfront.net (CloudFront)
expires
Sat, 25 Jan 2025 15:32:34 GMT
accept-ranges
bytes
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-id
phdZCAU6C7DkZIGRxHn3JXFVZZqtTO5eR9BKwIbFCOJjOJ5C7Yz2EA==
date
Thu, 26 Dec 2024 15:32:34 GMT
last-modified
Thu, 21 Nov 2024 15:26:06 GMT
vary
Accept-Encoding
server
Apache/2.4.61 (Amazon) PHP/7.1.33
x-amz-cf-pop
FRA60-P7
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.benefitscanada.com
Referer
https://fonts.googleapis.com/

Response headers

age
267603
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 24 Dec 2025 09:06:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Dec 2024 09:06:18 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18536
x-xss-protection
0
server
sffe
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.benefitscanada.com
Referer
https://fonts.googleapis.com/

Response headers

age
177315
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 25 Dec 2025 10:11:06 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 25 Dec 2024 10:11:06 GMT
last-modified
Thu, 01 Aug 2024 20:41:21 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18596
x-xss-protection
0
server
sffe
kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2
fonts.gstatic.com/s/librebaskerville/v14/
26 KB
27 KB
Font
General
Full URL
https://fonts.gstatic.com/s/librebaskerville/v14/kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Libre+Baskerville:400,400i,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
6c6c9c3fad669c3d32227f5cc3467735c8211ddcf4f8c184c2e62e7f3ef7af44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.benefitscanada.com
Referer
https://fonts.googleapis.com/

Response headers

age
266939
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 24 Dec 2025 09:17:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Dec 2024 09:17:22 GMT
last-modified
Tue, 26 Apr 2022 16:42:07 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
27120
x-xss-protection
0
server
sffe
lazyload-10.3.5.min.js
www.benefitscanada.com/wp-content/plugins/wp-rocket/inc/front/js/
3 KB
2 KB
Script
General
Full URL
https://www.benefitscanada.com/wp-content/plugins/wp-rocket/inc/front/js/lazyload-10.3.5.min.js
Requested by
Host: www.benefitscanada.com
URL: https://www.benefitscanada.com/writer/benefits-canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-53.fra60.r.cloudfront.net
Software
Apache/2.4.61 (Amazon) PHP/7.1.33 /
Resource Hash
1f01c860bdb5390bf81294d8b174c53072f9b9fe6ec5e7e3ac675329f1faca81

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/writer/benefits-canada/

Response headers

content-encoding
gzip
age
46413
expires
Sat, 25 Jan 2025 22:32:48 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
OMm2C60dY2kIn1qk5uaQEZZr9eLWjpS1IrkJX8SQavla5yufpVODgQ==
date
Thu, 26 Dec 2024 22:32:48 GMT
content-type
text/javascript; charset=utf-8
last-modified
Thu, 21 Nov 2024 15:26:05 GMT
vary
Accept-Encoding
cache-control
max-age=2592000, public
via
1.1 dc468f8259c800daf36aec7b41b2dac8.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
1439
x-amz-cf-pop
FRA60-P7
server
Apache/2.4.61 (Amazon) PHP/7.1.33
recaptcha__pl.js
www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/
549 KB
218 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__pl.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f195.1e100.net
Software
sffe /
Resource Hash
a8f2291cb89b7db024218d504d170b58bf2e1f52636ecd8f507b935bb55cd313
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.benefitscanada.com
Referer
https://www.benefitscanada.com/

Response headers

content-encoding
gzip
age
188188
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Thu, 25 Dec 2025 07:09:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 25 Dec 2024 07:09:53 GMT
last-modified
Tue, 10 Dec 2024 23:05:10 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
222967
x-xss-protection
0
server
sffe
insight.old.min.js
snap.licdn.com/li.lms-analytics/
40 KB
14 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.164.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-16-164-10.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

cache-control
max-age=66920
content-encoding
gzip
x-cdn
AKAM
x-content-type-options
nosniff
accept-ranges
bytes
content-length
14628
date
Fri, 27 Dec 2024 11:26:21 GMT
last-modified
Mon, 02 Dec 2024 10:13:56 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
adsct
t.co/1/i/
43 B
628 B
Image
General
Full URL
https://t.co/1/i/adsct?bci=4&dv=Europe%2FWarsaw%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2628%2624%261600%261200%260%26na&eci=3&event=%7B%7D&event_id=46336875-ea3f-4084-8f5e-8acb3c868af6&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=b42da10a-9b3e-46d3-8726-e43931d24406&tw_document_href=https%3A%2F%2Fwww.benefitscanada.com%2Fwriter%2Fbenefits-canada%2F&tw_iframe_status=0&txn_id=o1pev&type=javascript&version=2.3.31
Requested by
Host: www.benefitscanada.com
URL: https://www.benefitscanada.com/writer/benefits-canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.140.229 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

strict-transport-security
max-age=0
x-transaction-id
79db573cc3515406
cache-control
no-cache, no-store, max-age=0
x-connection-hash
c46ade8df7458a25454d6c54fb65fee27a71dfec03b6e925a3e170e626d5fd9f
cf-cache-status
DYNAMIC
cf-ray
8f88f4899b630278-WAW
x-response-time
168
content-length
43
date
Fri, 27 Dec 2024 11:26:21 GMT
content-type
image/gif;charset=utf-8
perf
7402827104
server
cloudflare tsa_o
adsct
analytics.twitter.com/1/i/
43 B
723 B
Image
General
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&dv=Europe%2FWarsaw%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2628%2624%261600%261200%260%26na&eci=3&event=%7B%7D&event_id=46336875-ea3f-4084-8f5e-8acb3c868af6&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=b42da10a-9b3e-46d3-8726-e43931d24406&tw_document_href=https%3A%2F%2Fwww.benefitscanada.com%2Fwriter%2Fbenefits-canada%2F&tw_iframe_status=0&txn_id=o1pev&type=javascript&version=2.3.31
Requested by
Host: www.benefitscanada.com
URL: https://www.benefitscanada.com/writer/benefits-canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_f /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

strict-transport-security
max-age=631138519
x-transaction-id
bb637bacb16b5008
cache-control
no-cache, no-store, max-age=0
x-connection-hash
55385a9e119034736740d93288aa2fddae878cbe8286493480a45f8b1e534c69
x-response-time
113
content-length
43
date
Fri, 27 Dec 2024 11:26:21 GMT
perf
7402827104
content-type
image/gif;charset=utf-8
server
tsa_f
attribution_trigger
px.ads.linkedin.com/
2 B
814 B
XHR
General
Full URL
https://px.ads.linkedin.com/attribution_trigger?pid=1194292&time=1735298781572&url=https%3A%2F%2Fwww.benefitscanada.com%2Fwriter%2Fbenefits-canada%2F
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
*
Referer
https://www.benefitscanada.com/

Response headers

x-li-pop
afd-prod-lor1-x
content-encoding
gzip
x-fs-uuid
00062a3ebb7b7ef53ccdd1713411d880
x-msedge-ref
Ref A: C4D4B0EF8EE540EE9A6B8735AFF886A5 Ref B: WAW01EDGE0817 Ref C: 2024-12-27T11:26:21Z
x-li-fabric
prod-lor1
x-restli-protocol-version
1.0.0
access-control-allow-methods
GET, OPTIONS
x-li-uuid
AAYqPrt7fvU8zdFxNBHYgA==
x-li-proto
http/2
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Fri, 27 Dec 2024 11:26:22 GMT
content-type
application/json
access-control-allow-headers
*
collect
px.ads.linkedin.com/
0
667 B
Image
General
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1194292&time=1735298781572&url=https%3A%2F%2Fwww.benefitscanada.com%2Fwriter%2Fbenefits-canada%2F
Requested by
Host: www.benefitscanada.com
URL: https://www.benefitscanada.com/writer/benefits-canada/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

linkedin-action
1
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: D350939EF8E14C08ABB90B658B593B69 Ref B: WAW01EDGE0213 Ref C: 2024-12-27T11:26:21Z
x-li-fabric
prod-lor1
x-li-uuid
AAYqPrt7g16hZXNUYgMmXA==
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
content-length
0
date
Fri, 27 Dec 2024 11:26:22 GMT
content-type
application/javascript
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KX3CRJW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

content-encoding
gzip
age
6161
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Fri, 27 Dec 2024 11:43:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Dec 2024 09:43:41 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
madops.js
rdc.m32.media/
66 KB
19 KB
Script
General
Full URL
https://rdc.m32.media/madops.js
Requested by
Host: www.benefitscanada.com
URL: https://www.benefitscanada.com/writer/benefits-canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
1c916f14b273797dc164fce9800eacfd2591d6e599de60eac112857db7452a50
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type
x-goog-hash
crc32c=IqwRzw==, md5=I4kFBy5BZj6yIWUr9N4CJw==
content-encoding
gzip
etag
"238905072e41663eb221652bf4de0227"
age
332093
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
67541
x-cache
HIT, HIT
date
Fri, 27 Dec 2024 11:26:22 GMT
last-modified
Thu, 17 Oct 2024 16:14:59 GMT
content-type
application/javascript
x-served-by
cache-yul1970025-YUL, cache-fra-eddf8230163-FRA
x-cache-hits
1593, 1
x-guploader-uploadid
AFiumC4wqLNU0Yr2dPjabxv9JzoXu1RKrnCHM80twV3wkV-2ig_nHujtHiLnKj4EEm-6yFEx
strict-transport-security
max-age=31557600
vary
Accept-Encoding
cache-control
public,max-age=600
x-goog-storage-class
STANDARD
x-timer
S1735298782.321799,VS0,VE1
via
1.1 varnish, 1.1 varnish
x-amz-checksum-crc32c
IqwRzw==
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1729181699803260
content-length
18600
server
UploadServer
js
www.googletagmanager.com/gtag/
223 KB
80 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-93098928-3
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KX3CRJW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
b6c3c89337916e4c2d5d435576bb846b74c7c2e513de77bccad3cb9b384f327f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 27 Dec 2024 11:26:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Dec 2024 11:26:21 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 27 Dec 2024 09:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
81502
x-xss-protection
0
server
Google Tag Manager
collect
www.google.com/ccm/
0
0
Ping
General
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwww.benefitscanada.com%2Fwriter%2Fbenefits-canada%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1418331068.1735298782&dt=Benefits%20Canada%20%7C%20Benefits%20Canada.com&auid=1607410899.1735298782&navt=n&npa=1&gtm=45He4cc1v9119776714za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&tft=1735298781654&tfd=2367&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDQKHZN
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

js
www.googletagmanager.com/gtag/
306 KB
104 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-D5M7SSGHRQ&l=dataLayer&cx=c&gtm=45He4cc1v9119776714za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDQKHZN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
f6a558dce3b339729183f567a919e3130e9b89cd444025d92f3a6b8a00a9b3a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 27 Dec 2024 11:26:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Dec 2024 11:26:21 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
106086
x-xss-protection
0
server
Google Tag Manager
sw_iframe.html
www.googletagmanager.com/static/service_worker/4cc0/ Frame 689A
0
0
Document
General
Full URL
https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fwww.benefitscanada.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDQKHZN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f8.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Fri, 27 Dec 2024 11:26:21 GMT
expires
Sat, 27 Dec 2025 11:26:21 GMT
last-modified
Thu, 12 Dec 2024 10:18:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/
287 KB
99 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-7S1N9SQ4FP&l=dataLayer&cx=c&gtm=457e4cc1za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-93098928-3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
f73ea78e735b93ca96e5a45559d37720b5714b8a4b83783b56d8c0a17c6e8805
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 27 Dec 2024 11:26:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Dec 2024 11:26:21 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
101127
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/
223 KB
80 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-2314729-4&l=dataLayer&cx=c&gtm=45He4cc1za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KX3CRJW
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
edce001694d4d2d9da43afb5adf31b984e14d32ffe4a5cc2ca68afc109f97f5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 27 Dec 2024 11:26:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Dec 2024 11:26:21 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 27 Dec 2024 09:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
81495
x-xss-protection
0
server
Google Tag Manager
m32pixel.min.js
rdc.m32.media/
21 KB
7 KB
Script
General
Full URL
https://rdc.m32.media/m32pixel.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KX3CRJW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
22de6e4042c182513a5612e20d9c7f41c6ef8b7829912a4eab0895dd3dea05a6
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type
x-goog-hash
crc32c=7Sb3Xw==, md5=eFbDB98pEDQBcSeAUnxztw==
content-encoding
gzip
etag
"7856c307df29103401712780527c73b7"
age
1896563
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
21764
x-cache
HIT, HIT
date
Fri, 27 Dec 2024 11:26:22 GMT
last-modified
Wed, 03 Apr 2024 04:29:51 GMT
content-type
application/javascript
x-served-by
cache-yul1970079-YUL, cache-fra-eddf8230163-FRA
x-cache-hits
242625, 0
x-guploader-uploadid
AHmUCY1m6GprEr72TmSfmscoNIRbW84PMyWiBj0xNrXnHO3hWdC8frci3Ycui5wyP3VpSO7QN0eUB6qB
strict-transport-security
max-age=31557600
vary
Accept-Encoding
cache-control
public,max-age=600
x-goog-storage-class
STANDARD
x-timer
S1735298782.321781,VS0,VE1
via
1.1 varnish, 1.1 varnish
x-amz-checksum-crc32c
7Sb3Xw==
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1712118591447468
content-length
6546
server
UploadServer
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-D5M7SSGHRQ&gtm=45je4cc1v9119786175z89119776714za200zb9119776714&_p=1735298781091&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1625987993.1735298782&ul=pl-pl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1735298781&sct=1&seg=0&dl=https%3A%2F%2Fwww.benefitscanada.com%2Fwriter%2Fbenefits-canada%2F&dt=Benefits%20Canada%20%7C%20Benefits%20Canada.com&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2619
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D5M7SSGHRQ&l=dataLayer&cx=c&gtm=45He4cc1v9119776714za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.benefitscanada.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Dec 2024 11:26:22 GMT
content-type
text/plain
server
Golfe2
js
www.googletagmanager.com/gtag/
288 KB
99 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2F1HV6LLNX&l=dataLayer&cx=c&gtm=457e4cc1za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-2314729-4&l=dataLayer&cx=c&gtm=45He4cc1za200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
4ab035b80d365410fc8f47d6095aa188d9359df15431a7382fda75e1532dc86f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 27 Dec 2024 11:26:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Dec 2024 11:26:22 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
101364
x-xss-protection
0
server
Google Tag Manager
analytics.js
www.google-analytics.com/
52 KB
0
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-2314729-4&l=dataLayer&cx=c&gtm=45He4cc1za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

content-encoding
gzip
age
6161
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Fri, 27 Dec 2024 11:43:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Dec 2024 09:43:41 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
/
px.ads.linkedin.com/wa/
0
202 B
XHR
General
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.benefitscanada.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
*
Content-Type
text/plain;charset=UTF-8

Response headers

linkedin-action
1
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: C8FA7AB39CA54E058F95B99F44FC199F Ref B: WAW01EDGE0213 Ref C: 2024-12-27T11:26:22Z
x-li-fabric
prod-lor1
access-control-allow-credentials
true
x-li-uuid
AAYqPrt/DTwSkcFCPnMHZA==
x-li-proto
http/2
access-control-allow-origin
https://www.benefitscanada.com
x-cache
CONFIG_NOCACHE
date
Fri, 27 Dec 2024 11:26:22 GMT
vary
Origin
placements
mia-placement-server.rubiconproject.com/
1 KB
1 KB
Fetch
General
Full URL
https://mia-placement-server.rubiconproject.com/placements?location=https%3A%2F%2Fwww.benefitscanada.com%2Fwriter%2Fbenefits-canada%2F&publisherId=66130&size=xl
Requested by
Host: s3.us-west-2.amazonaws.com
URL: https://s3.us-west-2.amazonaws.com/application-mia-player-prod.rubiconproject.com/pub.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.178.73 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-178-73.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
f97a5b4c573d798f1df2d041c5b4897f4419a1ebe1aeeeea66dba199e151fb18

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

access-control-allow-origin
*
content-length
1188
date
Fri, 27 Dec 2024 11:26:22 GMT
content-type
application/json
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
journey.gif
t.ofsys.com/C/AAQAAGxhWkhJcHscAABORDBkbnhKAgAA/1.00/2314662050/
43 B
113 B
Image
General
Full URL
https://t.ofsys.com/C/AAQAAGxhWkhJcHscAABORDBkbnhKAgAA/1.00/2314662050/journey.gif?cache=1735298782223&d=T0ZTWVNfQ3VycmVudFVSTA)aHR0cHM6Ly93d3cuYmVuZWZpdHNjYW5hZGEuY29tL3dyaXRlci9iZW5lZml0cy1jYW5hZGEv(U2NyZWVuSGVpZ2h0)MTIwMA(U2NyZWVuV2lkdGg)MTYwMA(T0ZTWVNfUmVmZXJyZXI)(dmlzaXRvcktleQ)YWxzNDNQTFc(dmlzaXRLZXk)RjBRWklSNzE
Requested by
Host: www.benefitscanada.com
URL: https://www.benefitscanada.com/writer/benefits-canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
208.91.248.5 , Canada, ASN46095 (RSI-CA-SITE1, CA),
Reverse DNS
smtp.repsolution.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

cache-control
no-cache
date
Fri, 27 Dec 2024 11:26:21 GMT
content-type
image/gif
server
collect
www.google-analytics.com/j/
15 B
439 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1962301575&t=pageview&_s=1&dl=https%3A%2F%2Fwww.benefitscanada.com%2Fwriter%2Fbenefits-canada%2F&ul=pl-pl&de=UTF-8&dt=Benefits%20Canada%20%7C%20Benefits%20Canada.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1259997637&gjid=960870669&cid=1625987993.1735298782&tid=UA-2314729-4&_gid=1569621663.1735298782&_r=1&_slc=1&gtm=45He4cc1n81KX3CRJWza200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&npa=1&z=244602956
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd70f295d943247d928b7277caae54a8b65ad72fb61b3bdd068b7bdeb0a4babd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.benefitscanada.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Dec 2024 11:26:22 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://www.benefitscanada.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
15
server
Golfe2
collect
www.google-analytics.com/j/
1 B
71 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1962301575&t=pageview&_s=1&dl=https%3A%2F%2Fwww.benefitscanada.com%2Fwriter%2Fbenefits-canada%2F&ul=pl-pl&de=UTF-8&dt=Benefits%20Canada%20%7C%20Benefits%20Canada.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=135413899&gjid=1736409271&cid=1625987993.1735298782&tid=UA-2314729-4&_gid=1569621663.1735298782&_r=1&gtm=457e4cc1za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&jsscut=1&npa=1&z=695579332
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.benefitscanada.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Dec 2024 11:26:22 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://www.benefitscanada.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
1
server
Golfe2
collect
region1.analytics.google.com/g/
0
0
Fetch
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-2F1HV6LLNX&gtm=45je4cc1v9136841413za200&_p=1735298781091&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1625987993.1735298782&ul=pl-pl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1735298782&sct=1&seg=0&dl=https%3A%2F%2Fwww.benefitscanada.com%2Fwriter%2Fbenefits-canada%2F&dt=Benefits%20Canada%20%7C%20Benefits%20Canada.com&en=page_view&_fv=1&_ss=1&tfd=3032
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2F1HV6LLNX&l=dataLayer&cx=c&gtm=457e4cc1za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.benefitscanada.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Dec 2024 11:26:22 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/
0
550 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-2F1HV6LLNX&cid=1625987993.1735298782&gtm=45je4cc1v9136841413za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2F1HV6LLNX&l=dataLayer&cx=c&gtm=457e4cc1za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.166.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wm-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.benefitscanada.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Dec 2024 11:26:22 GMT
content-type
text/plain
server
Golfe2
ga-audiences
www.google.pl/ads/
42 B
408 B
Image
General
Full URL
https://www.google.pl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-2F1HV6LLNX&cid=1625987993.1735298782&gtm=45je4cc1v9136841413za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tag_exp=101925629~102067555~102067808~102081485~102198178&z=102277628
Requested by
Host: www.benefitscanada.com
URL: https://www.benefitscanada.com/writer/benefits-canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Fri, 27 Dec 2024 11:26:22 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
custom.json
rdc.m32.media/adops/custom_files/benefitscanada.com/
1 KB
1 KB
XHR
General
Full URL
https://rdc.m32.media/adops/custom_files/benefitscanada.com/custom.json
Requested by
Host: rdc.m32.media
URL: https://rdc.m32.media/madops.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
ee0798be44b806894330095cdfb19fcb1357fe69074c53916cc2b6b0312813b3
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=0KgoZg==, md5=ILtuNJFMPUJxDYtULb9r3w==
content-encoding
gzip
etag
"20bb6e34914c3d42710d8b542dbf6bdf"
age
8004
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1532
x-cache
HIT, MISS
date
Fri, 27 Dec 2024 11:26:22 GMT
last-modified
Fri, 27 Dec 2024 09:04:31 GMT
content-type
application/json
x-served-by
cache-yul1970049-YUL, cache-fra-eddf8230024-FRA
x-cache-hits
20, 0
x-guploader-uploadid
AFiumC7etvFe6xbhX_iFvohAF0jKQEu27s0-eQnIP9QHEXYJ5tuzgSC5pRLOcSFAYMEvRVFD9IPoM0M
strict-transport-security
max-age=31557600
vary
Accept-Encoding
cache-control
public,max-age=600
x-goog-storage-class
STANDARD
x-timer
S1735298783.703880,VS0,VE267
via
1.1 varnish, 1.1 varnish
x-amz-checksum-crc32c
0KgoZg==
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1735290271982261
content-length
648
server
UploadServer
js
www.googletagmanager.com/gtag/
292 KB
101 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2F1HV6LLNX&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
fe1d5d222c1dc927b0bc621f7924082560e5fba582ad41079ead485f66f1852d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 27 Dec 2024 11:26:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Dec 2024 11:26:22 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
103152
x-xss-protection
0
server
Google Tag Manager
jsonp
sync.springserve.com/usersync/
61 B
481 B
Fetch
General
Full URL
https://sync.springserve.com/usersync/jsonp?callback=callback
Requested by
Host: s3.us-west-2.amazonaws.com
URL: https://s3.us-west-2.amazonaws.com/application-mia-player-prod.rubiconproject.com/pub.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.218.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-218-18.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
eddfaeb7f56dffed79667124c75b6a203a05e8d8db2bde7b491f6550f0ad740a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

access-control-allow-origin
https://www.benefitscanada.com
content-length
61
date
Fri, 27 Dec 2024 11:26:23 GMT
content-type
application/javascript
server
nginx
access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS
favicon.ico
www.benefitscanada.com/
0
367 B
Other
General
Full URL
https://www.benefitscanada.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-53.fra60.r.cloudfront.net
Software
Apache/2.4.61 (Amazon) PHP/7.1.33 / PHP/7.1.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/writer/benefits-canada/

Response headers

cache-control
max-age=2592000
age
6981
via
1.1 dc468f8259c800daf36aec7b41b2dac8.cloudfront.net (CloudFront)
expires
Sun, 26 Jan 2025 09:30:01 GMT
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
0
x-amz-cf-id
RyakG5sBHJdbLehmx0mQqn_q3yLan6ue6cjbQM1PdMvXDK6Usxx15Q==
date
Fri, 27 Dec 2024 09:30:01 GMT
content-type
image/vnd.microsoft.icon
x-powered-by
PHP/7.1.33
server
Apache/2.4.61 (Amazon) PHP/7.1.33
x-amz-cf-pop
FRA60-P7
vary
Accept-Encoding
/
fastlygeo.m32.media/
170 B
278 B
XHR
General
Full URL
https://fastlygeo.m32.media/
Requested by
Host: rdc.m32.media
URL: https://rdc.m32.media/m32pixel.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e488cf8d4cb19d9ee85312d8e4f3190db04cf4d68d432768d2eecbf89e7a3f9b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

retry-after
0
x-timer
S1735298783.996441,VS0,VE0
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT
content-length
170
date
Fri, 27 Dec 2024 11:26:22 GMT
content-type
application/json
x-served-by
cache-fra-eddf8230024-FRA
server
Varnish
x-cache-hits
0
gpt.js
securepubads.g.doubleclick.net/tag/js/
104 KB
33 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: rdc.m32.media
URL: https://rdc.m32.media/m32pixel.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
059c764bcf3fab3910992def832158fb331e8839fefb9f45559b18e23f8b9503
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

content-encoding
br
etag
753 / 20084 / m202412090101 / config-hash: 16775640167977932469
x-content-type-options
nosniff
expires
Fri, 27 Dec 2024 11:26:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Fri, 27 Dec 2024 11:26:23 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33566
x-xss-protection
0
server
cafe
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/
492 KB
153 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
04d85fdaa240e9c6964c1b3afe75b8802720a8d9a98e6c35f346f599b1113af4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

content-encoding
br
etag
5395541545685299795
age
29398
x-content-type-options
nosniff
expires
Sat, 27 Dec 2025 03:16:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Fri, 27 Dec 2024 03:16:25 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
156760
x-xss-protection
0
server
cafe
ssusersync
tv.springserve.com/
7 KB
7 KB
Fetch
General
Full URL
https://tv.springserve.com/ssusersync?gdpr=0&gdpr_consent=0&us_privacy=
Requested by
Host: s3.us-west-2.amazonaws.com
URL: https://s3.us-west-2.amazonaws.com/application-mia-player-prod.rubiconproject.com/pub.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.226.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-226-47.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a568b53ccfb8808dafbc0f6c0750a815a81e2416863c3351e8a27fba97947879

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

access-control-allow-origin
https://www.benefitscanada.com
content-length
7285
date
Fri, 27 Dec 2024 11:26:23 GMT
content-type
application/javascript
server
nginx
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/
63 KB
22 KB
Other
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/gpt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
4443559573512225521
age
40281
x-content-type-options
nosniff
expires
Sat, 28 Dec 2024 00:15:02 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Fri, 27 Dec 2024 00:15:02 GMT
content-type
text/plain; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=86400, stale-while-revalidate=7200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
22952
x-xss-protection
0
server
cafe
use-as-dictionary
match="/gampad/ads", id="m202412050101"
sodar
ep1.adtrafficquality.google/getconfig/
17 KB
13 KB
XHR
General
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202412090101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
cafe /
Resource Hash
764f809da072ef6fae19d0727215437d21edc57490aff840b04adb4190f6ba26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
13259
date
Fri, 27 Dec 2024 11:26:23 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
ads
pagead2.googlesyndication.com/gampad/
356 KB
36 KB
Fetch
General
Full URL
https://pagead2.googlesyndication.com/gampad/ads?pvsid=2749664817860991&correlator=2348774614558907&output=ldjh&gdfp_req=1&vrg=202412090101&ptt=17&impl=fifs&iu_parts=4916%2Ctc.en.eco.biz_benefitscanada%2Cbenefits-canada%2C-&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F3%2C%2F0%2F1%2F3%2C%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x250%7C980x200%7C970x60%7C980x60%2C300x250%2C300x1050%7C300x600%7C300x250%2C728x90%7C970x250%7C980x200%2C1x1&ifi=1&sfv=1-0-40&ists=1&eri=1&sc=1&abxe=1&dt=1735298783651&lmt=1735298725&adxs=230%2C1010%2C1010%2C230%2C0&adys=258%2C755%2C2231%2C2435%2C0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C2%7C0&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.benefitscanada.com%2Fwriter%2Fbenefits-canada%2F&vis=1&psz=1170x1%7C359x1%7C389x1821%7C1170x21%7C1600x3060&msz=728x90%7C300x0%7C389x1%7C728x90%7C0x-1&fws=132%2C128%2C128%2C132%2C128&ohw=728%2C0%2C0%2C728%2C0&topics=5&tps=5&htps=5&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1735298780387&idt=3139&prev_scp=pos%3Datf%2Cbut1%2Ctop_leaderboard%26tile%3D0%7Cpos%3Datf%2Cbut1%2Cright_bigbox%2Ctop_right_bigbox%26tile%3D1%7Cpos%3Dbtf%2Cbut1%2Cright_bigbox%2Ctop_right_bigbox%26tile%3D2%7Cpos%3Dbtf%2Cbut1%2Cbottom_leaderboard%26tile%3D3%7Cpos%3Datf%2Cbut1%2Ctop_leaderboard%26tile%3D4&cust_params=title%3DBenefits-Canada---Benefits-Can%26full_title%3DBenefits-Canada---Benefits-Canada-com%26title_40%3DBenefits-Canada---Benefits-Canada-com%26ai%3D27436%26pg%3Dsectionhome%26ss%3Dbenefits-canada%26avt-ad-code-site%3Dtc.en.eco.biz_benefitscanada%26avt-language%3Den_US%26avt-page-title%3DBenefits%2520Canada%26avt-url%3Dhttps%253A%252F%252Fwww.benefitscanada.com%252Fwriter%252Fbenefits-canada%26avt-device%3Ddesktop%26avt-page-type%3Dwriter%26PrimaryIAB%3DBusiness%2520and%2520Finance%26SecondaryIAB%3DBusiness&adks=2170329393%2C2251404300%2C2317544384%2C3403421946%2C1899948330&frm=20&eoidce=1&td=1&egid=10581&tan=8d9274da-04ee-4c3a-8daf-cf009defd76e%2C8d9274da-04ee-4c3a-8daf-cf009defd76f%2C8d9274da-04ee-4c3a-8daf-cf009defd770%2C8d9274da-04ee-4c3a-8daf-cf009defd771%2C8d9274da-04ee-4c3a-8daf-cf009defd772&tdf=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
caa01fd5b93edd1651ebe57ee99c52bd19ea53d3b055c00baa8afd3f789a0cdd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

content-encoding
br
google-lineitem-id
6860466400,6824655106,6767825519,6840929904,-2
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2,-2,-2,-2,-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 27 Dec 2024 11:26:24 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
138500493232,138500526751,138485351165,138497499156,-2
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.benefitscanada.com
content-length
36604
x-xss-protection
0
server
cafe
container.html
d51b26871f2acea15d86ac175bc4cda0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D33B
0
0
Document
General
Full URL
https://d51b26871f2acea15d86ac175bc4cda0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.benefitscanada.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 27 Dec 2024 11:26:24 GMT
expires
Fri, 27 Dec 2024 11:26:24 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
14048
rtb.gumgum.com/usync/ Frame 2EC1
0
0
Document
General
Full URL
https://rtb.gumgum.com/usync/14048?gdpr=0&gdpr_consent=0&us_privacy=&r=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D0%26gdpr_consent%3D0%26us_privacy%3D%26uuid%3D
Requested by
Host: www.benefitscanada.com
URL: https://www.benefitscanada.com/writer/benefits-canada/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.195.177.127 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-195-177-127.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
https://www.benefitscanada.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-length
0
date
Fri, 27 Dec 2024 11:26:24 GMT
etag
"0d41d8cd98f00b204e9800998ecf8427e"
server
nginx
timing-allow-origin
*
usermatch
ssum.casalemedia.com/ Frame FC90
0
0
Document
General
Full URL
https://ssum.casalemedia.com/usermatch?s=191709&gdpr=0&gdpr_consent=0&us_privacy=&cb=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000005%26gdpr%3D0%26gdpr_consent%3D0%26us_privacy%3D%26uuid%3D
Requested by
Host: www.benefitscanada.com
URL: https://www.benefitscanada.com/writer/benefits-canada/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.benefitscanada.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8f88f4989b38c3c4-WAW
content-encoding
br
content-type
text/html
date
Fri, 27 Dec 2024 11:26:24 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AkjMzSRONiGMl6RbQjViFzkuKkCYlJXfqhlYou7VnNQoAyNSgAC81J3KpYHiy9dhl1n%2BZM7RX1KwgMoDR726X%2FdCU%2B1N%2BJn1i0hUBp5K%2BYhgGuMgJjaD%2FjnzoQSfl7To%2F8rQhhUf"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 99BA
0
0
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=0&us_privacy=&predirect=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000010%26gdpr%3D0%26gdpr_consent%3D0%26us_privacy%3D%26uuid%3D
Requested by
Host: www.benefitscanada.com
URL: https://www.benefitscanada.com/writer/benefits-canada/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://www.benefitscanada.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=94254
content-encoding
gzip
content-length
6694
content-type
text/html
date
Fri, 27 Dec 2024 11:26:24 GMT
expires
Sat, 28 Dec 2024 13:37:18 GMT
last-modified
Wed, 13 Nov 2024 05:14:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
vid-io-dub.springserve.com/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000001%26gdpr%3D0%26gdpr_consent%3D0%26us_privacy%3D%26uuid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fvid-io-dub.springserve.com%252Fusersync%253Faid%253D1000001%2526gdpr%253D0%2526gdpr_consent%253D0%2526us_privacy%253D%2526uuid%253D%2524UID
  • https://vid-io-dub.springserve.com/usersync?aid=1000001&gdpr=0&gdpr_consent=0&us_privacy=&uuid=8204807367830100456
43 B
205 B
Image
General
Full URL
https://vid-io-dub.springserve.com/usersync?aid=1000001&gdpr=0&gdpr_consent=0&us_privacy=&uuid=8204807367830100456
Protocol
H2
Server
52.31.218.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-218-18.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

access-control-allow-origin
*
content-length
43
date
Fri, 27 Dec 2024 11:26:24 GMT
content-type
image/gif
server
nginx
access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS

Redirect headers

cache-control
no-store, no-cache, private
location
https://vid-io-dub.springserve.com/usersync?aid=1000001&gdpr=0&gdpr_consent=0&us_privacy=&uuid=8204807367830100456
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
146.70.161.163; 146.70.161.163; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
0f9bd08a-f029-4c6c-a4a9-1e42d3e9f48f
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Fri, 27 Dec 2024 11:26:24 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.23.4
syncb
sync.bfmio.com/
37 B
192 B
Image
General
Full URL
https://sync.bfmio.com/syncb?pid=111&gdpr=0&gdpr_consent=0&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.29.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-29-127.compute-1.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

Access-Control-Allow-Origin
*
Content-Length
37
Date
Fri, 27 Dec 2024 11:26:24 GMT
Content-Type
image/gif
Connection
keep-alive
um
cs.emxdgt.com/
0
44 B
Image
General
Full URL
https://cs.emxdgt.com/um?gdpr=0&gdpr_consent=0&us_privacy=&redirect=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000003%26gdpr%3D0%26gdpr_consent%3D0%26us_privacy%3D%26uuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.68.145.123 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-68-145-123.eu-central-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

date
Fri, 27 Dec 2024 11:26:24 GMT
server
awselb/2.0
sync
pixel.advertising.com/ups/58185/
0
0

prebid
rtb.openx.net/sync/
43 B
267 B
Image
General
Full URL
https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=0&us_privacy=&r=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000008%26gdpr%3D0%26gdpr_consent%3D0%26us_privacy%3D%26uuid%3D%24%7BUID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

cache-control
private, max-age=0, no-cache, must-revalidate
pragma
no-cache
x-forwarded-for
146.70.161.163
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 27 Dec 2024 11:26:23 GMT
content-type
image/gif
vary
Origin
ImgSync
image8.pubmatic.com/AdServer/
0
42 B
Image
General
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=157310&gdpr=0&gdpr_consent=0&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D157310%26gdpr%3DPM_GDPR%26gdpr_consent%3DPM_CONSENT%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync.springserve.com%252Fusersync%253Faid%253D1000010%2526uuid%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.214 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

date
Fri, 27 Dec 2024 11:26:22 GMT
content-length
0
usersync
vid-io-dub.springserve.com/
Redirect Chain
  • https://bh.contextweb.com/rtset?gdpr=0&gdpr_consent=0&us_privacy=&pid=561910&ev=1&rurl=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000011%26gdpr%3D0%26gdpr_consent%3D0%26us_privacy...
  • https://vid-io-dub.springserve.com/usersync?aid=1000011&gdpr=0&gdpr_consent=0&us_privacy=&uuid=hXOJ6aWSwkIX&ev=1&us_privacy=&gdpr_consent=0&pid=561910&gdpr=0
43 B
205 B
Image
General
Full URL
https://vid-io-dub.springserve.com/usersync?aid=1000011&gdpr=0&gdpr_consent=0&us_privacy=&uuid=hXOJ6aWSwkIX&ev=1&us_privacy=&gdpr_consent=0&pid=561910&gdpr=0
Protocol
H2
Server
52.31.218.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-218-18.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

access-control-allow-origin
*
content-length
43
date
Fri, 27 Dec 2024 11:26:24 GMT
content-type
image/gif
server
nginx
access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS

Redirect headers

cache-control
private, max-age=0, no-cache, no-store
location
https://vid-io-dub.springserve.com/usersync?aid=1000011&gdpr=0&gdpr_consent=0&us_privacy=&uuid=hXOJ6aWSwkIX&ev=1&us_privacy=&gdpr_consent=0&pid=561910&gdpr=0
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server
bh-deployment-798fbcd968-9fb85
expires
-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
pl-PL
server
Jetty(10.0.14)
usersync
vid-io-dub.springserve.com/
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?gdpr=0&gdpr_consent=0&us_privacy=&redir=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000012%26gdpr%3D0%26gdpr_consent%3D0%26us_privacy%3D%26uuid%...
  • https://sync.1rx.io/usersync2/rmphb?zcc=1&redir=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000012%26gdpr%3D0%26gdpr_consent%3D0%26us_privacy%3D%26uuid%3D%5BRX_UUID%5D&cb=173529878...
  • https://ad.turn.com/r/cs?pid=45&id=RX-03d708ee-3e19-4e46-a72c-47e102cb4783-003&rndcb=3073989508
  • https://sync.1rx.io/usersync/turn/3031319725204927714?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-03d708ee-3e19-4e46-a72c-47e102cb4783-003?redir=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000012%26gdpr%3D0%26gdpr_consent%3D0%26us...
  • https://vid-io-dub.springserve.com/usersync?aid=1000012&gdpr=0&gdpr_consent=0&us_privacy=&uuid=RX-03d708ee-3e19-4e46-a72c-47e102cb4783-003
43 B
205 B
Image
General
Full URL
https://vid-io-dub.springserve.com/usersync?aid=1000012&gdpr=0&gdpr_consent=0&us_privacy=&uuid=RX-03d708ee-3e19-4e46-a72c-47e102cb4783-003
Protocol
H2
Server
52.31.218.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-218-18.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

access-control-allow-origin
*
content-length
43
date
Fri, 27 Dec 2024 11:26:25 GMT
content-type
image/gif
server
nginx
access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS

Redirect headers

location
https://vid-io-dub.springserve.com/usersync?aid=1000012&gdpr=0&gdpr_consent=0&us_privacy=&uuid=RX-03d708ee-3e19-4e46-a72c-47e102cb4783-003
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
date
Fri, 27 Dec 2024 11:26:25 GMT
etag
RX03d708ee3e194e46a72c47e102cb4783003
content-type
text/html
usersync
vid-io-dub.springserve.com/
Redirect Chain
  • https://sync.go.sonobi.com/us.gif?gdpr=0&gdpr_consent=0&us_privacy=&loc=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000013%26gdpr%3D0%26gdpr_consent%3D0%26us_privacy%3D%26uuid%3D%5...
  • https://vid-io-dub.springserve.com/usersync?aid=1000013&gdpr=0&gdpr_consent=0&us_privacy=&uuid=6359173f-99fc-431c-a396-9c9691a6844e
43 B
205 B
Image
General
Full URL
https://vid-io-dub.springserve.com/usersync?aid=1000013&gdpr=0&gdpr_consent=0&us_privacy=&uuid=6359173f-99fc-431c-a396-9c9691a6844e
Protocol
H2
Server
52.31.218.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-218-18.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

access-control-allow-origin
*
content-length
43
date
Fri, 27 Dec 2024 11:26:24 GMT
content-type
image/gif
server
nginx
access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS

Redirect headers

cache-control
no-cache, no-store, private
location
https://vid-io-dub.springserve.com/usersync?aid=1000013&gdpr=0&gdpr_consent=0&us_privacy=&uuid=6359173f-99fc-431c-a396-9c9691a6844e
pragma
no-cache
expires
Sat, 26 Jul 1997 05:00:00 GMT
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date
Fri, 27 Dec 2024 11:26:24 GMT
tcn
Choice
content-type
text/plain; charset=utf8
vary
negotiate,Accept-Encoding
server
sonobi-go
x-go-server
go-iad-2-5-96
x-xss-protection
0
verify
pbs.publishers.tremorhub.com/pubsync/
Redirect Chain
  • https://pbs.publishers.tremorhub.com/pubsync?gdpr=0&gdpr_consent=0&us_privacy=&redir=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000015%26gdpr%3D0%26gdpr_consent%3D0%26us_privacy%3...
  • https://pbs.publishers.tremorhub.com/pubsync/verify?gdpr=0&gdpr_consent=0&us_privacy=&redir=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000015%26gdpr%3D0%26gdpr_consent%3D0%26us_pr...
43 B
174 B
Image
General
Full URL
https://pbs.publishers.tremorhub.com/pubsync/verify?gdpr=0&gdpr_consent=0&us_privacy=&redir=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000015%26gdpr%3D0%26gdpr_consent%3D0%26us_privacy%3D%26uuid%3D%5Btvid%5D
Protocol
H2
Server
35.168.46.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-168-46-194.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Fri, 27 Dec 2024 11:26:24 GMT
content-type
image/gif
server
nginx

Redirect headers

location
pubsync/verify?gdpr=0&gdpr_consent=0&us_privacy=&redir=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000015%26gdpr%3D0%26gdpr_consent%3D0%26us_privacy%3D%26uuid%3D%5Btvid%5D
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Fri, 27 Dec 2024 11:26:24 GMT
server
nginx
getuid
eb2.3lift.com/
37 B
140 B
Image
General
Full URL
https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=0&us_privacy=&redir=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000016%26gdpr%3D0%26gdpr_consent%3D0%26us_privacy%3D%26uuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
date
Fri, 27 Dec 2024 11:26:24 GMT
content-type
image/gif
pbsync
ads.yieldmo.com/
0
35 B
Image
General
Full URL
https://ads.yieldmo.com/pbsync?gdpr=0&gdpr_consent=0&us_privacy=&redirectUri=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000017%26gdpr%3D0%26gdpr_consent%3D0%26us_privacy%3D%26uuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.199.206 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-199-206.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

date
Fri, 27 Dec 2024 11:26:25 GMT
usersync
sync.springserve.com/
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=52&gdpr=0&gdpr_consent=0&us_privacy=&redirectUri=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000018%26gdpr%3D0%26gdpr_consent%3D...
  • https://sync.springserve.com/usersync?aid=1000018&gdpr=0&gdpr_consent=&uuid=5734696040016866960
43 B
205 B
Image
General
Full URL
https://sync.springserve.com/usersync?aid=1000018&gdpr=0&gdpr_consent=&uuid=5734696040016866960
Protocol
H2
Server
52.31.218.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-218-18.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

access-control-allow-origin
*
content-length
43
date
Fri, 27 Dec 2024 11:26:24 GMT
content-type
image/gif
server
nginx
access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS

Redirect headers

cache-control
no-cache,no-store
location
https://sync.springserve.com/usersync?aid=1000018&gdpr=0&gdpr_consent=&uuid=5734696040016866960
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date
Fri, 27 Dec 2024 11:26:24 GMT
pragma
no-cache
sync
ups.analytics.yahoo.com/ups/58800/
0
160 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/58800/sync?redir=true&gpp=&gpp_sid=&gdpr=0&gdpr_consent=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.119.252 , United Kingdom, ASN203220 (YAHOO-DEB Yahoo-UK Limited, GB),
Reverse DNS
e2-bmr.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
date
Fri, 27 Dec 2024 11:26:24 GMT
age
0
content-type
text/html
server
ATS
referrer-policy
no-referrer-when-downgrade
sync
sync.sxp.smartclip.net/
Redirect Chain
  • https://sync.sxp.smartclip.net/sync?type=red&dsp=116&gdpr_consent=0
  • https://sync.sxp.smartclip.net/sync?type=red&dsp=116&gdpr_consent=0&ang_testid=1
42 B
308 B
Image
General
Full URL
https://sync.sxp.smartclip.net/sync?type=red&dsp=116&gdpr_consent=0&ang_testid=1
Protocol
H2
Server
35.186.194.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.194.186.35.bc.googleusercontent.com
Software
openresty/1.21.4.3 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

access-control-allow-credentials
true
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Fri, 27 Dec 2024 11:26:24 GMT
content-type
image/gif
server
openresty/1.21.4.3

Redirect headers

location
https://sync.sxp.smartclip.net/sync?type=red&dsp=116&gdpr_consent=0&ang_testid=1
access-control-allow-credentials
true
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Fri, 27 Dec 2024 11:26:24 GMT
server
openresty/1.21.4.3
v1
match.sharethrough.com/universal/
0
58 B
Image
General
Full URL
https://match.sharethrough.com/universal/v1?supply_id=BGApXMcE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.184.206.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-206-66.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
sync
x.bidswitch.net/
43 B
183 B
Image
General
Full URL
https://x.bidswitch.net/sync?ssp=themediagrid&gdpr=0&gdpr_consent=0&us_privacy=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.136.108 Groningen, Netherlands, ASN19527 (GOOGLE-2, US),
Reverse DNS
108.136.214.35.bc.googleusercontent.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
date
Fri, 27 Dec 2024 11:26:25 GMT
content-type
image/gif
usersync
vid-io-dub.springserve.com/
Redirect Chain
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=0&tpid=22144&cburl=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000023%26gdpr%3D0%26gdpr_consent%3D0%26us_privacy%3D%26uuid%3D__STROEER_...
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=0&tpid=22144&cburl=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000023%26gdpr%3D0%26gdpr_consent%3D0%26us_privacy%3D%26uuid%3D__STROEER_...
  • https://vid-io-dub.springserve.com/usersync?aid=1000023&gdpr=0&gdpr_consent=0&us_privacy=&uuid=3537715cdaf0494f9cef036dbf00a35d
43 B
205 B
Image
General
Full URL
https://vid-io-dub.springserve.com/usersync?aid=1000023&gdpr=0&gdpr_consent=0&us_privacy=&uuid=3537715cdaf0494f9cef036dbf00a35d
Protocol
H2
Server
52.31.218.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-218-18.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

access-control-allow-origin
*
content-length
43
date
Fri, 27 Dec 2024 11:26:26 GMT
content-type
image/gif
server
nginx
access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS

Redirect headers

date
Fri, 27 Dec 2024 11:26:25 GMT
location
https://vid-io-dub.springserve.com/usersync?aid=1000023&gdpr=0&gdpr_consent=0&us_privacy=&uuid=3537715cdaf0494f9cef036dbf00a35d, https://vid-io-dub.springserve.com/usersync?aid=1000023&gdpr=0&gdpr_consent=0&us_privacy=&uuid=3537715cdaf0494f9cef036dbf00a35d
content-length
0
um
sync.teads.tv/
23 B
163 B
Image
General
Full URL
https://sync.teads.tv/um?gdpr=0&gdpr_consent=0&ssb_provider_id=1&uid&fb=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000024%26us_privacy%3D%26uuid%3D%5BVID%5D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-35.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.1 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

expires
Fri, 27 Dec 2024 11:26:25 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
pragma
no-cache
date
Fri, 27 Dec 2024 11:26:25 GMT
content-type
image/gif
server
pekko-http/1.0.1
token
pixel.rubiconproject.com/
0
214 B
Image
General
Full URL
https://pixel.rubiconproject.com/token?pid=52948&gdpr=0&gdpr_consent=0&us_privacy=&rk=dub
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Pragma
no-cache
usersync
vid-io-dub.springserve.com/
Redirect Chain
  • https://cs.media.net/cksync?cs=60&type=ss&gdpr=0&gdpr_consent=0&us_privacy=&redirect=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000026%26gdpr%3D0%26gdpr_consent%3D0%26us_privacy%3...
  • https://vid-io-dub.springserve.com/usersync?aid=1000026&gdpr=0&gdpr_consent=0&us_privacy=&uuid=3783003850243573000V10
43 B
205 B
Image
General
Full URL
https://vid-io-dub.springserve.com/usersync?aid=1000026&gdpr=0&gdpr_consent=0&us_privacy=&uuid=3783003850243573000V10
Protocol
H2
Server
52.31.218.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-218-18.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

access-control-allow-origin
*
content-length
43
date
Fri, 27 Dec 2024 11:26:25 GMT
content-type
image/gif
server
nginx
access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS

Redirect headers

Cache-Control
max-age=0, no-cache, no-store
Location
https://vid-io-dub.springserve.com/usersync?aid=1000026&gdpr=0&gdpr_consent=0&us_privacy=&uuid=3783003850243573000V10
Pragma
no-cache
Connection
keep-alive
Expires
Fri, 27 Dec 2024 11:26:25 GMT
x-mnet-hl2
E
Content-Length
154
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Date
Fri, 27 Dec 2024 11:26:25 GMT
Content-Type
text/html
Server
Apache
/
sync.richaudience.com/74889303289e27f327ad0c6de7be7264/
0
0

usersync
sync.springserve.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3691&_fw_gdpr=0&_fw_gdpr_consent=0&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000028%26gdpr%3D0%26gdpr...
  • https://sync.springserve.com/usersync?aid=1000028&uuid=f6378a886f4ce240ba75ed1c6517f3bd&gdpr=0&0=&us_privacy=&gpp={gpp_string}&gpp_sid={gpp_sid}&gpp_sid=&gpp=&us_privacy=&_fw_gdpr=0&_fw_gdpr_consen...
43 B
205 B
Image
General
Full URL
https://sync.springserve.com/usersync?aid=1000028&uuid=f6378a886f4ce240ba75ed1c6517f3bd&gdpr=0&0=&us_privacy=&gpp={gpp_string}&gpp_sid={gpp_sid}&gpp_sid=&gpp=&us_privacy=&_fw_gdpr=0&_fw_gdpr_consent=0&redir=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000028%26gdpr%3D0%26gdpr_consent%3D0%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26uuid%3D%7Bviewerid%7D
Protocol
H2
Server
52.31.218.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-218-18.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

access-control-allow-origin
*
content-length
43
date
Fri, 27 Dec 2024 11:26:25 GMT
content-type
image/gif
server
nginx
access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS

Redirect headers

Cache-Control
no-cache
Location
https://sync.springserve.com/usersync?aid=1000028&uuid=f6378a886f4ce240ba75ed1c6517f3bd&gdpr=0&0=&us_privacy=&gpp={gpp_string}&gpp_sid={gpp_sid}&gpp_sid=&gpp=&us_privacy=&_fw_gdpr=0&_fw_gdpr_consent=0&redir=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000028%26gdpr%3D0%26gdpr_consent%3D0%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26uuid%3D%7Bviewerid%7D
Pragma
no-cache
x-sticky-vk
1735298785129066-379
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Content-Length
0
Date
Fri, 27 Dec 2024 11:26:25 GMT
Server
nginx
pbs.gif
sync.admanmedia.com/
60 B
60 B
Image
General
Full URL
https://sync.admanmedia.com/pbs.gif?gdpr=0&gdpr_consent=0&us_privacy=&redir=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000029%26gdpr%3D0%26gdpr_consent%3D0%26us_privacy%3D%26uuid%3D%5BUID%5D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.110.17 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
a63dfafeb1e16958219c7a35e30625e86b3c11db90f0990fb68fa7181e7de73b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

Content-Length
60
Date
Fri, 27 Dec 2024 11:26:25 GMT
Content-Type
text/plain
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
generic
match.adsrvr.org/track/cmf/
70 B
149 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=0kkyw3l&ttd_tpi=1&gdpr=0&gdpr_consent=0&us_privacy=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

content-length
70
date
Fri, 27 Dec 2024 11:26:25 GMT
content-type
image/gif
server
Kestrel
usersync
vid-io-dub.springserve.com/
Redirect Chain
  • https://y.one.impact-ad.jp/hbs_cs?redirectUri=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000031%26gdpr%3D0%26gdpr_consent%3D0%26us_privacy%3D%26uuid%3D%24UID
  • https://y.one.impact-ad.jp/ul_cb/hbs_cs?redirectUri=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000031%26gdpr%3D0%26gdpr_consent%3D0%26us_privacy%3D%26uuid%3D%24UID
  • https://vid-io-dub.springserve.com/usersync?aid=1000031&gdpr=0&gdpr_consent=0&us_privacy=&uuid=f93aeeb1-c7e0-474a-992b-5533e4331f17
43 B
205 B
Image
General
Full URL
https://vid-io-dub.springserve.com/usersync?aid=1000031&gdpr=0&gdpr_consent=0&us_privacy=&uuid=f93aeeb1-c7e0-474a-992b-5533e4331f17
Protocol
H2
Server
52.31.218.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-218-18.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

access-control-allow-origin
*
content-length
43
date
Fri, 27 Dec 2024 11:26:27 GMT
content-type
image/gif
server
nginx
access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS

Redirect headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
location
https://vid-io-dub.springserve.com/usersync?aid=1000031&gdpr=0&gdpr_consent=0&us_privacy=&uuid=f93aeeb1-c7e0-474a-992b-5533e4331f17
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Dec 2024 11:26:26 GMT
sodar2.js
ep2.adtrafficquality.google/sodar/
18 KB
7 KB
Script
General
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Fri, 27 Dec 2024 11:26:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Dec 2024 11:26:25 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
view
pagead2.googlesyndication.com/pcs/ Frame 6E39
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssXPU-c9fiyBuP24_dIRf1cPo_DKqTwwH6eBIa9gBfV_etmQhZmCQAtUkt367VZUwCg0dcEjQIWAtLRhnYQIi9gIqd_wpE9wPP8muGdAuVYzC8LmkYnTB5DKaV4ICP3APzPwvdIkmqGajfqngm8ilR_soeoGN8ScmHN___qlHx2dO36UFBX-P9mNrDuV3yfUwKvGp5IycPZENDVLu7OP1oLRchfjdon2l6INO0M7R5jZ7vQmvQod7aC9BsPsVNQyM-0U8IFZORyi7LS9x_6rStEUeXRa3cS9fmzADHqk2-4swhtTFbbiYnd27TLbHJXlJmyShRdakL4OhgPXkhaqwl2LXfrv9Y6nOI7FnZG_9jTRDqS3n_rRvbHBtfdreJu2mMBdIAHDKWhIlg_txv8ramZ5UTJXG5uwSIoPhqwgCe9D6efvLF1v-4NkNMQFcPRRGLOfNMWDfm2UlJEcB0j4HsjWg&sig=Cg0ArKJSzLyR1NB2jXpuEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.benefitscanada.com
URL: https://www.benefitscanada.com/writer/benefits-canada/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Fri, 27 Dec 2024 11:26:24 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20241212/r20110914/ Frame 6E39
23 KB
9 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20241212/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
b39fdaabfe63faca7d21b1ee38c593bb29663d70de9938eca8dd6159f405fe9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

content-encoding
br
etag
12104404153384301539
age
72320
x-content-type-options
nosniff
expires
Thu, 09 Jan 2025 15:21:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 26 Dec 2024 15:21:04 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
9049
x-xss-protection
0
server
cafe
window_focus_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20241212/r20110914/client/ Frame 6E39
3 KB
1 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20241212/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
944a37f694b55de268a0bf52dbae4e12f12c4ae09ee5c8d213ba05075c2865dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

content-encoding
br
etag
6567774568227038691
age
46380
x-content-type-options
nosniff
expires
Thu, 09 Jan 2025 22:33:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 26 Dec 2024 22:33:24 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
1234
x-xss-protection
0
server
cafe
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 6E39
218 KB
67 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
af6b15d8917bd5ab039b73db5f939c17df1aca2acf7d4ac9d8f44a005edaf6d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

content-encoding
br
etag
15965780714114583650
age
1397
x-content-type-options
nosniff
expires
Fri, 27 Dec 2024 12:03:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 27 Dec 2024 11:03:07 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=ISO-8859-1
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
69026
x-xss-protection
0
server
cafe
14870146913913901021
tpc.googlesyndication.com/simgad/ Frame 6E39
29 KB
30 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/14870146913913901021
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f1.1e100.net
Software
sffe /
Resource Hash
b0710b97142443bf81cc9a5c3fc5553695107dfaa70fcd5b76d912e4ee5386d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

age
292390
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options
nosniff
expires
Wed, 24 Dec 2025 02:13:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons
true
date
Tue, 24 Dec 2024 02:13:14 GMT
last-modified
Wed, 04 Dec 2024 18:23:36 GMT
content-type
image/jpeg
cache-control
public, max-age=31536000
timing-allow-origin
*
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
content-length
29723
x-xss-protection
0
server
sffe
truncated
/ Frame 6E39
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
949fef6fc4e700d5b499074ee6009bb020c37288a1032b27e1544b70dabb3361

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
container.html
d51b26871f2acea15d86ac175bc4cda0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6110
0
0
Document
General
Full URL
https://d51b26871f2acea15d86ac175bc4cda0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.benefitscanada.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 27 Dec 2024 11:26:24 GMT
expires
Fri, 27 Dec 2024 11:26:24 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
pagead2.googlesyndication.com/pcs/ Frame 49FA
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstnaUvZtp6VLM1XB7T4Lk1acgwLzVKH_FJXN0Bu65XlcslILPC5cVvOy9_vU4Jrfgu1wpRnPyzArcBYjrJcFLkR4GafTtgan9Z7Jk-3VN-zQfX-FKl5BGOb7rNBcT8EAAT4hc1zSCbBMBC_I6DSwqWQKssyGnZUsv9rmJralxT0c_9tVM0sY3hwU0UMJwQ12nTrkVkPonUijQ_958L7vxc5kO_oWKnBV56waUj6UQrEq2ZSMpus5_6A75LqRXht_UGuVAABdR1fbekdLSe4p1xQTBs_rTOl1eQIsRz7qNYG4lxQ4sg1M-MMHvhA12LBEilAkvqb5DjNxA_-FoSPOHvWSBAsMguY0HWquQx2AZUtEWrziKbkGXe7rUjtaxwvCHs6EGw_cXrXFsb3xi5oeaVISzJQQePJWk3__K7396ubao_lX9fcAUn7mKJh15y-A1urmPg&sig=Cg0ArKJSzFswLjXjcaeAEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.benefitscanada.com
URL: https://www.benefitscanada.com/writer/benefits-canada/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Fri, 27 Dec 2024 11:26:24 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20241212/r20110914/ Frame 49FA
23 KB
0
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20241212/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
b39fdaabfe63faca7d21b1ee38c593bb29663d70de9938eca8dd6159f405fe9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

content-encoding
br
etag
12104404153384301539
age
72320
x-content-type-options
nosniff
expires
Thu, 09 Jan 2025 15:21:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 26 Dec 2024 15:21:04 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
9049
x-xss-protection
0
server
cafe
window_focus_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20241212/r20110914/client/ Frame 49FA
3 KB
0
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20241212/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
944a37f694b55de268a0bf52dbae4e12f12c4ae09ee5c8d213ba05075c2865dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

content-encoding
br
etag
6567774568227038691
age
46380
x-content-type-options
nosniff
expires
Thu, 09 Jan 2025 22:33:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 26 Dec 2024 22:33:24 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
1234
x-xss-protection
0
server
cafe
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 49FA
218 KB
0
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
af6b15d8917bd5ab039b73db5f939c17df1aca2acf7d4ac9d8f44a005edaf6d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

content-encoding
br
etag
15965780714114583650
age
1397
x-content-type-options
nosniff
expires
Fri, 27 Dec 2024 12:03:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 27 Dec 2024 11:03:07 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=ISO-8859-1
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
69026
x-xss-protection
0
server
cafe
10228726536782035624
tpc.googlesyndication.com/simgad/ Frame 49FA
146 KB
147 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/10228726536782035624
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f1.1e100.net
Software
sffe /
Resource Hash
56c53cb5e9feec6bf4d5211e7fa1c1d82502472cfd352acc174365c178f78145
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

age
119885
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options
nosniff
expires
Fri, 26 Dec 2025 02:08:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons
true
date
Thu, 26 Dec 2024 02:08:19 GMT
last-modified
Fri, 09 Aug 2024 15:42:19 GMT
content-type
image/png
cache-control
public, max-age=31536000
timing-allow-origin
*
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
content-length
149940
x-xss-protection
0
server
sffe
truncated
/ Frame 49FA
210 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ead02b4517cbed9d55202d2e446783e11b83a0292ce7f801b5a4de5fc9258fbb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
view
pagead2.googlesyndication.com/pcs/ Frame 846E
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsutaonnfhsTLJUTW3GpvR4UNq3cJTLbYCKKbMQXdyV9IkqypMrQiLAia8Ul0Ads03MXBgoNF8q7jKuO6FUe-Ci7Xq_DOF4FGcWpWMN929fIbDTDBdGFD0usSKh0PVt4Y9FAoKhwdnN0VcpN7ADdyq38QxGiMsWOKJ7k3xj2H6tBJrJjuUlH1T3FI_k_2icwfGCi1T7q0KaOVKgRiTHYP-CeMHmcgN4xyzlBFfGmBrmNUzg9jvDq4us3izTwy11GZsbVccmSM8Z0Clg8QRlIEzq6dYnRUCd9RwzVXdwg5eHo_7yfv6Ebwo_RQG2G8KYVm9zynu5ensf42kOJHPcw7vxWYh00X0HF3wsQ6DuF8_TI9hfhcCG-JkTk3TK2rSa2Bf9d043ObmNy5xE4yeLhwH2hxiuoYnIJz0YORvZO0OMX2DFSigCRjiOFL8DdJjSSnQz49YM&sig=Cg0ArKJSzMQQ8whUViL2EAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.benefitscanada.com
URL: https://www.benefitscanada.com/writer/benefits-canada/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Fri, 27 Dec 2024 11:26:24 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20241212/r20110914/ Frame 846E
23 KB
0
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20241212/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
b39fdaabfe63faca7d21b1ee38c593bb29663d70de9938eca8dd6159f405fe9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

content-encoding
br
etag
12104404153384301539
age
72320
x-content-type-options
nosniff
expires
Thu, 09 Jan 2025 15:21:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 26 Dec 2024 15:21:04 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
9049
x-xss-protection
0
server
cafe
window_focus_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20241212/r20110914/client/ Frame 846E
3 KB
0
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20241212/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
944a37f694b55de268a0bf52dbae4e12f12c4ae09ee5c8d213ba05075c2865dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

content-encoding
br
etag
6567774568227038691
age
46380
x-content-type-options
nosniff
expires
Thu, 09 Jan 2025 22:33:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 26 Dec 2024 22:33:24 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
1234
x-xss-protection
0
server
cafe
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 846E
218 KB
0
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
af6b15d8917bd5ab039b73db5f939c17df1aca2acf7d4ac9d8f44a005edaf6d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

content-encoding
br
etag
15965780714114583650
age
1397
x-content-type-options
nosniff
expires
Fri, 27 Dec 2024 12:03:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 27 Dec 2024 11:03:07 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=ISO-8859-1
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
69026
x-xss-protection
0
server
cafe
13120741730070561534
tpc.googlesyndication.com/simgad/ Frame 846E
33 KB
33 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/13120741730070561534
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f1.1e100.net
Software
sffe /
Resource Hash
6fbb0fc2160ccc94196fca6b0b736975825e137cd1ad4c79ceb10df867f659ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

age
31277
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options
nosniff
expires
Sat, 27 Dec 2025 02:45:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons
true
date
Fri, 27 Dec 2024 02:45:07 GMT
last-modified
Tue, 19 Nov 2024 19:46:40 GMT
content-type
image/png
cache-control
public, max-age=31536000
timing-allow-origin
*
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
content-length
33367
x-xss-protection
0
server
sffe
truncated
/ Frame 846E
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fee1aa53ef0b8fb0cc36fad04d8d5e560c1a775e57010df116b0fcaa12ea4075

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 846E
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Fri, 27 Dec 2024 11:26:24 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
view
pagead2.googlesyndication.com/pcs/ Frame 846E
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssng4vObiADGUTd_bqBChVo3UbnZnv_UNbyWOcaT4mVm7hjIvb4fCefNbSrEubLblVjRdAIjcXidR17Us3YdVhLPEz_b-ii1iHSEEBRGdxAHyhPqcuKoh5OYQUzs9p5AHLfbEK4YZ4s1rRv4QsksRjUTTO-aKmerHu1348F_xE7htrWo0jMhaQMVUP9OQEtyqSOOxmQyxXRpvqvim2TQAAJDsN6lL58Q-WBqoWvDxji4aRPhd7K3EV3dCM5vS8Qi1JfvJd8bRw3osr2IYDaIAfsas5zEHBDysa8xRVMAvoNDHt9SC4nC9vjwa_D0zmDBnLRs_oPlHgs2NXUyFAtHCjv1LWb45i6KC_IjfC8qrMFoc1dXjhpxduq-1I0eJXuQdsRWl6pAZSrPkNSBKNclkB8kLWFMSOX4iWzr3c2NaA6JB2FdqP_3p6l5BQBarDpqmNtJvSMgg&sig=Cg0ArKJSzF1J5RMHYqIzEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Fri, 27 Dec 2024 11:26:24 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 846E
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Fri, 27 Dec 2024 11:26:24 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6E39
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Fri, 27 Dec 2024 11:26:25 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
view
pagead2.googlesyndication.com/pcs/ Frame 6E39
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjst9_yJR12SP8gFl3BehFeESpc2nLSJ5PIVPNeHwvBqNEMTYOtm6ss4ZZoHw64WMJkm9PCUZZKkbHnDzShJIWepwbXB9YZ1JGRXN2V6Kn4VY5qm2Ghtxme4BrFZbQ9KZJl5SMFqLWh1HdagXb2HYSl0YpHGOIVVWajm8bZXX_lsJLiU9MiJl0e2AH69yZC_M_K4qKfwNkSD2HTzkYojc6psEjnRwnKmx9xLmBbvO17fHZAAS5jsgJZi_h1DT6HSoK3uVVauVG1EDAREK13HUf3YngCKllYG1C03nSBXitL4wHB9sD6Ycoof1V24t_wSFianFalReuAcD_STcR_dKv6cKbLDg1gOlznnGzGOKKmx7vnuqb2n_c5DkkGTc7cli7W8_ACR_V5hz87Dc6BuE0jfG049kXbVHQWeuCtLkBSqahYzXM9CBYU5TPyHn2LiKwsTRePu1Syb61NOse1W54Xst-JJ_&sig=Cg0ArKJSzJC-XD9nIFxdEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Fri, 27 Dec 2024 11:26:24 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6E39
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Fri, 27 Dec 2024 11:26:25 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 49FA
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Fri, 27 Dec 2024 11:26:25 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
view
pagead2.googlesyndication.com/pcs/ Frame 49FA
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsv53uTP-zKTZWISuBI9HEBcE8ECYZMuL7gt1jwKzb2KT61e9fRWySiFNL7cIgNNNQ4ry8zqe5nKEmEEu1sV-Bz6Sw8_kofbNu7FC50-eMu4cHipUg0Bz-2oPTCEZqDKvmdaOLvIpxTApHj4_sXiBOuefl4nIAU_5eex-5KTlKvER-pwMz6snuW5rO7lOYLNcLSEV9PCxc26GtV8gZFKJHbAjdGqM8oc89zG_GvLMxVZ3Z9CnhFeUAWWcczqpUGct7S-crO6G40vgothfEvpGEGoR8dTLFBez6HvrbG3TG0kaLTVVwyewj6vbO0FSZVP-cy_UITskR-04t7z5wPMkMGVOPzvUiv6_OTAUfTVyqJYll2ZqWo4KTQcXy_YQJ4k9bYM-daxszQTwDTiAjTODBYDZVUDmiNODLwi7mmv8YyKVBnHTir6aZmLHUYRsZhMr4sf123ZUg&sig=Cg0ArKJSzOJ_qp8FC6O1EAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Fri, 27 Dec 2024 11:26:25 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 49FA
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Fri, 27 Dec 2024 11:26:25 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
excluded_by_insertion
mia-placement-server.rubiconproject.com/tracking/66130/731/
0
0
Fetch
General
Full URL
https://mia-placement-server.rubiconproject.com/tracking/66130/731/excluded_by_insertion
Requested by
Host: s3.us-west-2.amazonaws.com
URL: https://s3.us-west-2.amazonaws.com/application-mia-player-prod.rubiconproject.com/pub.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.178.73 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-178-73.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

date
Fri, 27 Dec 2024 11:26:25 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin
*
ping
pagead2.googlesyndication.com/pagead/
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.benefitscanada.com/

Response headers

runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame 3202
0
0
Document
General
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.benefitscanada.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
899
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 27 Dec 2024 11:11:26 GMT
expires
Fri, 27 Dec 2024 12:01:26 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 6E39
42 B
65 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuTYPniAO_c-1JS3tZGxmsvtB0d_wrwYdHRO4d82z_2dhDLiCBNSJl4rY9JbeseXWySIOsuHaiYrb8kuNmQ_f0gzGpyn1CoJCgikxDNwXJgLKJt9QoxSlXv8fQQzTxCIOp0JsLfKLiZogqHgSqu0FS2xW9daJkO0LPdLjAq6RanCx7OmXayn-JCZh0Suf1cNu9WG_K_2AY&sig=Cg0ArKJSzP9ZXWDUnfIWEAE&id=lidar2&mcvt=1000&p=258,436,348,1164&tm=1032.5&tu=32.30000019073486&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20241204&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2170329393&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=3123158400&rst=1735298784414&rpt=524&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Fri, 27 Dec 2024 11:26:26 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
sodar
ep1.adtrafficquality.google/pagead/
0
0

collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-D5M7SSGHRQ&gtm=45je4cc1v9119786175z89119776714za200zb9119776714&_p=1735298781091&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1625987993.1735298782&ul=pl-pl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&sid=1735298781&sct=1&seg=0&dl=https%3A%2F%2Fwww.benefitscanada.com%2Fwriter%2Fbenefits-canada%2F&dt=Benefits%20Canada%20%7C%20Benefits%20Canada.com&en=scroll&epn.percent_scrolled=25&_et=912&tfd=8539
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D5M7SSGHRQ&l=dataLayer&cx=c&gtm=45He4cc1v9119776714za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.benefitscanada.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.benefitscanada.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Dec 2024 11:26:27 GMT
content-type
text/plain
server
Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pixel.advertising.com
URL
https://pixel.advertising.com/ups/58185/sync?&gdpr=0&gdpr_consent=0&us_privacy=&redir=true
Domain
sync.richaudience.com
URL
https://sync.richaudience.com/74889303289e27f327ad0c6de7be7264/?consentString=0&r=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000027%26gdpr%3D0%26gdpr_consent%3D0%26us_privacy%3D%26uuid%3D%5BPDID%5D
Domain
ep1.adtrafficquality.google
URL
https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gpt_m202412090101&jk=2749664817860991&bg=!ICOlI2zNAAbtGp3CzRo7ADQBe5WfOPK1ww3dwD2bruhG9gKT95FK12towoQPi1jOOuaRPBsswm1No_rGRZbkuXLh66VpAgAAAF5SAAAAAmgBB34ANiajV87m8dBpPAS9QUHuR_pfqWquz2f3-d41uA8y6W-F1SlvJDCoTeO-7C5tXeH2yPQhYBut9JkCqcFLzpkphJxp7AdIScNvTscodUa-_j1Z93bGto3B00c2k_atjEd2pPUrwO8E1XppKhReoso-NpqDi1fDJ5FhD4GaGX-0zY5jODh4Hzr59Q__6M9d_d5zoRDgyp6ly37wbT1MoRnmfx4I9kNR_SJV9bnpsXi7UnN48S1hx6lWd-y1ggwc72ndQ2Nu7MgLWdclF8yOVk8R3SVKI6UqZPQ29-KIbh1D3GiSR0_AZC75d6K65-3UJZ6MOS6kKa5NMS2eYWZOrAG7wnYKQTcsDr3E03XHSBbxkyRnvWmH-lghVm6KkHOOtk4vy8oCc1sv4VWDpLIO5iA7atwnRpZ-ez9ZghSB9QrOQ9mXLue8AYfo34-tqq7rckcdZ3cguKLP7mvFZLYxZmPyfJFOxByTFJ0TMYgJ2iE1IFU_vv2la5V0L0m0ACK8LZlmlAZYoqIC2AJf6dpKL7iCai5etke5ZG1Y9LA9e7bdBp3bwi76OY0qYnQBiPrg-D0KYc1q_iitL659BgF001ArZSDm8cFJe2gpDHjP3OlYxiXMUEbS4LKY3nsH3veNxl6mgX-A8M2wZ1JXT4bwzdPxOrUdaPYCa8iFNEBsZFSqBglOLxZyCHzyxjxl2vXOlaC1yzO68ea-5td0BUDLFzlQ0KH-VhWbB0zL-xs7Wav3FCpJiHrYLWLpUIkmaX0qa38og9qfy_zvo9qt1BYK4YOD0B7m5enLejJNW1JH99rV1vDYludfrbuiLK-H1ZfJcqf9pStrUuEj8iyIi82dhYqIKaXXWGr_hrkB5fxCYwbdxXxGMH3-EMaxwHG1vrVgN2eoJRrEc5EG8cEH1K9E-zk97L6fWXHtSDffHyoOcqnHwNBGX8HyeUZR-MWu6dKly1fP2hiT_0WfTRNnbJeLyuy3dBqZ_g

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 function| $ function| jQuery object| dataLayer number| CurrentYear string| _linkedin_partner_id object| _linkedin_data_partner_ids function| lintrk function| twq object| translated_string object| avatar_theme_url object| m32_context object| lazyLoadOptions function| _extends function| _typeof function| LazyLoad object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| regeneratorRuntime object| twttr boolean| _already_called_lintrk object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| scr function| gtag function| onYouTubeIframeAPIReady object| gaGlobal object| recaptcha object| ORIBILI function| miaLib object| _MiaAds function| initMIA object| OFSYS_Tracker2 function| OFSYS_Tracking2_PluginLoadEvent object| DI function| IASCallbacks function| IASHistoryExtension function| IASNoneLeftExtension function| IASPagingExtension function| IASSpinnerExtension function| IASTriggerExtension object| jQuery112406724796287350645 object| ias function| Konami number| speed object| easter_egg object| gaplugins object| gaData object| googletag object| _m32_pbjs object| owpbjs object| pbjs object| madops object| m32shr object| _PREFIX_MAP object| m32pixel string| M32VERSION object| __m32consent function| delay object| miaConfig number| __m32geoStatus object| __m32geo object| ggeac object| google_js_reporting_queue string| springserveUserId object| google_reactive_ads_global_state number| google_unique_id string| springserveRegion number| x object| GoogleGcLKhOms object| google_image_requests

42 Cookies

Domain/Path Name / Value
.smartadserver.com/api Name: pid
Value: 5734696040016866960
.benefitscanada.com/ Name: _gcl_au
Value: 1.1.1607410899.1735298782
.t.co/ Name: muc_ads
Value: 7d7ec1ea-ddce-4848-aabe-5765b546f220
.t.co/ Name: __cf_bm
Value: 3FViUiSTjgFM8i58r8X0dwX1_AHp8rOYElM1Z.NqRrM-1735298781-1.0.1.1-ASY55WVeMnmhZ06E50s9UWY79JDCEWoQix_maGLdUutEBIVlmH21GUUd_KR.3fSECMQgN.zcZUoAD9y8GrOJAg
.twitter.com/ Name: guest_id_marketing
Value: v1%3A173529878185231042
.twitter.com/ Name: guest_id_ads
Value: v1%3A173529878185231042
.twitter.com/ Name: personalization_id
Value: "v1_a/VKXIrvvsSSJgwuQhpXgg=="
.twitter.com/ Name: guest_id
Value: v1%3A173529878185231042
.linkedin.com/ Name: bcookie
Value: "v=2&e2685bdd-b997-4648-8124-9536dc06b4a0"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MzUyOTg3ODI7MjswMjHtLfqNLO3Q2NWFyyGWiQGcWzdsAwYpjmsbl8EHGY6ruw==
.linkedin.com/ Name: lidc
Value: "b=OGST02:s=O:r=O:a=O:p=O:g=3439:u=1:x=1:i=1735298782:t=1735385182:v=2:sig=AQGO198F5rvxWli7Qu_86hAdbs5OptnH"
.benefitscanada.com/ Name: _gid
Value: GA1.2.1569621663.1735298782
.benefitscanada.com/ Name: _gat_UA-2314729-4
Value: 1
.benefitscanada.com/ Name: _gat_gtag_UA_2314729_4
Value: 1
.benefitscanada.com/ Name: _ga_2F1HV6LLNX
Value: GS1.1.1735298782.1.0.1735298782.60.0.0
.benefitscanada.com/ Name: _ga
Value: GA1.1.1625987993.1735298782
.benefitscanada.com/ Name: _ga_D5M7SSGHRQ
Value: GS1.1.1735298781.1.0.1735298782.0.0.0
www.benefitscanada.com/ Name: m32_pubgeo
Value: JTdCJTIyaXAlMjIlM0ElMjIxNDYuNzAuMTYxLjE2MyUyMiUyQyUyMmNvdW50cnlfY29kZSUyMiUzQSUyMlBMJTIyJTJDJTIyY291bnRyeV9uYW1lJTIyJTNBJTIycG9sYW5kJTIyJTJDJTIycmVnaW9uX2NvZGUlMjIlM0ElMjIwOCUyMiUyQyUyMmNpdHklMjIlM0ElMjJ6YXJ5JTIyJTJDJTIybGF0aXR1ZGUlMjIlM0E1MS42NCUyQyUyMmxvbmdpdHVkZSUyMiUzQTE1LjE0JTJDJTIybWV0cm8lMjIlM0EtMSUyQyUyMnBvc3RhbF9jb2RlJTIyJTNBJTIyNjgtMjAwJTIyJTdE
.springserve.com/ Name: ssid
Value: d5e02ee1-7e35-44f1-8ab7-0a51701df8f2
.springserve.com/ Name: sst
Value: 1735298783194
.adnxs.com/ Name: XANDR_PANID
Value: WZZX7lvYZZK4sZhToD9q7fG2_Iq5kXqwLyfenW7GJUo2WBeLf0mv_An9dkSiRVH_Z3HBIpNoPsNS75w9Umpymo2zaeIVJQ3Ca7PxDf2wkrM.
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: uuid2
Value: 8204807367830100456
.contextweb.com/ Name: VP
Value: part_hXOJ6aWSwkIX
.contextweb.com/ Name: pb_rtb_ev_part
Value: 3-1vk6|86L.0.1
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 006b25497d788146
.benefitscanada.com/ Name: __eoi
Value: ID=033f471c283b0f71:T=1735298783:RT=1735298783:S=AA-AfjZnmWTo3__nquN7tGh-qYV7
.go.sonobi.com/ Name: __uis
Value: 6359173f-99fc-431c-a396-9c9691a6844e
.go.sonobi.com/ Name: HAPLB8G
Value: s8596|Z26O4
.sxp.smartclip.net/ Name: uuid
Value: a0a5493e-e08e-6e67-331e-2a8ee52b3140
.turn.com/ Name: uid
Value: 3031319725204927714
.tremorhub.com/ Name: tvid
Value: 33b63c39aac94e4bbdc97b9100d736ff
.sxp.smartclip.net/ Name: psyn
Value:
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-03d708ee-3e19-4e46-a72c-47e102cb4783-003%22%7D
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-03d708ee-3e19-4e46-a72c-47e102cb4783-003%22%7D
.ads.stickyadstv.com/ Name: UID
Value: f6378a886f4ce240ba75ed1c6517f3bd
.ads.stickyadstv.com/ Name: uid-bp-41478
Value: 1
.media.net/ Name: visitor-id
Value: 3783003850243573000V10
.adscale.de/ Name: uu
Value: 3537715cdaf0494f9cef036dbf00a35d
.impact-ad.jp/ Name: tuuid
Value: f93aeeb1-c7e0-474a-992b-5533e4331f17
.impact-ad.jp/ Name: c
Value: 1735298786
.impact-ad.jp/ Name: tuuid_lu
Value: 1735298786

2 Console Messages

Source Level URL
Text
network error URL: https://pixel.advertising.com/ups/58185/sync?&gdpr=0&gdpr_consent=0&us_privacy=&redir=true
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.admanmedia.com/pbs.gif?gdpr=0&gdpr_consent=0&us_privacy=&redir=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000029%26gdpr%3D0%26gdpr_consent%3D0%26us_privacy%3D%26uuid%3D%5BUID%5D
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.turn.com
ads.pubmatic.com
ads.stickyadstv.com
ads.yieldmo.com
analytics.twitter.com
bh.contextweb.com
cs.emxdgt.com
cs.media.net
d51b26871f2acea15d86ac175bc4cda0.safeframe.googlesyndication.com
eb2.3lift.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
fastlygeo.m32.media
fonts.googleapis.com
fonts.gstatic.com
ib.adnxs.com
ih.adscale.de
image8.pubmatic.com
match.adsrvr.org
match.sharethrough.com
mia-placement-server.rubiconproject.com
pagead2.googlesyndication.com
pbs.publishers.tremorhub.com
pixel.advertising.com
pixel.rubiconproject.com
px.ads.linkedin.com
rdc.m32.media
region1.analytics.google.com
region1.google-analytics.com
rtb.gumgum.com
rtb.openx.net
s3.us-west-2.amazonaws.com
securepubads.g.doubleclick.net
snap.licdn.com
ssbsync.smartadserver.com
ssum.casalemedia.com
static.ads-twitter.com
stats.g.doubleclick.net
sync.1rx.io
sync.admanmedia.com
sync.bfmio.com
sync.go.sonobi.com
sync.richaudience.com
sync.springserve.com
sync.sxp.smartclip.net
sync.targeting.unrulymedia.com
sync.teads.tv
t.co
t.ofsys.com
tpc.googlesyndication.com
tv.springserve.com
ups.analytics.yahoo.com
vid-io-dub.springserve.com
www.benefitscanada.com
www.google-analytics.com
www.google.com
www.google.pl
www.googletagmanager.com
www.gstatic.com
x.bidswitch.net
y.one.impact-ad.jp
ep1.adtrafficquality.google
pixel.advertising.com
sync.richaudience.com
104.18.27.193
104.244.42.67
13.107.42.14
13.248.245.213
142.250.181.234
142.250.185.100
142.250.185.225
142.250.185.226
142.250.185.78
142.250.186.35
142.250.186.40
142.250.186.99
15.197.193.217
151.101.2.132
154.54.250.80
162.159.140.229
172.217.16.193
172.217.16.194
172.217.16.195
18.184.206.66
185.64.191.214
199.232.188.157
2.16.164.10
208.91.248.5
208.93.169.131
216.239.32.36
216.58.206.34
23.212.88.20
23.32.185.35
23.35.236.201
3.125.196.33
3.126.178.73
3.160.150.53
3.213.29.127
3.68.145.123
35.168.46.194
35.186.194.101
35.213.17.49
35.214.136.108
35.227.252.103
37.252.171.149
46.228.164.11
46.228.174.117
5.196.111.68
52.30.199.206
52.31.218.18
52.50.226.47
52.92.177.32
54.195.177.127
64.233.166.154
69.166.1.35
69.173.144.165
8.2.110.17
87.248.119.252
02e6ce06aa80e54396627815bf290251527c866c95af067359f5ef70027fe16f
04d85fdaa240e9c6964c1b3afe75b8802720a8d9a98e6c35f346f599b1113af4
059c764bcf3fab3910992def832158fb331e8839fefb9f45559b18e23f8b9503
07ff015d1a1147e70fdc0f24cbc4077a8094d902309544eddc6722e462b6e853
14466f041b4b990865284bd6eb409aed61ebf2fa42ae0dbc3b467ab95146d71c
1c916f14b273797dc164fce9800eacfd2591d6e599de60eac112857db7452a50
1f01c860bdb5390bf81294d8b174c53072f9b9fe6ec5e7e3ac675329f1faca81
22de6e4042c182513a5612e20d9c7f41c6ef8b7829912a4eab0895dd3dea05a6
258a7d87e72b96aa2cb3d05130f52e0660ec1d07fb88147f8583c05c14fab392
2594d4b330d2cce12d75540e7535d674155fd072dbf0cd9051124cec391710c7
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32f95e06752eed31f536332c3d257e10241239d70e322c54bfa75faaba09ab53
388c5b3c15dc5ae3068a6462be140928672200a28eaf9d592f28e9bd5eb54e8e
3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4ab035b80d365410fc8f47d6095aa188d9359df15431a7382fda75e1532dc86f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56c53cb5e9feec6bf4d5211e7fa1c1d82502472cfd352acc174365c178f78145
59dad5a09fa6be9c1a998f2a899ef182de3e1d204d5b2e5dd72c41b6317d1995
5b0fd74211eef1d87a6250d7f038e478369c43e77c0c3c4115cd29503daaf13f
68bf4e40e33fb95ebe16b7d4335a7b46cd28d446d0beff0f900c6ff15550c3be
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c0d4e3bd890a4bf01c9a301d3e3ff127af22636c4f94250cc230815eb701593
6c6c9c3fad669c3d32227f5cc3467735c8211ddcf4f8c184c2e62e7f3ef7af44
6fbb0fc2160ccc94196fca6b0b736975825e137cd1ad4c79ceb10df867f659ba
764f809da072ef6fae19d0727215437d21edc57490aff840b04adb4190f6ba26
7688da38c7dd3e2c8876bae066a9e763bbf45247723458aa0174c3d9a2b5a796
7eecf8c320d4d1920c95d44aca1c8a01fc0cb1905bf0101168ae27cc3ce4af75
7f2bf860f43b7667e06aa5c943990f44cd77c2fe0cc1f3c847758b4ce88faf8b
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f42cfa3c8ef87f84cbf220cab248f0c451f3ac31411e0240f1f3cf4bd2e85c7
9043986fde648c179ce63d202242b956fe5bae1cbba32612c721e28aeeae65ab
944a37f694b55de268a0bf52dbae4e12f12c4ae09ee5c8d213ba05075c2865dd
949fef6fc4e700d5b499074ee6009bb020c37288a1032b27e1544b70dabb3361
9c6300006e335b8dcf2356e3a233ed56756c451d43d324dc76d5c4d92e70d9b0
9fcc88665542ce8e1896e32253a821bd29130033649553ce8b90f7da0b3993c1
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a3479b45d477eb8429f4be8a396050d90f894559a72068ec3593ec43f586d138
a568b53ccfb8808dafbc0f6c0750a815a81e2416863c3351e8a27fba97947879
a63dfafeb1e16958219c7a35e30625e86b3c11db90f0990fb68fa7181e7de73b
a8f2291cb89b7db024218d504d170b58bf2e1f52636ecd8f507b935bb55cd313
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae311b8c4eb7ed5fe00bf8ec810b91abfa620a1f80529e9223573e5eb653d013
af6b15d8917bd5ab039b73db5f939c17df1aca2acf7d4ac9d8f44a005edaf6d6
b0710b97142443bf81cc9a5c3fc5553695107dfaa70fcd5b76d912e4ee5386d8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b39fdaabfe63faca7d21b1ee38c593bb29663d70de9938eca8dd6159f405fe9a
b59668075b67f78c188d4186567ebc8077567486445d17c65c4ea836ffa0ac42
b63747ef28e7986008f9a9c7e7150e7e8a2120471e5bef415a987a474f4af53c
b6c3c89337916e4c2d5d435576bb846b74c7c2e513de77bccad3cb9b384f327f
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c62255a9595ac60ffffcb56b75fa9848fcac7e339d230f6e78bad651ed63c3a5
caa01fd5b93edd1651ebe57ee99c52bd19ea53d3b055c00baa8afd3f789a0cdd
d4963b8afebfa0063b5d17b4c80f49bce702a37ea5c9b91bb3c996bb9dea4b60
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de454974348d52e58388ed39043e269d47893dbfdb5eabcccc6f5e39f91536c4
e167dc251881987ee75529e941a9ae0a02ef0df1e89ec7c68371bd08102bd434
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e488cf8d4cb19d9ee85312d8e4f3190db04cf4d68d432768d2eecbf89e7a3f9b
e81f118d334e426146c5b6e3c672d89309e45d448e35f9e0c8f28c0c82f8cc1f
e9ad5f2249841dc7d21706f582f33dc92bfd3629abe38db96a02226bf45fa003
ea0ae4fae8924dd26f897ee18cb3b8477306b682a8d7a758abd8da7fb55c1cb7
ead02b4517cbed9d55202d2e446783e11b83a0292ce7f801b5a4de5fc9258fbb
edce001694d4d2d9da43afb5adf31b984e14d32ffe4a5cc2ca68afc109f97f5c
eddfaeb7f56dffed79667124c75b6a203a05e8d8db2bde7b491f6550f0ad740a
ee0798be44b806894330095cdfb19fcb1357fe69074c53916cc2b6b0312813b3
ee30dfefc3b21776329dcdcc03bd10c08b79afadcae7dfbd2df9bad0319767fb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6a558dce3b339729183f567a919e3130e9b89cd444025d92f3a6b8a00a9b3a7
f73ea78e735b93ca96e5a45559d37720b5714b8a4b83783b56d8c0a17c6e8805
f97a5b4c573d798f1df2d041c5b4897f4419a1ebe1aeeeea66dba199e151fb18
fad6921438493bdaccf27caa773ed5a79e7a1498b4c8d1a23ccb620e6d8c4dbf
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e
fd70f295d943247d928b7277caae54a8b65ad72fb61b3bdd068b7bdeb0a4babd
fe1d5d222c1dc927b0bc621f7924082560e5fba582ad41079ead485f66f1852d
fee1aa53ef0b8fb0cc36fad04d8d5e560c1a775e57010df116b0fcaa12ea4075
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
ff823a9edbf91a5cc0df894573f186edcb29d38381311aa9e27b2741b95b3795