www.benefitboys.com Open in urlscan Pro
2606:4700:3036::6815:1b4d Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.benefitboys.com/
Effective URL:
https://www.benefitboys.com/
Submission: On June 13 via api (June 13th 2022, 2:20:23 pm UTC) from US — Scanned from DE

Summary HTTP 73 Redirects Behaviour Indicators

Summary

This website contacted 35 IPs in 8 countries across 33 domains to perform 73 HTTP transactions. The main IP is 2606:4700:3036::6815:1b4d, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.benefitboys.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 21st 2022. Valid for: a year.

This is the only time www.benefitboys.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 18	2606:4700:303... 2606:4700:3036::6815:1b4d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
4	2a02:6ea0:c70... 2a02:6ea0:c700::1	60068 (CDN77 ^_^) (CDN77 ^_^)
2	192.243.61.225 192.243.61.225	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
5	2600:9000:224... 2600:9000:2240:3e00:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21f... 2600:9000:21f3:5200:3:a4cd:8380:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	3.122.40.161 3.122.40.161	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
3	148.251.13.139 148.251.13.139	24940 (HETZNER-AS) (HETZNER-AS)
1	54.38.64.100 54.38.64.100	16276 (OVH) (OVH)
1	92.123.194.105 92.123.194.105	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2606:4700:10:... 2606:4700:10::6816:1957	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	145.239.192.166 145.239.192.166	16276 (OVH) (OVH)
1	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
1	2620:116:800d... 2620:116:800d:21:7eb1:3826:be7e:d981	16509 (AMAZON-02) (AMAZON-02)
1	54.154.72.131 54.154.72.131	16509 (AMAZON-02) (AMAZON-02)
1	13.225.84.15 13.225.84.15	16509 (AMAZON-02) (AMAZON-02)
2	104.102.29.65 104.102.29.65	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:225... 2600:9000:225f:5e00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
3 3	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	34.120.133.55 34.120.133.55	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
4	52.19.184.31 52.19.184.31	16509 (AMAZON-02) (AMAZON-02)
2 2	204.237.133.120 204.237.133.120	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
2 2	185.33.220.243 185.33.220.243	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	185.86.139.115 185.86.139.115	201081 (SMARTADSE...) (SMARTADSERVER)
1	141.95.98.68 141.95.98.68	16276 (OVH) (OVH)
1	54.217.252.143 54.217.252.143	16509 (AMAZON-02) (AMAZON-02)
73	35

18 2606:4700:3036::6815:1b4d (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.benefitboys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6ea0:c700::1 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

ads.themoneytizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.243.61.225 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

pl17250047.safestgatetocontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.effectivedisplaycontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2240:3e00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:5200:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)

test.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.122.40.161 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-40-161.eu-central-1.compute.amazonaws.com

audit-tcfv2.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 148.251.13.139 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.139.13.251.148.clients.your-server.de

ad.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.38.64.100 (France)

ASN16276 (OVH, FR)

c.tmyzer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.123.194.105 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a92-123-194-105.deploy.static.akamaitechnologies.com

ced.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.239.192.166 (France)

ASN16276 (OVH, FR)

tag.leadplace.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.154.72.131 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-72-131.eu-west-1.compute.amazonaws.com

p.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.84.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-15.fra2.r.cloudfront.net

d2zur9cc2gf1tx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.102.29.65 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-102-29-65.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225f:5e00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.226 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.19.184.31 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-184-31.eu-west-1.compute.amazonaws.com

s.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 204.237.133.120 (West Chester, United States) 2 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.220.243 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.139.115 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.68 (France)

ASN16276 (OVH, FR)
PTR: ns3216657.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.217.252.143 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-252-143.eu-west-1.compute.amazonaws.com

adtrack.adleadevent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	benefitboys.com 1 redirects www.benefitboys.com	392 KB
7	consensu.org quantcast.mgr.consensu.org — Cisco Umbrella Rank: 2211 test.quantcast.mgr.consensu.org — Cisco Umbrella Rank: 6105 audit-tcfv2.quantcast.mgr.consensu.org — Cisco Umbrella Rank: 10244	179 KB
5	cpx.to p.cpx.to — Cisco Umbrella Rank: 9109 s.cpx.to — Cisco Umbrella Rank: 2039	6 KB
5	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 48 stats.g.doubleclick.net — Cisco Umbrella Rank: 104 cm.g.doubleclick.net — Cisco Umbrella Rank: 206	6 KB
4	gstatic.com fonts.gstatic.com	101 KB
4	themoneytizer.com ads.themoneytizer.com — Cisco Umbrella Rank: 28898	188 KB
3	zeotap.com spl.zeotap.com — Cisco Umbrella Rank: 1685 mwzeom.zeotap.com — Cisco Umbrella Rank: 1341	21 KB
3	a-ads.com ad.a-ads.com — Cisco Umbrella Rank: 27095 static.a-ads.com — Cisco Umbrella Rank: 39748	654 KB
3	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110	231 KB
2	smartadserver.com 1 redirects sync.smartadserver.com — Cisco Umbrella Rank: 1479	1 KB
2	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 399	2 KB
2	pubmatic.com 2 redirects image2.pubmatic.com — Cisco Umbrella Rank: 838	631 B
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 361	657 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 47	20 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 55 ajax.googleapis.com — Cisco Umbrella Rank: 294	32 KB
1	adleadevent.com adtrack.adleadevent.com — Cisco Umbrella Rank: 32169	530 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 570	1 KB
1	casalemedia.com as-sec.casalemedia.com — Cisco Umbrella Rank: 1338	430 B
1	rlcdn.com api.rlcdn.com — Cisco Umbrella Rank: 835	363 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 939	1 KB
1	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 635	13 KB
1	cloudfront.net d2zur9cc2gf1tx.cloudfront.net	26 KB
1	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 982	10 KB
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 748
1	leadplace.fr tag.leadplace.fr — Cisco Umbrella Rank: 26206	6 KB
1	criteo.com gum.criteo.com — Cisco Umbrella Rank: 381	373 B
1	sascdn.com ced.sascdn.com — Cisco Umbrella Rank: 9613	30 KB
1	tmyzer.com c.tmyzer.com — Cisco Umbrella Rank: 27905	271 B
1	google.de www.google.de — Cisco Umbrella Rank: 5859	501 B
1	google.com www.google.com — Cisco Umbrella Rank: 4	501 B
1	effectivedisplaycontent.com www.effectivedisplaycontent.com — Cisco Umbrella Rank: 205358
1	safestgatetocontent.com pl17250047.safestgatetocontent.com
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 80	39 KB
73	33

	Domain	Requested by
18	www.benefitboys.com	1 redirects www.benefitboys.com
5	quantcast.mgr.consensu.org	www.benefitboys.com quantcast.mgr.consensu.org
4	s.cpx.to	p.cpx.to www.benefitboys.com
4	fonts.gstatic.com	fonts.googleapis.com
4	ads.themoneytizer.com	www.benefitboys.com ads.themoneytizer.com
3	cm.g.doubleclick.net	3 redirects
3	pagead2.googlesyndication.com	www.benefitboys.com pagead2.googlesyndication.com
2	sync.smartadserver.com	1 redirects www.benefitboys.com
2	secure.adnxs.com	2 redirects
2	image2.pubmatic.com	2 redirects
2	match.adsrvr.org	js-sec.indexww.com www.benefitboys.com
2	spl.zeotap.com	ads.themoneytizer.com spl.zeotap.com
2	ad.a-ads.com	www.benefitboys.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	adtrack.adleadevent.com	ajax.googleapis.com
1	id5-sync.com	www.benefitboys.com
1	as-sec.casalemedia.com	js-sec.indexww.com
1	api.rlcdn.com	js-sec.indexww.com
1	mwzeom.zeotap.com	www.benefitboys.com
1	ajax.googleapis.com	d2zur9cc2gf1tx.cloudfront.net
1	rules.quantcount.com	secure.quantserve.com
1	static.a-ads.com	ad.a-ads.com
1	js-sec.indexww.com	ads.themoneytizer.com
1	d2zur9cc2gf1tx.cloudfront.net	ads.themoneytizer.com
1	p.cpx.to	ads.themoneytizer.com
1	secure.quantserve.com	ads.themoneytizer.com
1	onetag-sys.com	ads.themoneytizer.com
1	tag.leadplace.fr	ads.themoneytizer.com
1	gum.criteo.com	ads.themoneytizer.com
1	ced.sascdn.com	ads.themoneytizer.com
1	c.tmyzer.com	ads.themoneytizer.com
1	www.google.de	www.benefitboys.com
1	www.google.com	www.benefitboys.com
1	audit-tcfv2.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
1	stats.g.doubleclick.net	www.google-analytics.com
1	test.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
1	www.effectivedisplaycontent.com	www.benefitboys.com
1	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	pl17250047.safestgatetocontent.com	www.benefitboys.com
1	fonts.googleapis.com	www.benefitboys.com
1	www.googletagmanager.com	www.benefitboys.com
73	41

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-04-21` - `2023-04-21`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
1266287590.rsc.cdn77.org R3	`2022-05-24` - `2022-08-22`	3 months	crt.sh
safestgatetocontent.com R3	`2022-05-21` - `2022-08-19`	3 months	crt.sh
*.cmp.quantcast.com R3	`2022-04-26` - `2022-07-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
effectivedisplaycontent.com R3	`2022-04-22` - `2022-07-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.a-ads.com Sectigo ECC Domain Validation Secure Server CA	`2021-12-08` - `2023-01-08`	a year	crt.sh
c.tmyzer.com R3	`2022-05-30` - `2022-08-28`	3 months	crt.sh
*.sascdn.com DigiCert SHA2 Secure Server CA	`2021-09-13` - `2022-09-13`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-07`	3 months	crt.sh
*.leadplace.fr Gandi Standard SSL CA 2	`2021-09-12` - `2022-09-12`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
p.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2022-01-13` - `2023-01-13`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
s.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2022-01-17` - `2023-01-17`	a year	crt.sh
*.id5-sync.com R3	`2022-05-31` - `2022-08-29`	3 months	crt.sh
adtrack.adleadevent.com Amazon	`2022-06-13` - `2023-07-12`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.benefitboys.com/
Frame ID: A368D5315B69099791F79D5C770AF7F7
Requests: 68 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220608/r20190131/zrt_lookup.html
Frame ID: 58C31C6C17F186526D300CCD942B83FD
Requests: 1 HTTP requests in this frame

Frame: https://ad.a-ads.com/1966925?size=320x100
Frame ID: E56A921ECD2D4C11402B750AB0B2B876
Requests: 3 HTTP requests in this frame

Frame: https://ad.a-ads.com/1966925?size=320x100
Frame ID: 18C8D5143C62528EE9EE592C7E0A8B30
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1655130013353
Frame ID: 6DF5D19B029B20BEC13EC19160E4B944
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Benefit Boys | Song Lyrics and Meaning

Page URL History Show full URLs

http://www.benefitboys.com/ HTTP 301
https://www.benefitboys.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

Quantcast Choice (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

quantcast\.mgr\.consensu\.org

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

73
Requests

93 %
HTTPS

49 %
IPv6

33
Domains

41
Subdomains

35
IPs

8
Countries

1959 kB
Transfer

4586 kB
Size

22
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.benefitboys.com/ HTTP 301
https://www.benefitboys.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 62

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=e7cc859d-96ad-4016-4307-e831fb22be93&reqId=acbf8009-6e47-463e-7a41-fd4ca1266d7f&zdid=1258 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=e7cc859d-96ad-4016-4307-e831fb22be93&reqId=acbf8009-6e47-463e-7a41-fd4ca1266d7f&zdid=1258&google_tc= HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEC88Zw4Mywm6UF_fYlUccmo&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=e7cc859d-96ad-4016-4307-e831fb22be93&reqId=acbf8009-6e47-463e-7a41-fd4ca1266d7f&zdid=1258

Request Chain 67

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D8ed06e95-ab3a-4cd7-89fe-54caeedeaf28 HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D8ed06e95-ab3a-4cd7-89fe-54caeedeaf28 HTTP 302
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=648C3D72-0438-4DA9-8972-8AFEFEE337AD&fid=8ed06e95-ab3a-4cd7-89fe-54caeedeaf28

Request Chain 68

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=8ed06e95-ab3a-4cd7-89fe-54caeedeaf28 HTTP 302
https://s.cpx.to/ca.png?dsp=dbm&fid=8ed06e95-ab3a-4cd7-89fe-54caeedeaf28&google_gid=CAESEF03eDWXhvIzdmIsZY8kXqM&google_cver=1

Request Chain 70

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12763%26ref%3D%26url%3Dhttps%253A%252F%252Fwww.benefitboys.com%252F%26hn_ver%3D40%26fid%3D8ed06e95-ab3a-4cd7-89fe-54caeedeaf28 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fan_fire%253Fapp_nexus_uid%253D%2524UID%2526pid%253D12763%2526ref%253D%2526url%253Dhttps%25253A%25252F%25252Fwww.benefitboys.com%25252F%2526hn_ver%253D40%2526fid%253D8ed06e95-ab3a-4cd7-89fe-54caeedeaf28 HTTP 302
https://s.cpx.to/an_fire?app_nexus_uid=1991317069509072773&pid=12763&ref=&url=https%3A%2F%2Fwww.benefitboys.com%2F&hn_ver=40&fid=8ed06e95-ab3a-4cd7-89fe-54caeedeaf28

Request Chain 71

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D8ed06e95-ab3a-4cd7-89fe-54caeedeaf28&gdpr=0 HTTP 302
https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=8ed06e95-ab3a-4cd7-89fe-54caeedeaf28&gdpr=0&cklb=1

73 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.benefitboys.com/
Redirect Chain

http://www.benefitboys.com/
https://www.benefitboys.com/

45 KB
10 KB

639ms
618ms

Document
text/html

2606:4700:3036::6815:1b4d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.benefitboys.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:1b4d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea206b9ccf6b1e8c60b3bdf24f71baa03b1bd02d454bbd539415215531cb8bca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 71ab772f7c6791ea-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 13 Jun 2022 14:20:12 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
link: <https://www.benefitboys.com/wp-json/>; rel="https://api.w.org/", <https://www.benefitboys.com/wp-json/wp/v2/pages/64293>; rel="alternate"; type="application/json", <https://www.benefitboys.com/>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RyC8C62U5HgjCCmmWR%2BlvOaQtuV4FCCLrw7eMrLf7SaGB0KYORFPntn6L%2FRaUQXIPC245L4C62Ya%2Fooqq5f3nmd172DfAFnD6fKs30Pn9dVB0pHxWbZVPSHTZqh1GmWeagztm8u9n2Jv5qgxxRMwOsE6"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent

Redirect headers

CF-RAY: 71ab772f387c90d6-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Mon, 13 Jun 2022 14:20:12 GMT
Expires: Mon, 13 Jun 2022 15:20:12 GMT
Location: https://www.benefitboys.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pc5Oyev7p9VXewm%2Fkkv6GYXzAICQOrgiKkJq9f8GSk7eHowv2bovzXZz8KuCes4nV89mr7fma6KofD3vlnj%2BCOzbvfxWf9YoaSU8y1DCpA9Q1PvT5fO3MJ0%2FSoTC3VxQ02BbaJqlfXCa93yol3ECUydd"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 164 KB
56 KB 66ms
38ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.benefitboys.com
URL: https://www.benefitboys.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d807a50a94beccff33c1fa114a84a9077808f30deb2ae8861907229dfd746bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitboys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 14:20:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56536
x-xss-protection: 0
server: cafe
etag: 16448407452491538065
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 13 Jun 2022 14:20:12 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 101 KB
39 KB 49ms
20ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-193357852-1

Requested by

Host: www.benefitboys.com
URL: https://www.benefitboys.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5fa0ed3b1aa4a5805ad0433d37f40ed03471977d1666545e92de48c452c06005

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitboys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 14:20:12 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39773
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 13 Jun 2022 14:20:12 GMT

GET
H2 200 autoptimize_8045957e37e71688bc11e84c6a6fe57b.css
www.benefitboys.com/wp-content/cache/autoptimize/css/ 428 KB
79 KB 37ms
31ms Stylesheet
text/css 2606:4700:3036::6815:1b4d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.benefitboys.com/wp-content/cache/autoptimize/css/autoptimize_8045957e37e71688bc11e84c6a6fe57b.css

Requested by

Host: www.benefitboys.com
URL: https://www.benefitboys.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:1b4d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

994afe06a13f48e1f8149442b40fa9e21b9f2780d1487a55a2678ad52b8ee261

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitboys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 14:20:12 GMT
content-encoding: br
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1398462
cf-polished: origSize=440194
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 28 May 2022 09:37:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XJUCA0nmdYZ3BGLCG476piTSLIugcB2m%2BWD4LUBaruZ5YBEdayndGJkdp5ipDWiPeEmRAtu%2F2cRNZ50Wm2jpGl2i%2BHitOpXmgIiMQE%2F8joEiCTCfwyWAFTZZdnVLB4Yr%2BIs8gN7Ezj2B0e53rdoPckge"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=30672000, immutable
cf-ray: 71ab77337cd091ea-FRA
expires: Thu, 18 May 2023 09:52:29 GMT

GET
H2 200 css
fonts.googleapis.com/ 13 KB
1 KB 45ms
17ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato%3A100%2C300%2C400%2C700%2C900%2C100italic%2C300italic%2C400italic%2C700italic%2C900italic%7CMontserrat%3A700%2C400%2C600%2C500&font-display=swap&ver=1653563528

Requested by

Host: www.benefitboys.com
URL: https://www.benefitboys.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cec6e175ef0ba733d6eb37f21e66865694445d4bbdef8471c195917a01d4f6bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitboys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 14:12:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 13 Jun 2022 14:20:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Jun 2022 14:20:12 GMT

GET
H2 200 jquery.min.js Show response
www.benefitboys.com/wp-includes/js/jquery/ 87 KB
32 KB 63ms
60ms Script
application/javascript 2606:4700:3036::6815:1b4d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.benefitboys.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Requested by

Host: www.benefitboys.com
URL: https://www.benefitboys.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:1b4d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitboys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 14:20:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 20 Jul 2021 20:35:24 GMT
server: cloudflare
age: 5653
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dX%2BDIRqV2alW7Ar54RgGNg%2BpQCiRJDg6PfL%2B203%2BW1xmIZ6qnmCl3GHu15qj89xtffGwbQPtBRg7wgH5sM5JVkvWXCyzxAtXI9MccN5NKZKLmsGNog0gR%2B6jMlWTGJGhsi5p1RsEt1972yvmBI0D%2FfpT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
cf-ray: 71ab77337cd891ea-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 164 KB
55 KB 46ms
28ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7098210977244557

Requested by

Host: www.benefitboys.com
URL: https://www.benefitboys.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

13ea084536353359e001a301e5da1d59f5037c6c51bbd4fde9599a3d407cbb0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.benefitboys.com/
Origin: https://www.benefitboys.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 14:20:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56512
x-xss-protection: 0
server: cafe
etag: 7120514037479025195
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 13 Jun 2022 14:20:12 GMT

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ 4 KB
2 KB 78ms
7ms Script
text/html 2a02:6ea0:c700::1
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=19
Requested by: Host: www.benefitboys.com
URL: https://www.benefitboys.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::1 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 7d2b3e8a1d6b172ea7936a53c5a937dcb7bc22b5bd5be45c048c4af9fca56d66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitboys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-77-nzt: AcO1ryyqPiz/MnAAAA
x-accel-expires: @1655187690
date: Mon, 13 Jun 2022 14:20:12 GMT
content-encoding: br
server: CDN77-Turbo
x-77-nzt-ray: xc+q/5TUmEU
x-77-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
x-cache: HIT
x-age: 28722
x-77-pop: frankfurtDE

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ 86 KB
13 KB 83ms
13ms Script
text/html 2a02:6ea0:c700::1
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=92715&formatId=19
Requested by: Host: www.benefitboys.com
URL: https://www.benefitboys.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::1 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 15b37098b438133cf02b59e052749cb467b2963b5b1ae31d31c2dbefc8082c53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitboys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-77-nzt: AcO1rywJgzj/jCAAAA
x-accel-expires: @1655208080
date: Mon, 13 Jun 2022 14:20:12 GMT
content-encoding: br
server: CDN77-Turbo
x-77-nzt-ray: WQaGKFmkfdM
x-77-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
x-cache: HIT
x-age: 8332
x-77-pop: frankfurtDE

GET
H/1.1 403
Forbidden 184d2a95eb89157a249e86443e4ecde8.js
pl17250047.safestgatetocontent.com/18/4d/2a/ 0
0 1361ms
102ms Script
application/javascript 192.243.61.225
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pl17250047.safestgatetocontent.com/18/4d/2a/184d2a95eb89157a249e86443e4ecde8.js
Requested by: Host: www.benefitboys.com
URL: https://www.benefitboys.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.61.225 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.22.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitboys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Mon, 13 Jun 2022 14:20:14 GMT
Server: nginx/1.22.0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type: application/javascript
Content-Length: 0

GET
H3 200 autoptimize_8c24019282de11efaff4c42dd7d1e29a.js Show response
www.benefitboys.com/wp-content/cache/autoptimize/js/ 241 KB
65 KB 22ms
22ms Script
application/javascript 2606:4700:3036::6815:1b4d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.benefitboys.com/wp-content/cache/autoptimize/js/autoptimize_8c24019282de11efaff4c42dd7d1e29a.js

Requested by

Host: www.benefitboys.com
URL: https://www.benefitboys.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:1b4d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df94be95b9b7dfbd3122252f062f9e29ea2a2b54e07e228f0da79f0bfd1da7a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitboys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 14:20:12 GMT
content-encoding: br
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5653
cf-polished: origSize=247353
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 15 May 2022 16:24:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2FwVYB328E3H0Mgk0V3QQSt1mJnhhqiMA4sHt87HKRH7CO1Qg2eGxOUzoyt5mPFnyaL%2FuO6ydkKXxo1MO4VUoWUNUcw6%2BId5%2B7np6UhF2cPCZMbiu4M%2F3N6CA6l89%2FbDkAbwvckdlhSevbg1P3Y8dPDJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=30672000, immutable
cf-ray: 71ab7733facf921f-FRA
expires: Sat, 03 Jun 2023 12:45:59 GMT

GET
H3 200 wp-emoji-release.min.js Show response
www.benefitboys.com/wp-includes/js/ 18 KB
5 KB 17ms
16ms Script
application/javascript 2606:4700:3036::6815:1b4d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.benefitboys.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0

Requested by

Host: www.benefitboys.com
URL: https://www.benefitboys.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:1b4d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitboys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 14:20:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 25 May 2022 06:20:52 GMT
server: cloudflare
age: 5653
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LZNR4%2Ftfpq03mRBsQCNf%2BjQAF8Q2cf3l22AuKha3TEYyPbecHM2qdAUNGsUnxGDtP7Mz0zp1A8Bcv4wAEskV47IcDk7sqQkNPUA6hhKtb8geeC4kGsIveCqbCqbf1Q35g0v5qKVn0YwuzCp1gRTTSS57"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
cf-ray: 71ab7733fad0921f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 choice.js Show response
quantcast.mgr.consensu.org/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/ 3 KB
2 KB 61ms
7ms Script
application/javascript 2600:9000:2240:3e00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
Requested by: Host: www.benefitboys.com
URL: https://www.benefitboys.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:3e00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8f24dc76070927cc3d13b4f52f8ecb898fce1875c32563e7a3fae2450ef6babc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitboys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 13 Jun 2022 14:19:46 GMT
content-encoding: gzip
last-modified: Mon, 13 Sep 2021 14:18:10 GMT
server: AmazonS3
age: 40
etag: W/"a7fa5501113779849b63118ade529910"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
cache-control: max-age=900
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: 5zMtFBWJsojSd3NWf4WifjMZ3M6fRSWMgcrbdpA_MLA1fmsxiT2E-Q==

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 31ms
7ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A100%2C300%2C400%2C700%2C900%2C100italic%2C300italic%2C400italic%2C700italic%2C900italic%7CMontserrat%3A700%2C400%2C600%2C500&font-display=swap&ver=1653563528

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.benefitboys.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 17:08:09 GMT
x-content-type-options: nosniff
age: 508323
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Jun 2023 17:08:09 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v24/ 30 KB
30 KB 39ms
16ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v24/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.benefitboys.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 17:07:05 GMT
x-content-type-options: nosniff
age: 508387
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30876
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 14:37:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Jun 2023 17:07:05 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 36ms
14ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.benefitboys.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 17:08:09 GMT
x-content-type-options: nosniff
age: 508323
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Jun 2023 17:08:09 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-193357852-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitboys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 64
date: Mon, 13 Jun 2022 14:19:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 13 Jun 2022 16:19:08 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206070101/ 341 KB
120 KB 57ms
34ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7098210977244557&plah=www.benefitboys.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8c3b966a2177707c0428a22dcf178b018747bbc411ed0bb7ef68dc2b6b4c2758

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitboys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 14:20:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123030
x-xss-protection: 0
server: cafe
etag: 13608932907742301937
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 13 Jun 2022 14:20:12 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220608/r20190131/ Frame 58C3 10 KB
5 KB 31ms
7ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220608/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d47d037df7ce60259bada68116ab3d22195043a77ac538a9ae6accb7f21f03d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.benefitboys.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1673
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4416
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 13 Jun 2022 13:52:19 GMT
etag: 14734731752043123527
expires: Mon, 27 Jun 2022 13:52:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 403
Forbidden invoke.js
www.effectivedisplaycontent.com/bda4693600fab9c6e0a7ae021fe612ac/ 0
0 487ms
111ms Script
application/javascript 192.243.61.225
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.effectivedisplaycontent.com/bda4693600fab9c6e0a7ae021fe612ac/invoke.js
Requested by: Host: www.benefitboys.com
URL: https://www.benefitboys.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.61.225 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.22.0 /
Resource Hash

Request headers

Referer: https://www.benefitboys.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Mon, 13 Jun 2022 14:20:13 GMT
Server: nginx/1.22.0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type: application/javascript
Content-Length: 0

GET
H2 200 cmp2.js Show response
quantcast.mgr.consensu.org/tcfv2/ 177 KB
43 KB 10ms
10ms Script
text/javascript 2600:9000:2240:3e00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.themoneytizer.com
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:3e00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28ca39f2ce8df2f544e8a665b97e6e9327185850a8373a99b9a06d12c5becce2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitboys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 14:19:32 GMT
content-encoding: br
age: 41
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Tue, 24 May 2022 17:38:43 GMT
server: AmazonS3
etag: W/"d1cd21eabed7b3f0b671004cf14ae9c1"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
via: 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-meta-qc-ineu: True
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: cs4Tjk8B9-OOwxGG41mvOjgQrY7J6gxiFl627enoN7G3MXUifD221w==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 31ms
15ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=631134768&t=pageview&_s=1&dl=https%3A%2F%2Fwww.benefitboys.com%2F&ul=en-us&de=UTF-8&dt=Benefit%20Boys%20%7C%20Song%20Lyrics%20and%20Meaning&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1391928445&gjid=1583653713&cid=2120781048.1655130013&tid=UA-193357852-1&_gid=1136948156.1655130013&_r=1&gtm=2ou680&z=229636284

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.benefitboys.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 13 Jun 2022 14:20:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.benefitboys.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cmp-list.json Show response
test.quantcast.mgr.consensu.org/GVL-v2/ 9 KB
3 KB 38ms
9ms XHR
application/json 2600:9000:21f3:5200:3:a4cd:8380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test.quantcast.mgr.consensu.org/GVL-v2/cmp-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.themoneytizer.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:5200:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 18a3ce2da8cab0fec04771097c8644f37afa6c14c0247a5f99932847a02b15b0

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.benefitboys.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 03:00:40 GMT
content-encoding: br
age: 40773
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Fri, 03 Jun 2022 19:52:29 GMT
server: AmazonS3
etag: W/"3e2b8eacd73209ee02c8a777656c291f"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-version-id: 81vl0vzR_mLNZjguIB5PbdOC8XszyVYc
via: 1.1 2f194b62c8c43859cbf5af8e53a8d2a6.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: FRA2-C2
content-type: application/json
x-amz-cf-id: VWDzl4XbaMLEviaEFPpIYeUb3_34mhen-K9YwyICqeNoCPEflgz7zw==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
445 B 59ms
20ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-193357852-1&cid=2120781048.1655130013&jid=1391928445&gjid=1583653713&_gid=1136948156.1655130013&_u=YEBAAUAAAAAAAC~&z=428625194

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.benefitboys.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 13 Jun 2022 14:20:12 GMT
content-type: text/plain
access-control-allow-origin: https://www.benefitboys.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cmp2ui-en.js Show response
quantcast.mgr.consensu.org/tcfv2/41/ 229 KB
56 KB 9ms
9ms Script
text/javascript 2600:9000:2240:3e00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/41/cmp2ui-en.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.themoneytizer.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:3e00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7694dd13e2fb81ec4254703d8d32a4e3ea22f0639a3a2a532216014c59716e8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitboys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 23:34:03 GMT
content-encoding: br
age: 139570
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Tue, 24 May 2022 17:38:16 GMT
server: AmazonS3
etag: W/"3f5a266152898bbbe8a9a8099806846c"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
via: 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: 7m4vd38eL-ZQAS8hONqJIMGfBA7r-tH0YCCl2A8DB8ZDheZ4TE3Kow==

GET
H2 200 vendor-list-trimmed-v1.json Show response
quantcast.mgr.consensu.org/GVL-v2/ 303 KB
39 KB 25ms
8ms XHR
application/json 2600:9000:2240:3e00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/GVL-v2/vendor-list-trimmed-v1.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.themoneytizer.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:3e00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d4429e8ff81146ce9bba70c14cd471d4b58a4e504505894da2aa7df575b897b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitboys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 03:00:35 GMT
content-encoding: gzip
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age: 40777
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Mon, 13 Jun 2022 03:00:33 GMT
server: AmazonS3
etag: W/"29306c1777cc11749dacfab893f493f7"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
via: 1.1 b04a6cb0bde4a78c29099913e07f9056.cloudfront.net (CloudFront)
cache-control: max-age=172800
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: eeotriaC8L_jH0an3Amsh-03-yDIKLJVshIMLaTKY4g43RhNk5LINg==

GET
H2 200 google-atp-list.json Show response
quantcast.mgr.consensu.org/tcfv2/ 154 KB
36 KB 32ms
16ms XHR
application/json 2600:9000:2240:3e00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/google-atp-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.themoneytizer.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:3e00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 241bb9acfebdc15a25a2e0fc4a2b8bcdd6228ad218c4b920cd4e5d804034410e

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.benefitboys.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 03:00:30 GMT
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age: 40783
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Mon, 13 Jun 2022 03:00:27 GMT
server: AmazonS3
etag: W/"9c8582960e0d51532f3916e4299a7c0d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
via: 1.1 b04a6cb0bde4a78c29099913e07f9056.cloudfront.net (CloudFront)
cache-control: max-age=172800
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: w3EiWBj5fL37zXt1CDTGS9ULmR0wO3FSFu40GXfChynfkamUFzX7Ug==

GET
H2 200 / Show response
audit-tcfv2.quantcast.mgr.consensu.org/ 2 B
101 B 34ms
8ms XHR
text/plain 3.122.40.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://audit-tcfv2.quantcast.mgr.consensu.org/?log=%7B%22accountId%22%3A%226Fv0cGNfc_bw8%22%2C%22domain%22%3A%22www.benefitboys.com%22%2C%22publisher%22%3A%22themoneytizer.com%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.41%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22HbxGb%2B34XCkQ4dJL2MD7TA%22%2C%22clientTimestamp%22%3A1655130012981%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-p74lk87y7qwvhuar1a10%22%7D
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/41/cmp2ui-en.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.40.161 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-40-161.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.benefitboys.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 13 Jun 2022 14:20:13 GMT
content-length: 2
content-type: text/plain; charset=utf-8

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 56ms
33ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-193357852-1&cid=2120781048.1655130013&jid=1391928445&_u=YEBAAUAAAAAAAC~&z=1717939266

Requested by

Host: www.benefitboys.com
URL: https://www.benefitboys.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitboys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Jun 2022 14:20:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 59ms
36ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-193357852-1&cid=2120781048.1655130013&jid=1391928445&_u=YEBAAUAAAAAAAC~&z=1717939266

Requested by

Host: www.benefitboys.com
URL: https://www.benefitboys.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitboys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Jun 2022 14:20:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 1966925 Show response
ad.a-ads.com/ Frame E56A 6 KB
2 KB 52ms
17ms Document
text/html 148.251.13.139
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1966925?size=320x100

Requested by

Host: www.benefitboys.com
URL: https://www.benefitboys.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

148.251.13.139 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.139.13.251.148.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

7b576071ecd677bebe7c995fd13eaee49c1d9b8ee11101199dbf72b73d004a04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.benefitboys.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html;charset=utf-8
Date: Mon, 13 Jun 2022 14:20:13 GMT
Server: nginx
Status: 200 OK
Transfer-Encoding: chunked
Vary: Accept-Encoding Accept-Encoding
X-Content-Type-Options: nosniff
X-Original-Referer: https://www.benefitboys.com/
X-Powered-By: Phusion Passenger(R)
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 1966925 Show response
ad.a-ads.com/ Frame 18C8 6 KB
2 KB 50ms
18ms Document
text/html 148.251.13.139
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1966925?size=320x100

Requested by

Host: www.benefitboys.com
URL: https://www.benefitboys.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

148.251.13.139 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.139.13.251.148.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

2520fac8f20435b036e9bdb2e1a8f16aa14b534a9ef00d0480669213a0331959

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.benefitboys.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html;charset=utf-8
Date: Mon, 13 Jun 2022 14:20:13 GMT
Server: nginx
Status: 200 OK
Transfer-Encoding: chunked
Vary: Accept-Encoding Accept-Encoding
X-Content-Type-Options: nosniff
X-Original-Referer: https://www.benefitboys.com/
X-Powered-By: Phusion Passenger(R)
X-XSS-Protection: 1; mode=block

GET
H2 200 moneybile.js Show response
ads.themoneytizer.com/ 38 KB
16 KB 12ms
11ms Script
application/javascript 2a02:6ea0:c700::1
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybile.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=19
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::1 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitboys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-77-nzt: AcO1rywzN9z/RIgAAA
pragma: public
date: Mon, 13 Jun 2022 14:20:13 GMT
content-encoding: br
etag: W/"604b9fc7-981e"
last-modified: Fri, 12 Mar 2021 17:07:19 GMT
server: CDN77-Turbo
x-77-nzt-ray: UwksU3Lohjc
x-77-cache: HIT
content-type: application/javascript
x-cache: HIT
x-age: 34884
x-77-pop: frankfurtDE
x-accel-expires: @1656131929

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ 0
271 B 104ms
23ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=92715&f=19&fi=99
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=92715&formatId=19
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitboys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 13 Jun 2022 14:20:13 GMT
Server: nginx
X-IPLB-Request-ID: 515F052A:B63E_36264064:01BB_62A7479D_4B5B7DF:2C9E0
X-IPLB-Instance: 38437
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK smart.js Show response
ced.sascdn.com/tag/1097/ 93 KB
30 KB 68ms
8ms Script
application/javascript 92.123.194.105
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced.sascdn.com/tag/1097/smart.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=92715&formatId=19
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.194.105 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-194-105.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1a31c3e964c1966b1108fd3f199e4ce2c1a364022d85b20e3154345fb824cdfe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitboys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Mon, 13 Jun 2022 14:20:13 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=900
Connection: keep-alive
Content-Length: 30827
Expires: Mon, 13 Jun 2022 14:35:13 GMT

GET
H2 200 sync Show response
gum.criteo.com/ 49 B
373 B 110ms
17ms Script
text/javascript 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=92715&formatId=19

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitboys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 14:20:13 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 1650
strict-transport-security: max-age=31536000; preload;
content-length: 165
expires: 60

GET
H2 200 mapper.js Show response
spl.zeotap.com/ 61 KB
20 KB 56ms
23ms Script
application/javascript 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=92715&formatId=19
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52d507688e76dfbe48fce79beb89be7f30101e95e9e06c121c461e30517ab36f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitboys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

cf-ray: 71ab7737a8c69036-FRA
date: Mon, 13 Jun 2022 14:20:13 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://www.benefitboys.com
access-control-allow-credentials: true
content-encoding: br
access-control-allow-headers: *

GET
H/1.1 200
OK libJsLP.js Show response
tag.leadplace.fr/ 5 KB
6 KB 92ms
21ms Script
application/javascript 145.239.192.166
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.leadplace.fr/libJsLP.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=92715&formatId=19
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitboys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Mon, 13 Jun 2022 14:20:13 GMT
Last-Modified: Thu, 07 Oct 2021 11:26:48 GMT
Server: nginx/1.14.2
X-IPLB-Request-ID: 515F052A:AE1E_91EFC0A6:01BB_62A7479D_FF09F8AD:4504
ETag: "615ed978-15ab"
X-IPLB-Instance: 30195
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 5547

GET
H2 204 /
onetag-sys.com/usync/ Frame 6DF5 0
0 37ms
9ms Document
text/plain 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1655130013353

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=92715&formatId=19

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.benefitboys.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 45ms
9ms Script
application/javascript 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=92715&formatId=19
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitboys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 14:20:13 GMT
content-encoding: gzip
etag: "u2JtyZzqnTXwzBUswy2r+w=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Mon, 20 Jun 2022 14:20:13 GMT

GET
H/1.1 200
OK px.js Show response
p.cpx.to/p/12763/ 2 KB
2 KB 148ms
27ms Script
application/javascript 54.154.72.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cpx.to/p/12763/px.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=92715&formatId=19
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.72.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-72-131.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 28b96f7dd5b99169b94e02f2abdcf2a2b2d5120894ed9dba434624901f0190ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitboys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Mon, 13 Jun 2022 14:20:12 GMT
Cache-Control: max-age=2419200, public
Connection: keep-alive
Content-Length: 1769
Content-Type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK notifyme.js Show response
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ 25 KB
26 KB 49ms
9ms Script
text/javascript 13.225.84.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=92715&formatId=19
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.84.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-15.fra2.r.cloudfront.net
Software: Apache /
Resource Hash: b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitboys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Mon, 13 Jun 2022 01:33:44 GMT
Via: 1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
Last-Modified: Mon, 18 Feb 2019 16:54:28 GMT
Server: Apache
Age: 45990
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C2
Accept-Ranges: bytes
Content-Length: 25704
X-Amz-Cf-Id: 0L9gBn-y0xBdzpKpXNd0DmqWyZG4XOO8MeFBY97VgJp2CLJz6-PQVw==

GET
H/1.1 200
OK 186329-261067657875242.js Show response
js-sec.indexww.com/ht/p/ 37 KB
13 KB 70ms
19ms Script
text/javascript 104.102.29.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=92715&formatId=19
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.102.29.65 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-102-29-65.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7e176e51c1dff07522d527754e78745b4fe73db4b875ab85be5ec57e2e35346c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitboys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Mon, 13 Jun 2022 14:20:13 GMT
Content-Encoding: gzip
Last-Modified: Mon, 13 Jun 2022 13:55:29 GMT
Server: Apache
ETag: "905b1f-930b-5e154a4159a71"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=2207
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 12788
Expires: Mon, 13 Jun 2022 14:57:00 GMT

GET
H2 200 prebid.js Show response
ads.themoneytizer.com/moneybid6_24/build/dist/ 632 KB
158 KB 36ms
35ms Script
application/javascript 2a02:6ea0:c700::1
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybid6_24/build/dist/prebid.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=92715&formatId=19
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::1 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: fc02197f27ff0b964fd4e334851eb9f967caf103d40c94de3783ad936d84ded3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitboys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-77-nzt: AcO1rywFcwD/XYIAAA
pragma: public
date: Mon, 13 Jun 2022 14:20:13 GMT
content-encoding: br
etag: W/"62851d9b-9e09a"
last-modified: Wed, 18 May 2022 16:23:55 GMT
server: CDN77-Turbo
x-77-nzt-ray: jb7dd1dRHg4
x-77-cache: HIT
content-type: application/javascript
x-cache: HIT
x-age: 33373
x-77-pop: frankfurtDE
x-accel-expires: @1656133440

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
fonts.gstatic.com/s/montserrat/v24/ 25 KB
25 KB 26ms
9ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v24/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

672305a06578c62e801efdb067fffad21042eb1f0b66f41eb6f744b9f46114a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.benefitboys.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 17:12:15 GMT
x-content-type-options: nosniff
age: 508078
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25088
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 14:38:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Jun 2023 17:12:15 GMT

GET
H3 200 Pharrell-Williams-Cash-In-Cash-Out-Lyrics.jpg
www.benefitboys.com/wp-content/uploads/2022/06/ 12 KB
12 KB 24ms
22ms Image
image/jpeg 2606:4700:3036::6815:1b4d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.benefitboys.com/wp-content/uploads/2022/06/Pharrell-Williams-Cash-In-Cash-Out-Lyrics.jpg

Requested by

Host: www.benefitboys.com
URL: https://www.benefitboys.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:1b4d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

244db43d267dc2188bb0f004419207bb009492d8a1a01878e06cd1cf5a19e087

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitboys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 14:20:13 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5653
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11971
last-modified: Fri, 10 Jun 2022 11:44:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2F%2B%2ByNdVAlyAAWX%2FR2G2cNyInU%2BFEFpNxFSrMaMjlCBHruz8a7s4EfBvqap78ZzuLt%2BExofQJv1jvyZGvgXMHjQYa2Xqj5EaJcpjj7YexFfYiREIYEQdR2NXAD6X0%2Be2NtOr1B8ymiEmK7VxOWFJQrZL"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 71ab773798eb921f-FRA

GET
H3 200 BTS-PROOF-Lyrics.jpg
www.benefitboys.com/wp-content/uploads/2022/06/ 6 KB
7 KB 18ms
17ms Image
image/jpeg 2606:4700:3036::6815:1b4d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.benefitboys.com/wp-content/uploads/2022/06/BTS-PROOF-Lyrics.jpg

Requested by

Host: www.benefitboys.com
URL: https://www.benefitboys.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:1b4d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85e784e82e99ea5510efb10a53822956464d9cfd9df239b5d7b12217f8a2e718

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitboys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 14:20:13 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5653
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6636
last-modified: Thu, 09 Jun 2022 13:07:17 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZhoNUUgn%2Fr7rX2LZ7LrmgxnP2SuIJb0%2Fg0pmjbsDcHP1ZhuATMwR4PHf6AYKxv28Pd3t9WGxKbgdbzhD9FjGCD4%2FHYJmw1tyhXBt03xmZpja6Mwi7ZhS%2BNpqwn66yF%2FJDkx230qHaRbfYVert7cyVrsM"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 71ab773798ef921f-FRA

GET
H3 200 Kevin-Gates-Super-General-Freestyle-Lyrics.jpg
www.benefitboys.com/wp-content/uploads/2022/06/ 21 KB
21 KB 16ms
15ms Image
image/jpeg 2606:4700:3036::6815:1b4d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.benefitboys.com/wp-content/uploads/2022/06/Kevin-Gates-Super-General-Freestyle-Lyrics.jpg

Requested by

Host: www.benefitboys.com
URL: https://www.benefitboys.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:1b4d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e6136a248d63de057c7c306cb2b488abbfc5c71cd8734eded25dc935784ebb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitboys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 14:20:13 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5653
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21439
last-modified: Thu, 09 Jun 2022 16:51:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0SdWM97V9JlyqhJ6HdfJa32zgN6Ro9EpRLZDqdxEuAyJHEuSX4Zag4oifZJwCle%2FzMDTbM8Mra1dc4TUDYCEO%2B%2BN42plflUIder13tTMwU3CBo1IYu1yL20pWbENXpsbL9vogILqIqzHj6mVI0i9faSy"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 71ab773798f0921f-FRA

GET
H3 200 Soccer-Mommy-Shotgun-Lyrics.jpg
www.benefitboys.com/wp-content/uploads/2022/03/ 17 KB
18 KB 24ms
23ms Image
image/jpeg 2606:4700:3036::6815:1b4d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.benefitboys.com/wp-content/uploads/2022/03/Soccer-Mommy-Shotgun-Lyrics.jpg

Requested by

Host: www.benefitboys.com
URL: https://www.benefitboys.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:1b4d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa056979ca1e9fa34e1b1b4c688c44f873a5e6748a13f150465d48b66453bf3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitboys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 14:20:13 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5653
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17677
last-modified: Thu, 24 Mar 2022 16:43:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2ByJulE0kFM0g8EZuTSSIsfa7C6TB2bl6UVXj5htJcrS6FSGz7jim66tQWFYPer28XBAXQ3fOlrRmaovNySs5QpeF1AWZr4AtwhkWKTnidp6xlmQ0dKDT5NDZAhU4VJYvix7AShMQsrkN1n2Y3dAT1CRz"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 71ab773798f1921f-FRA

GET
H3 200 A%E1%B9%A3a-V-Album-Lyrics.jpg
www.benefitboys.com/wp-content/uploads/2022/02/ 18 KB
19 KB 17ms
16ms Image
image/jpeg 2606:4700:3036::6815:1b4d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.benefitboys.com/wp-content/uploads/2022/02/A%E1%B9%A3a-V-Album-Lyrics.jpg

Requested by

Host: www.benefitboys.com
URL: https://www.benefitboys.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:1b4d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee2c39149cfcc33dd01ed80f8ae81e78ce8495b86cd6aabf60f4627e10520b31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitboys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 14:20:13 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5653
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18706
last-modified: Fri, 25 Feb 2022 00:05:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2hyEF76Dm6GHmphz7zI7RisJ8EoRvha9E1PWEuZQFhCJq0edtntB6%2FDUApkjOBNP3%2BdBuoR6jNpaGvu1BY352isnXZvV4esL8WIOvuzzyHGikmG8HO0csMSgQLAVj4i05PNqWVUx%2Fc%2FznBLrpp7HUD%2B1"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 71ab773798f2921f-FRA

GET
H3 200 Bad-Bunny-Un-Verano-Sin-Ti-Album-Lyrics.jpg
www.benefitboys.com/wp-content/uploads/2022/05/ 24 KB
25 KB 25ms
24ms Image
image/jpeg 2606:4700:3036::6815:1b4d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.benefitboys.com/wp-content/uploads/2022/05/Bad-Bunny-Un-Verano-Sin-Ti-Album-Lyrics.jpg

Requested by

Host: www.benefitboys.com
URL: https://www.benefitboys.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:1b4d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37ae7f3e79ba202da75ab1dcd497b2e9b4ec409bb98c17a9c451402013de3078

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitboys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 14:20:13 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5653
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24633
last-modified: Fri, 06 May 2022 06:32:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mjcJbDvX%2FTKoPSK%2Fw4EY4y%2B%2B7cM8%2FlGLJ5cpml8wGXCliQ28e6UaD%2BG7A0d9WjbZNZx0d8gd55Ev0l1ncMUlHMKc8Ju%2FRwnlhmxYGMEl4aw5A1hEUClssH3UDTX5qcTu16W0ia46u%2FhuuN5L9zmeK8EC"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 71ab773798f4921f-FRA

GET
H3 200 Harry-Styles-As-It-Was-Lyrics.jpg
www.benefitboys.com/wp-content/uploads/2022/03/ 10 KB
10 KB 32ms
30ms Image
image/jpeg 2606:4700:3036::6815:1b4d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.benefitboys.com/wp-content/uploads/2022/03/Harry-Styles-As-It-Was-Lyrics.jpg

Requested by

Host: www.benefitboys.com
URL: https://www.benefitboys.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:1b4d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b0b56e9ab12dcc22651e012bafc92928f58ae850b0877ab66c37abed53402b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitboys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 14:20:13 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5653
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10147
last-modified: Thu, 31 Mar 2022 22:37:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ml27iL4Jhf0k2hK6ugSRgmEtcZ2FkSYbuGk0l3w10MJHV5YhHUnf1hImpEs%2BwU1S8IeZWh3ceL%2Bu5QomGNF%2BfnpbxafvJeYpGUgPhcN4CfUQQNiuqTp0%2BQDz4dDOuk%2BvN9OzOgqJPixPp7zMCvRQ7w4S"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 71ab7737a90b921f-FRA

GET
H3 200 The-Chainsmokers-So-Far-So-Good-Album-Lyrics.jpg
www.benefitboys.com/wp-content/uploads/2022/05/ 13 KB
14 KB 17ms
15ms Image
image/jpeg 2606:4700:3036::6815:1b4d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.benefitboys.com/wp-content/uploads/2022/05/The-Chainsmokers-So-Far-So-Good-Album-Lyrics.jpg

Requested by

Host: www.benefitboys.com
URL: https://www.benefitboys.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:1b4d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7112e36cd3b61202994da9649708f09262a198da137ae821a4424619f0d6d405

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitboys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 14:20:13 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5653
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13457
last-modified: Fri, 13 May 2022 20:19:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FNECbM%2BY1q7RFflyE7nlnihgEfittF3PF8rDDN9OgoLBwsQKUkI1x%2FDfo7zXCVE8ZbkWovh3NijzpsfyS%2B6sOYmbnQIyTcCD0Q6J5YNKSYU3AKLk%2BX50vs%2Bk3ZUw1d4GrkvpXb4PiW%2BMDjkpy3MlOnWv"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 71ab7737a90d921f-FRA

GET
H3 200 Arcade-Fire-The-Lightning-I-II-Lyrics.jpg
www.benefitboys.com/wp-content/uploads/2022/03/ 16 KB
16 KB 32ms
30ms Image
image/jpeg 2606:4700:3036::6815:1b4d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.benefitboys.com/wp-content/uploads/2022/03/Arcade-Fire-The-Lightning-I-II-Lyrics.jpg

Requested by

Host: www.benefitboys.com
URL: https://www.benefitboys.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:1b4d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af00097beba9c20ce8a55fc5565c0a818d52946faaf47026c7ddb6ae11e587ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitboys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 14:20:13 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5653
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16180
last-modified: Thu, 17 Mar 2022 18:31:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y2pmtq1SwGcWpT9a67UOFBakO8MLGjdpXCezAzCVxp3o2xf2nB1KR7rYt%2BNgRcaa8kFviAXg7GrNJ6ZC6nB0g9T38C72W5sSN2164T%2FYAi0NwIsJhl9pKC7I0jyaGSyqotR8pTADfXcvJy69AWGLjHLO"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 71ab7737a90e921f-FRA

GET
H3 200 Emeli-Sande-Lets-Say-For-Instance-Album-Lyrics.jpg
www.benefitboys.com/wp-content/uploads/2022/03/ 22 KB
22 KB 32ms
31ms Image
image/jpeg 2606:4700:3036::6815:1b4d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.benefitboys.com/wp-content/uploads/2022/03/Emeli-Sande-Lets-Say-For-Instance-Album-Lyrics.jpg

Requested by

Host: www.benefitboys.com
URL: https://www.benefitboys.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:1b4d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7c05eb960ea70d43959c992c9a585ad61b812f0fab3bc161d63116f58d08afe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitboys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 14:20:13 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5653
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22239
last-modified: Tue, 29 Mar 2022 22:00:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L2NolpqH5DQGKp7xKxEu1RpygzMmwCMg%2F%2FNkAPTge4YFe4WWBKhMby%2FzXD6I7gHsSKJn6JQahZrmo70K5RKoD7Itom4HTGMCP2d9XELCQrkUVdP5W9Lj0JAxpz1ruz95sitCZDvUuYqLMmJ%2BDiY%2B28rw"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 71ab7737a90f921f-FRA

GET
H3 200 Simone-Simaria-Bar-Das-Coleguinhas-2-Ao-Vivo-Album-Lyrics.webp
www.benefitboys.com/wp-content/uploads/2022/04/ 20 KB
21 KB 16ms
15ms Image
image/webp 2606:4700:3036::6815:1b4d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.benefitboys.com/wp-content/uploads/2022/04/Simone-Simaria-Bar-Das-Coleguinhas-2-Ao-Vivo-Album-Lyrics.webp

Requested by

Host: www.benefitboys.com
URL: https://www.benefitboys.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:1b4d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7f11049a2e68a730d75a701db90ecf27b543371cf0ccfcc31c30f7ea3683af0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitboys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 14:20:13 GMT
cf-cache-status: HIT
last-modified: Fri, 29 Apr 2022 14:20:25 GMT
server: cloudflare
age: 5653
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uCdCX7jB1Sry1RS61HxeHCQyFoV4ETAD5yn%2BHRvtpJg9IDG44NSph8I6OdNBBG%2BjthE%2FYStYZymDwZXLd8kdyJl%2F0Iep8IRu0M2298WmO2ky0aEocjVlBneUutsfqBSVftLOmzqop%2FVctkXcYfbgR5gZ"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
cf-ray: 71ab7737a910921f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 Miranda-Lambert-Palomino-Album-Lyrics.jpg
www.benefitboys.com/wp-content/uploads/2022/03/ 15 KB
16 KB 32ms
32ms Image
image/jpeg 2606:4700:3036::6815:1b4d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.benefitboys.com/wp-content/uploads/2022/03/Miranda-Lambert-Palomino-Album-Lyrics.jpg

Requested by

Host: www.benefitboys.com
URL: https://www.benefitboys.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:1b4d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8976f9938bf782ad11c4830db347327de948d6db559a41b869840d8d0ce82709

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitboys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 14:20:13 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5653
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15486
last-modified: Thu, 10 Mar 2022 21:31:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZvPWWkpohPfqLMb0DSIiOOJ%2BfNkOBL9ZM483bZJycR%2B%2FolXvJE%2BFLfgfYfMUTFmHszfEeFO4TP8UZ9kEiQHYDrGDmdgeZIiJkat9BY1ubtDNJ904dee%2BLb8HTxwI%2FiXT21psQ0t%2F8r2Kw3Q%2FtaYKgIUN"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 71ab7737a911921f-FRA

GET
H/1.1 200
OK 320x100
static.a-ads.com/a-ads-banners/393752/ Frame E56A 649 KB
649 KB 51ms
12ms Image
image/gif 148.251.13.139
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/393752/320x100?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/1966925?size=320x100
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 148.251.13.139 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.139.13.251.148.clients.your-server.de
Software: nginx /
Resource Hash: 98634b2ce3bbd16584bfebdf53281008ff86938edaada84e36523665fa5e9d38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Mon, 13 Jun 2022 14:20:13 GMT
Last-Modified: Tue, 31 May 2022 13:28:30 GMT
Server: nginx
x-amz-request-id: CPNVWZQZQS71FXDA
ETag: "a2171a1779d21535c74156f78bece906"
Content-Type: image/gif
Cache-Control: max-age=315360000
x-amz-replication-status: COMPLETED
Content-Length: 664301
Connection: keep-alive
Accept-Ranges: bytes
x-amz-version-id: sQCjORAkj9WAs824ttNqCfL5nYqmMI1K
x-amz-id-2: SdecHFNxRwyET5AUsYq1dMh7cb1HzliLr3kDvMlLfGBiCNoOshUgZQZX6lo8W8eHflPA4MIYr1s=
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ Frame E56A 305 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 18C8 305 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 rules-p-6Fv0cGNfc_bw8.js Show response
rules.quantcount.com/ 1 KB
1 KB 46ms
13ms Script
application/javascript 2600:9000:225f:5e00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225f:5e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitboys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 14:10:35 GMT
content-encoding: gzip
age: 578
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Mon, 19 Mar 2018 22:28:36 GMT
server: AmazonS3
etag: W/"9a93052877e57b42aeefaab6e7ec5f90"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 fdea8c36228dc968e7ca648afb7fdafa.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: TXL50-P2
x-amz-cf-id: xdRcLKDTSxwZAtkdoQ8gJCUpyq8vD1LzjruCXF-ISQIzEcEe7X3vVA==

GET
H2 200 / Show response
spl.zeotap.com/ 429 B
598 B 39ms
39ms XHR
text/html 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/?env=mWeb&eventType=pageview&zdid=1258
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1e6fd5f911e08b335e5ece56e8df32e1090e4011bd7f08be4632f0711912adf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitboys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

cf-ray: 71ab7738196c9036-FRA
date: Mon, 13 Jun 2022 14:20:13 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.benefitboys.com
access-control-allow-credentials: true
content-encoding: br
access-control-allow-headers: *

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ 84 KB
30 KB 32ms
8ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js

Requested by

Host: d2zur9cc2gf1tx.cloudfront.net
URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitboys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 10 Jun 2022 00:01:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 310725
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30186
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Jun 2023 00:01:28 GMT

GET
H2

200

mw
mwzeom.zeotap.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=e7cc859d-96ad-4016-4307-e831fb22be93&reqId=acbf8009-6e47-463e-7a41-fd4ca1266d7f&...
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=e7cc859d-96ad-4016-4307-e831fb22be93&reqId=acbf8009-6e47-463e-7a41-fd4ca1266d7f...
https://mwzeom.zeotap.com/mw?google_gid=CAESEC88Zw4Mywm6UF_fYlUccmo&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=e7cc859d-96ad-4016-4307-e831fb22be93&reqId=acbf8009-6e47-463e-7a4...

95 B
164 B

32ms
22ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESEC88Zw4Mywm6UF_fYlUccmo&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=e7cc859d-96ad-4016-4307-e831fb22be93&reqId=acbf8009-6e47-463e-7a41-fd4ca1266d7f&zdid=1258
Requested by: Host: www.benefitboys.com
URL: https://www.benefitboys.com/
Protocol: H2
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitboys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 14:20:13 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://www.benefitboys.com
access-control-allow-credentials: true
cf-ray: 71ab7738faf59036-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Mon, 13 Jun 2022 14:20:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEC88Zw4Mywm6UF_fYlUccmo&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=e7cc859d-96ad-4016-4307-e831fb22be93&reqId=acbf8009-6e47-463e-7a41-fd4ca1266d7f&zdid=1258
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 446
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 451 identity Show response
api.rlcdn.com/api/ 44 B
363 B 70ms
16ms XHR
text/plain 34.120.133.55
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity?pid=2&rt=envelope

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.benefitboys.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 13 Jun 2022 14:20:13 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.benefitboys.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
393 B 108ms
35ms XHR
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=186329
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 50d63977b919495a11547ac6cd4479c46e394aa2ea739f70e4084f8199806f43

Request headers

Referer: https://www.benefitboys.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 13 Jun 2022 14:20:13 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.benefitboys.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Wed, 13 Jul 2022 14:20:13 GMT

GET
H/1.1 200
OK fire.js Show response
s.cpx.to/ 847 B
1 KB 129ms
30ms Script
application/javascript 52.19.184.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.cpx.to/fire.js?pid=12763&ref=&url=https%3A%2F%2Fwww.benefitboys.com%2F&hn_ver=40&fid=8ed06e95-ab3a-4cd7-89fe-54caeedeaf28

Requested by

Host: p.cpx.to
URL: https://p.cpx.to/p/12763/px.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.19.184.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-184-31.eu-west-1.compute.amazonaws.com

Software

Resource Hash

f7a4492ad887cede85cd3285a43d8574bac75e10c5f69e1f3a3ec06518608f60

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitboys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Mon, 13 Jun 2022 14:20:13 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/javascript; charset=UTF-8
Content-Length: 847
Expires: Thu, 09 Jun 2022 12:37:10 UTC

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ 0
430 B 75ms
28ms XHR
text/plain 104.102.29.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=415712&u=https%3A%2F%2Fwww.benefitboys.com%2F&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.102.29.65 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-102-29-65.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.benefitboys.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 13 Jun 2022 14:20:13 GMT
X-AK-INITIAL-GEO: CC:[DE], RC:[HE], CN:[EU], CIP:[81.95.5.42], XFF:[]
Server: Apache
Access-Control-Allow-Origin: https://www.benefitboys.com
X-CS-CLIENT-GEO: 12
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-AK-CLIENT-GEO: 12
Expires: Mon, 13 Jun 2022 14:20:13 GMT

GET
H/1.1

200
OK

sync
s.cpx.to/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D8ed06e95-ab3a-4cd7-89fe-54caeedeaf28
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D8ed06e95-ab3a-4cd7-89fe-54caeedeaf28
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=648C3D72-0438-4DA9-8972-8AFEFEE337AD&fid=8ed06e95-ab3a-4cd7-89fe-54caeedeaf28

95 B
881 B

31ms
30ms

Image
image/png

52.19.184.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=648C3D72-0438-4DA9-8972-8AFEFEE337AD&fid=8ed06e95-ab3a-4cd7-89fe-54caeedeaf28

Requested by

Host: www.benefitboys.com
URL: https://www.benefitboys.com/

Protocol

HTTP/1.1

Server

52.19.184.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-184-31.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitboys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Mon, 13 Jun 2022 14:20:14 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Mon, 13 Jun 2022 14:20:14 UTC

Redirect headers

location: https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=648C3D72-0438-4DA9-8972-8AFEFEE337AD&fid=8ed06e95-ab3a-4cd7-89fe-54caeedeaf28
date: Mon, 13 Jun 2022 14:20:14 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

ca.png
s.cpx.to/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=8ed06e95-ab3a-4cd7-89fe-54caeedeaf28
https://s.cpx.to/ca.png?dsp=dbm&fid=8ed06e95-ab3a-4cd7-89fe-54caeedeaf28&google_gid=CAESEF03eDWXhvIzdmIsZY8kXqM&google_cver=1

95 B
804 B

31ms
31ms

Image
image/png

52.19.184.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/ca.png?dsp=dbm&fid=8ed06e95-ab3a-4cd7-89fe-54caeedeaf28&google_gid=CAESEF03eDWXhvIzdmIsZY8kXqM&google_cver=1

Requested by

Host: www.benefitboys.com
URL: https://www.benefitboys.com/

Protocol

HTTP/1.1

Server

52.19.184.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-184-31.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitboys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Mon, 13 Jun 2022 14:20:13 GMT
X-Frame-Options: sameorigin
Content-Type: image/png
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 95

Redirect headers

pragma: no-cache
date: Mon, 13 Jun 2022 14:20:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://s.cpx.to/ca.png?dsp=dbm&fid=8ed06e95-ab3a-4cd7-89fe-54caeedeaf28&google_gid=CAESEF03eDWXhvIzdmIsZY8kXqM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ 70 B
264 B 33ms
33ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1
Requested by: Host: www.benefitboys.com
URL: https://www.benefitboys.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitboys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Jun 2022 14:20:13 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

an_fire
s.cpx.to/
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12763%26ref%3D%26url%3Dhttps%253A%252F%252Fwww.benefitboys.com%252F%26hn_ver%3D40%26fid%3D8ed06e95-...
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fan_fire%253Fapp_nexus_uid%253D%2524UID%2526pid%253D12763%2526ref%253D%2526url%253Dhttps%25253A%25252F%25252Fwww.benefitb...
https://s.cpx.to/an_fire?app_nexus_uid=1991317069509072773&pid=12763&ref=&url=https%3A%2F%2Fwww.benefitboys.com%2F&hn_ver=40&fid=8ed06e95-ab3a-4cd7-89fe-54caeedeaf28

95 B
865 B

32ms
31ms

Image
image/png

52.19.184.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/an_fire?app_nexus_uid=1991317069509072773&pid=12763&ref=&url=https%3A%2F%2Fwww.benefitboys.com%2F&hn_ver=40&fid=8ed06e95-ab3a-4cd7-89fe-54caeedeaf28

Requested by

Host: www.benefitboys.com
URL: https://www.benefitboys.com/

Protocol

HTTP/1.1

Server

52.19.184.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-184-31.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitboys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Mon, 13 Jun 2022 14:20:13 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Mon, 13 Jun 2022 14:20:13 UTC

Redirect headers

Pragma: no-cache
Date: Mon, 13 Jun 2022 14:20:13 GMT
X-Proxy-Origin: 81.95.5.42; 81.95.5.42; 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: ca36b628-762f-4bb2-8d38-c9b89dbe1e1c
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://s.cpx.to/an_fire?app_nexus_uid=1991317069509072773&pid=12763&ref=&url=https%3A%2F%2Fwww.benefitboys.com%2F&hn_ver=40&fid=8ed06e95-ab3a-4cd7-89fe-54caeedeaf28
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

getuid
sync.smartadserver.com/
Redirect Chain

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D8ed06e95-ab3a-4cd7-89fe-54caeedeaf28&gdpr=0
https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=8ed06e95-ab3a-4cd7-89fe-54caeedeaf28&gdpr=0&cklb=1

0
316 B

85ms
84ms

Image
text/plain

185.86.139.115
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=8ed06e95-ab3a-4cd7-89fe-54caeedeaf28&gdpr=0&cklb=1
Requested by: Host: www.benefitboys.com
URL: https://www.benefitboys.com/
Protocol: HTTP/1.1
Server: 185.86.139.115 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitboys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Jun 2022 14:20:13 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location: https://sync.smartadserver.com:443/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=8ed06e95-ab3a-4cd7-89fe-54caeedeaf28&gdpr=0&cklb=1
pragma: no-cache
date: Mon, 13 Jun 2022 14:20:13 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1 200 9.gif
id5-sync.com/i/12/ 43 B
1 KB 35ms
9ms Image
image/gif 141.95.98.68
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/i/12/9.gif?gdpr=true&gdpr_consent=

Requested by

Host: www.benefitboys.com
URL: https://www.benefitboys.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.68 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216657.ip-141-95-98.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.benefitboys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 14:20:13 GMT
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/gif;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

GET
H/1.1 200
OK notifyme.php Show response
adtrack.adleadevent.com/ 0
530 B 159ms
32ms XHR
application/x-javascript 54.217.252.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.217.252.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-217-252-143.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.benefitboys.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Jun 2022 14:20:14 GMT
Content-Encoding: gzip
Last-Modified: Mon, 13 Jun 2022 14:20:14 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: https://www.benefitboys.com
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

206 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.benefitboys.com/	1970-01-20 21:16:42	Name: _ga Value: GA1.2.2120781048.1655130013
.benefitboys.com/	1970-01-20 03:46:56	Name: _gid Value: GA1.2.1136948156.1655130013
.benefitboys.com/	1970-01-20 03:45:30	Name: _gat_gtag_UA_193357852_1 Value: 1
.zeotap.com/	1970-01-20 12:31:06	Name: zc Value: e7cc859d-96ad-4016-4307-e831fb22be93
.zeotap.com/	1970-01-20 03:46:56	Name: zsc Value: l%5CD%84%14%D6L%B0%A6%A8B%06%07xRC%3F%EA%BFkM%FD%FA9%EA%DE%0BkO%9F%CB%0A%5B%7CP%A52%F6O%3CO%9D%D7%120%D2%CC%1E%1F%1Cv%BDR%1C_%5By%BC%D1%07%EF%82%88%AF%F1%0E_N%FA%AA.W%B3Gbp%0Eb%B2%A0%8A%8C%0D
.doubleclick.net/	1970-01-20 13:07:06	Name: IDE Value: AHWqTUmANVrldY4AcYwn8cEtpLn5Uoe0ULGL6_LgLf8YKPD_LzhiLs_jj400jjjPENo
.cpx.to/	1970-01-20 12:31:06	Name: cpSess Value: 38926396d5af2cee
.cpx.to/	1970-01-20 12:31:06	Name: dsp_dbm Value: CAESEF03eDWXhvIzdmIsZY8kXqM#1655130013683
.adnxs.com/	1970-01-20 05:55:06	Name: uuid2 Value: 1991317069509072773
.smartadserver.com/	1970-01-20 12:31:06	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 12:31:06	Name: pbw Value: %24b%3d16100%3b%24o%3d11100
.cpx.to/	1970-01-20 12:31:06	Name: dsp_app_nexus Value: 1991317069509072773#1655130013751
.smartadserver.com/	1970-01-20 12:31:06	Name: pid Value: 7048005809391279145
.pubmatic.com/	1970-01-20 05:55:06	Name: KTPCACOOKIE Value: true
.id5-sync.com/	1970-01-20 03:45:30	Name: cf Value:
.id5-sync.com/	1970-01-20 03:45:30	Name: cip Value:
.id5-sync.com/	1970-01-20 03:45:30	Name: cnac Value:
.id5-sync.com/	1970-01-20 03:45:30	Name: car Value:
.id5-sync.com/	1970-01-20 03:45:30	Name: gdpr Value:
.id5-sync.com/	1970-01-20 03:45:30	Name: callback Value:
.pubmatic.com/	1970-01-20 05:55:06	Name: KADUSERCOOKIE Value: 648C3D72-0438-4DA9-8972-8AFEFEE337AD
.cpx.to/	1970-01-20 12:31:06	Name: dsp_pubmatic Value: 648C3D72-0438-4DA9-8972-8AFEFEE337AD#1655130014293

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.benefitboys.com/(Line 171) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.effectivedisplaycontent.com/bda4693600fab9c6e0a7ae021fe612ac/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.benefitboys.com/(Line 171) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.effectivedisplaycontent.com/bda4693600fab9c6e0a7ae021fe612ac/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://www.effectivedisplaycontent.com/bda4693600fab9c6e0a7ae021fe612ac/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://pl17250047.safestgatetocontent.com/18/4d/2a/184d2a95eb89157a249e86443e4ecde8.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.a-ads.com
ads.themoneytizer.com
adtrack.adleadevent.com
ajax.googleapis.com
api.rlcdn.com
as-sec.casalemedia.com
audit-tcfv2.quantcast.mgr.consensu.org
c.tmyzer.com
ced.sascdn.com
cm.g.doubleclick.net
d2zur9cc2gf1tx.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
id5-sync.com
image2.pubmatic.com
js-sec.indexww.com
match.adsrvr.org
mwzeom.zeotap.com
onetag-sys.com
p.cpx.to
pagead2.googlesyndication.com
pl17250047.safestgatetocontent.com
quantcast.mgr.consensu.org
rules.quantcount.com
s.cpx.to
secure.adnxs.com
secure.quantserve.com
spl.zeotap.com
static.a-ads.com
stats.g.doubleclick.net
sync.smartadserver.com
tag.leadplace.fr
test.quantcast.mgr.consensu.org
www.benefitboys.com
www.effectivedisplaycontent.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
104.102.29.65
13.225.84.15
141.95.98.68
142.250.184.226
145.239.192.166
148.251.13.139
15.197.193.217
185.33.220.243
185.86.139.115
192.243.61.225
204.237.133.120
2600:9000:21f3:5200:3:a4cd:8380:93a1
2600:9000:2240:3e00:9:46dc:4700:93a1
2600:9000:225f:5e00:6:44e3:f8c0:93a1
2606:4700:10::6816:1957
2606:4700:3036::6815:1b4d
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:800::2002
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::2003
2a00:1450:4001:810::2008
2a00:1450:4001:811::200a
2a00:1450:4001:812::200a
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2003
2a00:1450:400c:c00::9d
2a02:2638::1c
2a02:6ea0:c700::1
3.122.40.161
34.120.133.55
51.89.9.254
52.19.184.31
54.154.72.131
54.217.252.143
54.38.64.100
92.123.194.105
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
13ea084536353359e001a301e5da1d59f5037c6c51bbd4fde9599a3d407cbb0b
15b37098b438133cf02b59e052749cb467b2963b5b1ae31d31c2dbefc8082c53
18a3ce2da8cab0fec04771097c8644f37afa6c14c0247a5f99932847a02b15b0
1a31c3e964c1966b1108fd3f199e4ce2c1a364022d85b20e3154345fb824cdfe
241bb9acfebdc15a25a2e0fc4a2b8bcdd6228ad218c4b920cd4e5d804034410e
244db43d267dc2188bb0f004419207bb009492d8a1a01878e06cd1cf5a19e087
2520fac8f20435b036e9bdb2e1a8f16aa14b534a9ef00d0480669213a0331959
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
28b96f7dd5b99169b94e02f2abdcf2a2b2d5120894ed9dba434624901f0190ae
28ca39f2ce8df2f544e8a665b97e6e9327185850a8373a99b9a06d12c5becce2
37ae7f3e79ba202da75ab1dcd497b2e9b4ec409bb98c17a9c451402013de3078
3b0b56e9ab12dcc22651e012bafc92928f58ae850b0877ab66c37abed53402b5
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681
50d63977b919495a11547ac6cd4479c46e394aa2ea739f70e4084f8199806f43
52d507688e76dfbe48fce79beb89be7f30101e95e9e06c121c461e30517ab36f
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5fa0ed3b1aa4a5805ad0433d37f40ed03471977d1666545e92de48c452c06005
672305a06578c62e801efdb067fffad21042eb1f0b66f41eb6f744b9f46114a3
6e6136a248d63de057c7c306cb2b488abbfc5c71cd8734eded25dc935784ebb6
7112e36cd3b61202994da9649708f09262a198da137ae821a4424619f0d6d405
7694dd13e2fb81ec4254703d8d32a4e3ea22f0639a3a2a532216014c59716e8a
7b576071ecd677bebe7c995fd13eaee49c1d9b8ee11101199dbf72b73d004a04
7d2b3e8a1d6b172ea7936a53c5a937dcb7bc22b5bd5be45c048c4af9fca56d66
7e176e51c1dff07522d527754e78745b4fe73db4b875ab85be5ec57e2e35346c
80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85e784e82e99ea5510efb10a53822956464d9cfd9df239b5d7b12217f8a2e718
8976f9938bf782ad11c4830db347327de948d6db559a41b869840d8d0ce82709
8c3b966a2177707c0428a22dcf178b018747bbc411ed0bb7ef68dc2b6b4c2758
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f24dc76070927cc3d13b4f52f8ecb898fce1875c32563e7a3fae2450ef6babc
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7
98634b2ce3bbd16584bfebdf53281008ff86938edaada84e36523665fa5e9d38
994afe06a13f48e1f8149442b40fa9e21b9f2780d1487a55a2678ad52b8ee261
9d807a50a94beccff33c1fa114a84a9077808f30deb2ae8861907229dfd746bb
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
aa056979ca1e9fa34e1b1b4c688c44f873a5e6748a13f150465d48b66453bf3c
af00097beba9c20ce8a55fc5565c0a818d52946faaf47026c7ddb6ae11e587ea
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c7f11049a2e68a730d75a701db90ecf27b543371cf0ccfcc31c30f7ea3683af0
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
cec6e175ef0ba733d6eb37f21e66865694445d4bbdef8471c195917a01d4f6bf
d1e6fd5f911e08b335e5ece56e8df32e1090e4011bd7f08be4632f0711912adf
d4429e8ff81146ce9bba70c14cd471d4b58a4e504505894da2aa7df575b897b2
d47d037df7ce60259bada68116ab3d22195043a77ac538a9ae6accb7f21f03d2
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df94be95b9b7dfbd3122252f062f9e29ea2a2b54e07e228f0da79f0bfd1da7a4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea206b9ccf6b1e8c60b3bdf24f71baa03b1bd02d454bbd539415215531cb8bca
ee2c39149cfcc33dd01ed80f8ae81e78ce8495b86cd6aabf60f4627e10520b31
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7a4492ad887cede85cd3285a43d8574bac75e10c5f69e1f3a3ec06518608f60
f7c05eb960ea70d43959c992c9a585ad61b812f0fab3bc161d63116f58d08afe
fc02197f27ff0b964fd4e334851eb9f967caf103d40c94de3783ad936d84ded3

www.benefitboys.com Open in urlscan Pro 2606:4700:3036::6815:1b4d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

73 Requests

93 %HTTPS

49 %IPv6

33 Domains

41 Subdomains

35 IPs

8 Countries

1959 kBTransfer

4586 kBSize

22 Cookies

0 Outgoing links

Page URL History

Redirected requests

73 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.benefitboys.com Open in urlscan Pro
2606:4700:3036::6815:1b4d Public Scan

Screenshot
Live screenshot

Full Image

73
Requests

93 %
HTTPS

49 %
IPv6

33
Domains

41
Subdomains

35
IPs

8
Countries

1959 kB
Transfer

4586 kB
Size

22
Cookies

73 HTTP transactions
2 data transactions