urlscan.io logo urlscan.io
SecurityTrails logo

getseniorbenefits.net Open in urlscan Pro
209.212.148.5  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://tinyurl.com/2zmhdtdd
Effective URL: https://getseniorbenefits.net/unsubscribe.php
Submission: On February 16 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 40 IPs in 3 countries across 32 domains to perform 72 HTTP transactions. The main IP is 209.212.148.5, located in United States and belongs to ASN-GIGENET, US. The main domain is getseniorbenefits.net.
TLS certificate: Issued by R3 on January 2nd 2022. Valid for: 3 months.
This is the only time getseniorbenefits.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 1 23.251.116.202 21859 (ZEN-ECN)
8 209.212.148.5 32181 (ASN-GIGENET)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 199.232.192.134 54113 (FASTLY)
2 13.32.99.63 16509 (AMAZON-02)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 18.66.122.74 16509 (AMAZON-02)
4 54.205.4.151 14618 (AMAZON-AES)
1 2620:116:800d... 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2600:9000:223... 16509 (AMAZON-02)
6 142.250.184.226 15169 (GOOGLE)
2 2 3.127.167.251 16509 (AMAZON-02)
1 35.164.52.163 16509 (AMAZON-02)
1 51.195.5.38 16276 (OVH)
2 44.225.168.153 16509 (AMAZON-02)
1 2620:116:800b... 14618 (AMAZON-AES)
1 178.250.0.165 44788 (ASN-CRITE...)
1 185.255.84.151 200271 (IGUANE-)
1 34.107.148.139 15169 (GOOGLE)
1 37.252.173.38 29990 (ASN-APPNEX)
1 216.52.2.19 30282 (AS-INAPCD...)
2 34.98.64.218 15169 (GOOGLE)
1 34.149.20.76 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 52.207.0.73 14618 (AMAZON-AES)
3 2a00:1450:400... ()
1 151.101.129.108 54113 (FASTLY)
1 67.202.105.32 32748 (STEADFAST)
1 37.252.173.22 29990 (ASN-APPNEX)
1 2a00:1450:400... ()
72 40
1    2606:4700:10::6814:8b41 (United States)

ASN13335 (CLOUDFLARENET, US)
tinyurl.com
1    23.251.116.202 (Seattle, United States)

ASN21859 (ZEN-ECN, US)
freeshippi.com
8    209.212.148.5 (United States)

ASN32181 (ASN-GIGENET, US)
PTR: ip-209.212.148.5.hosted.by.gigenet.com
getseniorbenefits.net
2    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
1    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    199.232.192.134 (United States)

ASN54113 (FASTLY, US)
benefitsdepot-net.disqus.com
2    13.32.99.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-63.fra60.r.cloudfront.net
api.pushnami.com
4    2606:4700::6811:4e22 (United States)

ASN13335 (CLOUDFLARENET, US)
global.proper.io
abcheck.proper.io
1    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    18.66.122.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-74.fra60.r.cloudfront.net
cdn.pushnami.com
4    54.205.4.151 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-4-151.compute-1.amazonaws.com
trc.pushnami.com
1    2620:116:800d:21:3175:5196:e3fd:8c1d (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
2    2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
1    2600:9000:223c:b800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
6    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
securepubads.g.doubleclick.net
2    3.127.167.251 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-167-251.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    35.164.52.163 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-164-52-163.us-west-2.compute.amazonaws.com
usync.proper.io
1    51.195.5.38 (France)

ASN16276 (OVH, FR)
PTR: p16.id5-sync.com
id5-sync.com
2    44.225.168.153 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-225-168-153.us-west-2.compute.amazonaws.com
bids.proper.io
1    2620:116:800b:21:d7a4:3372:2f4a:f3b0 (United States)

ASN14618 (AMAZON-AES, US)
pixel.quantserve.com
1    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com
bidder.criteo.com
1    185.255.84.151 (France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
1    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
1    37.252.173.38 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    216.52.2.19 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
2    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
propermedia-d.openx.net
u.openx.net
1    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
1    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
499751f000755e79842644b73159cbde.safeframe.googlesyndication.com
5    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
pagead2.googlesyndication.com
2    52.207.0.73 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-0-73.compute-1.amazonaws.com
psp.pushnami.com
3    2a00:1450:4001:82a::2001 (None, )

ASN- ()
tpc.googlesyndication.com
1    151.101.129.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    67.202.105.32 (United States)

ASN32748 (STEADFAST, US)
PTR: ip32.67-202-105.static.steadfastdns.net
de.tynt.com
1    37.252.173.22 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
1    2a00:1450:4001:831::2004 (None, )

ASN- ()
www.google.com
Apex Domain
Subdomains		 Transfer
10 pushnami.com
api.pushnami.com — Cisco Umbrella Rank: 4223
cdn.pushnami.com — Cisco Umbrella Rank: 27222
trc.pushnami.com — Cisco Umbrella Rank: 4399
psp.pushnami.com — Cisco Umbrella Rank: 15025
72 KB
8 googlesyndication.com
499751f000755e79842644b73159cbde.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 92
tpc.googlesyndication.com
38 KB
8 getseniorbenefits.net
getseniorbenefits.net
169 KB
7 proper.io
global.proper.io — Cisco Umbrella Rank: 7964
abcheck.proper.io — Cisco Umbrella Rank: 24352
usync.proper.io — Cisco Umbrella Rank: 4627
bids.proper.io — Cisco Umbrella Rank: 8554
121 KB
6 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159
157 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 210
acdn.adnxs.com — Cisco Umbrella Rank: 547
secure.adnxs.com — Cisco Umbrella Rank: 350
3 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 59
www.google.com
2 KB
2 openx.net
propermedia-d.openx.net — Cisco Umbrella Rank: 11235
u.openx.net — Cisco Umbrella Rank: 636
473 B
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 265
1 KB
2 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1902
24 KB
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 829
pixel.quantserve.com — Cisco Umbrella Rank: 374
10 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 197
12 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 250
fonts.googleapis.com — Cisco Umbrella Rank: 35
32 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 610
40 KB
1 tynt.com
de.tynt.com — Cisco Umbrella Rank: 1078
289 B
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 146
38 KB
1 google.de
adservice.google.de — Cisco Umbrella Rank: 9027
792 B
1 33across.com
ssc.33across.com — Cisco Umbrella Rank: 1312
354 B
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 598
718 B
1 media.net
prebid.media.net — Cisco Umbrella Rank: 1112
923 B
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3906
552 B
1 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 736
222 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 493
538 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 770
2 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
341 B
1 gstatic.com
fonts.gstatic.com
47 KB
1 disqus.com
benefitsdepot-net.disqus.com
2 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 50
62 KB
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 800
12 KB
1 freeshippi.com
freeshippi.com
321 B
1 tinyurl.com
tinyurl.com — Cisco Umbrella Rank: 17283
429 B
0 rlcdn.com Failed
api.rlcdn.com Failed
72 32
Domain Requested by
8 getseniorbenefits.net getseniorbenefits.net
6 securepubads.g.doubleclick.net global.proper.io
securepubads.g.doubleclick.net
getseniorbenefits.net
www.googletagservices.com
4 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 trc.pushnami.com api.pushnami.com
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
2 psp.pushnami.com api.pushnami.com
2 bids.proper.io global.proper.io
2 x.bidswitch.net 2 redirects
2 script.4dex.io global.proper.io
script.4dex.io
2 abcheck.proper.io getseniorbenefits.net
2 cdn.pushnami.com api.pushnami.com
2 global.proper.io getseniorbenefits.net
global.proper.io
2 api.pushnami.com getseniorbenefits.net
api.pushnami.com
2 cdnjs.cloudflare.com getseniorbenefits.net
2 maxcdn.bootstrapcdn.com getseniorbenefits.net
1 www.google.com tpc.googlesyndication.com
1 secure.adnxs.com acdn.adnxs.com
1 de.tynt.com global.proper.io
1 u.openx.net global.proper.io
1 acdn.adnxs.com global.proper.io
1 www.googletagservices.com securepubads.g.doubleclick.net
1 499751f000755e79842644b73159cbde.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 ssc.33across.com global.proper.io
1 propermedia-d.openx.net global.proper.io
1 ap.lijit.com global.proper.io
1 ib.adnxs.com global.proper.io
1 prebid.media.net global.proper.io
1 hb-api.omnitagjs.com global.proper.io
1 bidder.criteo.com global.proper.io
1 pixel.quantserve.com getseniorbenefits.net
1 id5-sync.com global.proper.io
1 usync.proper.io getseniorbenefits.net
1 rules.quantcount.com secure.quantserve.com
1 secure.quantserve.com global.proper.io
1 www.google-analytics.com www.googletagmanager.com
1 fonts.gstatic.com fonts.googleapis.com
1 benefitsdepot-net.disqus.com getseniorbenefits.net
1 www.googletagmanager.com getseniorbenefits.net
1 use.fontawesome.com getseniorbenefits.net
1 fonts.googleapis.com getseniorbenefits.net
1 ajax.googleapis.com getseniorbenefits.net
1 freeshippi.com 1 redirects
1 tinyurl.com 1 redirects
0 api.rlcdn.com Failed global.proper.io
72 46

This site contains links to these domains. Also see Links.

Domain
sovrn.com
Subject Issuer Validity Valid
getseniorbenefits.net
R3		 2022-01-02 -
2022-04-02		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-01-29 -
2023-01-29		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.disqus.com
DigiCert SHA2 Secure Server CA		 2020-04-20 -
2022-05-09		 2 years crt.sh
*.pushnami.com
Amazon		 2021-04-18 -
2022-05-17		 a year crt.sh
proper.io
Cloudflare Inc ECC CA-3		 2021-06-07 -
2022-06-06		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.id5-sync.com
R3		 2021-12-20 -
2022-03-20		 3 months crt.sh
*.proper.io
Sectigo RSA Domain Validation Secure Server CA		 2022-01-10 -
2023-02-09		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-04 -
2022-05-03		 3 months crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-24 -
2022-06-23		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2021-04-12 -
2022-05-05		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
ssc.33across.com
GTS CA 1D4		 2022-01-23 -
2022-04-23		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4		 2021-05-10 -
2022-06-11		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh

This page contains 9 frames:

Primary Page: https://getseniorbenefits.net/unsubscribe.php
Frame ID: 848023D46B5FF153DAE853033C36C6A8
Requests: 57 HTTP requests in this frame

Frame: https://499751f000755e79842644b73159cbde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 79FC4ACC882B9F87288500926B869B21
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssYPyKZtEJ6iRKFoc20BBNiEZ_3T7KwAcQmEJTP8982R6miaGKVW0Te5t3Gijy-2L5geJQFaRYKNBJ8X8McbPsm7RNccrL1mEjJastITq1b_R7GEqhir8It2OwaOWlOXYroDKvD8gsKdhPyLsKaZtgM5xy-Ia3dU5GesFWbp4meqYGEK1u1rZAGlT7iLDZ-lqRLjn4m74uZFbl3VqUBSR1gzJG5m2Q_zbbM1Bv-RNryEq0pZ_dtUJlgm9bxMue5zyfG6H-oi3M2c70gm_rsMYxVZxb3hMfOuh3Krl2M6xZYaLbEe-DVj6HqG11ECNj__iCzMhATf7BIaCnCsg&sai=AMfl-YReVqWdjzyej0CJ8_YEnK0e-rczPveCZuRUo9z5RVV5WigTslcKYbDIoSVidvBnrLrHrIVVeapz35H8pN9tkN6pae3jLQUT28J4Jor0XihX7pIz7IVHxSJJfFPz8ez8&sig=Cg0ArKJSzPjtOlwDNdWJEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 26B45FF3DEDB93267D0C6B210937D57E
Requests: 3 HTTP requests in this frame

Frame: https://api.pushnami.com/scripts/v1/hub
Frame ID: A1A1550600F592D86EABB93DDACD9920
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 306ABFB60DA05DBBF196FDBD55F41F74
Requests: 2 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 72FCBFE3747DFB4BA0B015130B55757A
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=bqN4XOtgmr7kDFrkHcnlxd&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 04A5A78994A7946E34AF5D580F079CA9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A65D997369A8BC01BCFAC3238FA83850
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DC1D6E064E2D29FE23023C574E7E40BE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

GetSeniorBenefits.net

Page URL History Show full URLs

  1. https://tinyurl.com/2zmhdtdd HTTP 301
    http://freeshippi.com/un/0_mt/100/3153/2660/0/0 HTTP 302
    https://getseniorbenefits.net/unsubscribe.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • <script [^>]*src="[^"]*/popper\.js/([0-9.]+)
  • /popper\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • api\.pushnami\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

72
Requests

97 %
HTTPS

48 %
IPv6

32
Domains

46
Subdomains

40
IPs

3
Countries

847 kB
Transfer

2457 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://tinyurl.com/2zmhdtdd HTTP 301
    http://freeshippi.com/un/0_mt/100/3153/2660/0/0 HTTP 302
    https://getseniorbenefits.net/unsubscribe.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D65866db9-5972-4ea9-bc3d-4a2ee32bf35d%26uid%3D%24%7BBSW_UUID%7D?&callback=window.proper_51016b14_3bd472fc_1 HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D65866db9-5972-4ea9-bc3d-4a2ee32bf35d%26uid%3D%24%7BBSW_UUID%7D?&callback=window.proper_51016b14_3bd472fc_1 HTTP 302
  • https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=65866db9-5972-4ea9-bc3d-4a2ee32bf35d&uid=95d7b28c-19d3-4a45-9e65-5df6753161dc

72 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request unsubscribe.php
getseniorbenefits.net/
Redirect Chain
  • https://tinyurl.com/2zmhdtdd
  • http://freeshippi.com/un/0_mt/100/3153/2660/0/0
  • https://getseniorbenefits.net/unsubscribe.php
8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://getseniorbenefits.net/unsubscribe.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.212.148.5 , United States, ASN32181 (ASN-GIGENET, US),
Reverse DNS
ip-209.212.148.5.hosted.by.gigenet.com
Software
Apache /
Resource Hash
12be7a6326a2b3ebbbc2adcdd809f891d6573c90f0cafabb3eb88126c80ed3b0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 16 Feb 2022 22:40:12 GMT
server
Apache
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
vary
Accept-Encoding
content-encoding
gzip
content-length
2960
content-type
text/html; charset=UTF-8

Redirect headers

Date
Wed, 16 Feb 2022 22:40:11 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By
PHP/7.0.33
Location
https://getseniorbenefits.net/unsubscribe.php
Content-Length
163
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.3.1/css/ 		152 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css
Requested by
Host: getseniorbenefits.net
URL: https://getseniorbenefits.net/unsubscribe.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getseniorbenefits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 22:40:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
617, 617
age
1953903
cdn-cachedat
2021-06-08 14:34:51
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:08 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
5c0d454d419d1e79ca524b9c2a8dddab
cf-ray
6dea46c22e98900a-FRA
cdn-requestcountrycode
US
cdn-requestpullsuccess
True
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: getseniorbenefits.net
URL: https://getseniorbenefits.net/unsubscribe.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getseniorbenefits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 22:14:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1539
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Feb 2023 22:14:34 GMT
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js
Requested by
Host: getseniorbenefits.net
URL: https://getseniorbenefits.net/unsubscribe.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getseniorbenefits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 22:40:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1953940
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6646
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fa9-520c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sDsF6xgO%2Bk%2BcKrkqLjb4xLtmWex5pZmthTwRsnHuYJWlayQgNUEVIoMPNUmdEcHPDQLUtg%2BS7MukL04BrWGLq1P0Evu%2FT0bq7K%2BYDh2am%2B6XxrQBBGMS1beWKNKRKJF%2Bi3%2FOcThpWunHgqqJ4zYROKvS"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6dea46c23c756949-FRA
expires
Mon, 06 Feb 2023 22:40:13 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.3.1/js/ 		57 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js
Requested by
Host: getseniorbenefits.net
URL: https://getseniorbenefits.net/unsubscribe.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getseniorbenefits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 22:40:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
617, 617
age
1953892
cdn-cachedat
2021-06-08 14:30:03
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:08 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
f90682a6f863fcbada7afc82679a99f6
cf-ray
6dea46c22e99900a-FRA
cdn-requestcountrycode
US
cdn-requestpullsuccess
True
css
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway:200,300,400,500,600,700,800
Requested by
Host: getseniorbenefits.net
URL: https://getseniorbenefits.net/unsubscribe.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a924ffe48a38fc776ca825b858a913f742deffdf0341ca599eb6003a5087bb62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getseniorbenefits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 16 Feb 2022 22:39:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 16 Feb 2022 22:40:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 16 Feb 2022 22:40:13 GMT
styles.css
getseniorbenefits.net/templates/getseniorbenefits.net/css/ 		31 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://getseniorbenefits.net/templates/getseniorbenefits.net/css/styles.css
Requested by
Host: getseniorbenefits.net
URL: https://getseniorbenefits.net/unsubscribe.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.212.148.5 , United States, ASN32181 (ASN-GIGENET, US),
Reverse DNS
ip-209.212.148.5.hosted.by.gigenet.com
Software
Apache /
Resource Hash
e3321d66acdf38eb3d7f9ce4915767f1d48fbba5e4e60fad9c1ae192aedda8af

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getseniorbenefits.net/unsubscribe.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 22:40:13 GMT
content-encoding
gzip
last-modified
Fri, 05 Nov 2021 06:49:35 GMT
server
Apache
etag
"7dab-5d0050bdba7a5-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
6117
splittest.css
getseniorbenefits.net/templates/getseniorbenefits.net/css/ 		22 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://getseniorbenefits.net/templates/getseniorbenefits.net/css/splittest.css
Requested by
Host: getseniorbenefits.net
URL: https://getseniorbenefits.net/unsubscribe.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.212.148.5 , United States, ASN32181 (ASN-GIGENET, US),
Reverse DNS
ip-209.212.148.5.hosted.by.gigenet.com
Software
Apache /
Resource Hash
7f929891d0a97b16967fd33d0851ff7ca883982bd4370b0da15c11f37c7a70d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getseniorbenefits.net/unsubscribe.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 22:40:13 GMT
content-encoding
gzip
last-modified
Fri, 05 Nov 2021 06:49:38 GMT
server
Apache
etag
"59dc-5d0050bfeb958-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
3518
all.css
use.fontawesome.com/releases/v5.7.0/css/ 		53 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.7.0/css/all.css
Requested by
Host: getseniorbenefits.net
URL: https://getseniorbenefits.net/unsubscribe.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afdc6bf2de981ffd7d370b76f44e7580572f197efbe214b9cfa4005d189d8eae

Request headers

Referer
https://getseniorbenefits.net/
Origin
https://getseniorbenefits.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 22:40:13 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
7DF30Q8SYJ0PGQG5
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
xedcJhTLWFjxgU4SmziFQS50iWDuqnuZXbUEI5qZDxyKaUZ7Mk+zQLbLv3c5mR/7Ucb8X4oajHM=
last-modified
Wed, 30 Jun 2021 15:45:15 GMT
server
cloudflare
etag
W/"251d28bd755f5269a4531df8a81d5664"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=snqix4ADigLilApaAU2tit8FxW8pg5fNAg29dl8uior%2FB3MXGsrCMhD%2BC%2BMfpmBbnBx3VN4xSeXPfYpoUCzAlwmD0Sl9jMmJxNegyfVAUsC7eAm%2FzS87wwnG4kK9D0YNtxlRgjYO7Pz2kvuJtlH%2F%2B4P9"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
6dea46c23dd48fca-FRA
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/ 		70 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
Requested by
Host: getseniorbenefits.net
URL: https://getseniorbenefits.net/unsubscribe.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getseniorbenefits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 22:40:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2600843
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4216
timing-allow-origin
*
last-modified
Mon, 07 Sep 2020 12:33:38 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f5628a2-11846"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xlmvgq39m4%2FWHtoY3h8HZbtEjDgarHHT9qlZ7NPjv%2B8YFAYORNKbll6UhlK19V24oYHCq8rFksgVX1OfDDOa96eFp3rFIj2ROPU3du9%2FFHmGPa4ISK4T4YyqEf4HDpWqMRRwhGrpuwPfwA%2BRvUPh%2Bif9"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6dea46c23c746949-FRA
expires
Mon, 06 Feb 2023 22:40:13 GMT
tipped.js
getseniorbenefits.net/templates/getseniorbenefits.net/js/ 		74 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://getseniorbenefits.net/templates/getseniorbenefits.net/js/tipped.js
Requested by
Host: getseniorbenefits.net
URL: https://getseniorbenefits.net/unsubscribe.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.212.148.5 , United States, ASN32181 (ASN-GIGENET, US),
Reverse DNS
ip-209.212.148.5.hosted.by.gigenet.com
Software
Apache /
Resource Hash
7b0fc94d83150b73dc566b933bc5c823621e210de6d45621d1101207202d0a15

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getseniorbenefits.net/unsubscribe.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 22:40:13 GMT
content-encoding
gzip
last-modified
Fri, 05 Nov 2021 06:49:36 GMT
server
Apache
etag
"12680-5d0050be1277a-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
19556
tipped.css
getseniorbenefits.net/templates/getseniorbenefits.net/css/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://getseniorbenefits.net/templates/getseniorbenefits.net/css/tipped.css
Requested by
Host: getseniorbenefits.net
URL: https://getseniorbenefits.net/unsubscribe.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.212.148.5 , United States, ASN32181 (ASN-GIGENET, US),
Reverse DNS
ip-209.212.148.5.hosted.by.gigenet.com
Software
Apache /
Resource Hash
aa892a3e8ae2d858596e031c41aa9c5368d94d5da554a4dd4cf10ae942df4377

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getseniorbenefits.net/unsubscribe.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 22:40:13 GMT
content-encoding
gzip
last-modified
Fri, 05 Nov 2021 06:49:38 GMT
server
Apache
etag
"3508-5d0050bff2f52-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
2833
js
www.googletagmanager.com/gtag/ 		167 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-92W45KXXG9
Requested by
Host: getseniorbenefits.net
URL: https://getseniorbenefits.net/unsubscribe.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d57dfb757bb2463a8203fb4b79cab322642b6e75cb8d34140256c04186d04f35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getseniorbenefits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 22:40:13 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63121
x-xss-protection
0
expires
Wed, 16 Feb 2022 22:40:13 GMT
site-logo.svg
getseniorbenefits.net/templates/getseniorbenefits.net/images/svg/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://getseniorbenefits.net/templates/getseniorbenefits.net/images/svg/site-logo.svg
Requested by
Host: getseniorbenefits.net
URL: https://getseniorbenefits.net/unsubscribe.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.212.148.5 , United States, ASN32181 (ASN-GIGENET, US),
Reverse DNS
ip-209.212.148.5.hosted.by.gigenet.com
Software
Apache /
Resource Hash
f403a4df9b8dc9dfe07d8a4551afbacc0e14443f399e50d335644b356d16b997

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getseniorbenefits.net/unsubscribe.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 22:40:13 GMT
last-modified
Fri, 05 Nov 2021 06:49:40 GMT
server
Apache
accept-ranges
bytes
etag
"1f9e-5d0050c228f26"
content-length
8094
content-type
image/svg+xml
script.js
getseniorbenefits.net/templates/getseniorbenefits.net/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://getseniorbenefits.net/templates/getseniorbenefits.net/js/script.js
Requested by
Host: getseniorbenefits.net
URL: https://getseniorbenefits.net/unsubscribe.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.212.148.5 , United States, ASN32181 (ASN-GIGENET, US),
Reverse DNS
ip-209.212.148.5.hosted.by.gigenet.com
Software
Apache /
Resource Hash
0771b9ce9ebe65eedab9637c85d0d9878e8fb06a171ba4c32b8260e24ac2b8bd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getseniorbenefits.net/unsubscribe.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 22:40:13 GMT
content-encoding
gzip
last-modified
Fri, 05 Nov 2021 06:49:42 GMT
server
Apache
etag
"b98-5d0050c41a1cb-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
1277
count.js
benefitsdepot-net.disqus.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://benefitsdepot-net.disqus.com/count.js
Requested by
Host: getseniorbenefits.net
URL: https://getseniorbenefits.net/unsubscribe.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getseniorbenefits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Wed, 16 Feb 2022 22:40:13 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
142
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
871
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 10 Feb 2022 01:15:51 GMT
Server
nginx
ETag
"62046747-367"
Strict-Transport-Security
max-age=300; includeSubdomains
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=300
X-Amz-Cf-Pop
DFW3-C1
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id
RRT5aOGYFr6Zc34Q_bF7VQFJGiAFMIWx5NkGhvmwizXV-q9YVTjwzg==
5f5bf03e705e760013ae6eb6
api.pushnami.com/scripts/v1/pushnami-adv/ 		250 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.pushnami.com/scripts/v1/pushnami-adv/5f5bf03e705e760013ae6eb6
Requested by
Host: getseniorbenefits.net
URL: https://getseniorbenefits.net/unsubscribe.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-63.fra60.r.cloudfront.net
Software
/
Resource Hash
94c7fcd7c8b4cfe7aad8bd1c32e6546d8ba73c3d85ebf6485d9fcf3a2a1ec1c3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getseniorbenefits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 22:40:06 GMT
via
1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
age
7
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
no-cache
x-amz-cf-pop
FRA60-P3
content-encoding
gzip
x-amz-cf-id
r0ZScGNRzq5CR_3BQUSYgz3E5clmoR4IiVPq4WYVh00HVSJdrOeCCQ==
getseniorbenefits.min.js
global.proper.io/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://global.proper.io/getseniorbenefits.min.js
Requested by
Host: getseniorbenefits.net
URL: https://getseniorbenefits.net/unsubscribe.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4e22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b7df866734c580f74a9300a3e2c336380147078d4f808c2c24570c92b9709da

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getseniorbenefits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 22:40:14 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 16 Feb 2022 18:42:44 GMT
server
cloudflare
etag
W/"620d45a4-3de5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=300
cf-ray
6dea46c528929195-FRA
expires
Wed, 16 Feb 2022 22:45:14 GMT
banner_bg1.jpg
getseniorbenefits.net/templates/getseniorbenefits.net/images/ 		124 KB
124 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://getseniorbenefits.net/templates/getseniorbenefits.net/images/banner_bg1.jpg
Requested by
Host: getseniorbenefits.net
URL: https://getseniorbenefits.net/templates/getseniorbenefits.net/css/styles.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.212.148.5 , United States, ASN32181 (ASN-GIGENET, US),
Reverse DNS
ip-209.212.148.5.hosted.by.gigenet.com
Software
Apache /
Resource Hash
5750a5c2ad619382415993c256f43e230a8b06d031308a10a0a8725dc69b4c9f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getseniorbenefits.net/templates/getseniorbenefits.net/css/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 22:40:13 GMT
last-modified
Fri, 05 Nov 2021 06:49:40 GMT
server
Apache
accept-ranges
bytes
etag
"1ee80-5d0050c1c78a0"
content-length
126592
content-type
image/jpeg
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v26/ 		46 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v26/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:200,300,400,500,600,700,800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://getseniorbenefits.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 18:48:55 GMT
x-content-type-options
nosniff
age
100278
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47312
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:15:33 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 15 Feb 2023 18:48:55 GMT
collect
www.google-analytics.com/g/ 		0
341 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-92W45KXXG9&gtm=2oe290&_p=1018542337&sr=1600x1200&ul=en-us&cid=250189720.1645051214&_s=1&dl=https%3A%2F%2Fgetseniorbenefits.net%2Funsubscribe.php&dt=GetSeniorBenefits.net&sid=1645051213&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-92W45KXXG9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getseniorbenefits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 22:40:13 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://getseniorbenefits.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
opt-in-overlay-type3.css
cdn.pushnami.com/css/opt-in/ 		2 KB
840 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.pushnami.com/css/opt-in/opt-in-overlay-type3.css
Requested by
Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/5f5bf03e705e760013ae6eb6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-74.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ba39eec3b0111155a52f5e86dd93375d39b69650116dbda5b7a382c4fbe800da

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getseniorbenefits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
last-modified
Mon, 19 Apr 2021 18:27:19 GMT
server
AmazonS3
age
1105
etag
W/"043ad463e12420ff41facffca31f55cd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 2816426ad1adbedbdd23d4cdf80c2de2.cloudfront.net (CloudFront)
date
Wed, 16 Feb 2022 22:22:30 GMT
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
nnZHnClHspYnZsTf6SJchnhcLTcqLcFfw7y2nHkNQUtmlwFmwjcVGw==
opt-in-overlay-type3.js
cdn.pushnami.com/js/opt-in/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pushnami.com/js/opt-in/opt-in-overlay-type3.js
Requested by
Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/5f5bf03e705e760013ae6eb6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-74.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
81766c9c79f418d5e6e2977215c72bb7ecf76bc2cef645f97f7218c7277bf83f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getseniorbenefits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
last-modified
Thu, 20 Aug 2020 21:20:50 GMT
server
AmazonS3
age
3480
etag
W/"da76b951734653e63279266775c8df9d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 2816426ad1adbedbdd23d4cdf80c2de2.cloudfront.net (CloudFront)
date
Wed, 16 Feb 2022 21:50:29 GMT
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
-LlUENn38Ao7z1SvXv1M0mKOAtQr7jAJ1lkCiAPjt6QpnsO4MYXzZw==
track
trc.pushnami.com/api/push/ 		2 B
168 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trc.pushnami.com/api/push/track
Requested by
Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/5f5bf03e705e760013ae6eb6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.4.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-4-151.compute-1.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept
application/json, text/plain, */*
Referer
https://getseniorbenefits.net/
key
5f5bf03e705e760013ae6eb6
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Wed, 16 Feb 2022 22:40:14 GMT
cache-control
no-cache
content-type
text/html; charset=utf-8
content-length
2
access-control-expose-headers
WWW-Authenticate,Server-Authorization
track
trc.pushnami.com/api/push/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trc.pushnami.com/api/push/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.4.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-4-151.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
key
Origin
https://getseniorbenefits.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 16 Feb 2022 22:40:13 GMT
access-control-allow-origin
*
access-control-allow-methods
POST
access-control-allow-headers
Accept,Authorization,Content-Type,If-None-Match,key
access-control-max-age
86400
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
track
trc.pushnami.com/api/push/ 		2 B
168 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trc.pushnami.com/api/push/track
Requested by
Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/5f5bf03e705e760013ae6eb6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.4.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-4-151.compute-1.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept
application/json, text/plain, */*
Referer
https://getseniorbenefits.net/
key
5f5bf03e705e760013ae6eb6
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Wed, 16 Feb 2022 22:40:14 GMT
cache-control
no-cache
content-type
text/html; charset=utf-8
content-length
2
access-control-expose-headers
WWW-Authenticate,Server-Authorization
track
trc.pushnami.com/api/push/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trc.pushnami.com/api/push/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.4.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-4-151.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
key
Origin
https://getseniorbenefits.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 16 Feb 2022 22:40:13 GMT
access-control-allow-origin
*
access-control-allow-methods
POST
access-control-allow-headers
Accept,Authorization,Content-Type,If-None-Match,key
access-control-max-age
86400
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
latest.js
global.proper.io/payloads/ 		446 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://global.proper.io/payloads/latest.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/getseniorbenefits.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4e22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc0c4f5c3d6acef428e5aa92fada14b3238a6f318b6a6fc9b0c5a4c1397611ae

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getseniorbenefits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 22:40:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 19 Jan 2022 20:36:58 GMT
server
cloudflare
age
1953894
etag
W/"61e8766a-6f913"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=300
cf-ray
6dea46ca6c539195-FRA
expires
Wed, 16 Feb 2022 22:45:14 GMT
px.gif
abcheck.proper.io/ 		842 B
980 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abcheck.proper.io/px.gif?ch=1&rn=4.732498479403809
Requested by
Host: getseniorbenefits.net
URL: https://getseniorbenefits.net/unsubscribe.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4e22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48d611c460406f0653185a1447f5bf797eec3afa7c080b74205f4a8ea2729f3c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getseniorbenefits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 22:40:14 GMT
cf-cache-status
MISS
last-modified
Thu, 06 Jan 2022 18:51:44 GMT
server
cloudflare
x-amz-request-id
SA4H3YYM3F0DK72Z
etag
"04b36c8411ae7bf7a8c369fa94b30e56"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6dea46ca7c829195-FRA
content-length
842
x-amz-id-2
oe16F6B1V6rtDjij01zmj4eLX3Kbm4ukGUYokcL1ktDnwAA8I+JA5vF8puUWEsVqrAwcsgFIzxw=
expires
Thu, 17 Feb 2022 02:40:14 GMT
px.gif
abcheck.proper.io/ 		842 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abcheck.proper.io/px.gif?ch=2&rn=4.732498479403809
Requested by
Host: getseniorbenefits.net
URL: https://getseniorbenefits.net/unsubscribe.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4e22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48d611c460406f0653185a1447f5bf797eec3afa7c080b74205f4a8ea2729f3c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getseniorbenefits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 22:40:14 GMT
cf-cache-status
MISS
last-modified
Thu, 06 Jan 2022 18:51:44 GMT
server
cloudflare
x-amz-request-id
SA4NDKAN2NWH55B0
etag
"04b36c8411ae7bf7a8c369fa94b30e56"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6dea46ca7c809195-FRA
content-length
842
x-amz-id-2
ktq2iRkqcWSf3sf+a5rWXw4Sb9vcNHuFT8pc6Xl06veJxhps0NbMvw+WA2YzJV7JGF0AWH8pZ70=
expires
Thu, 17 Feb 2022 02:40:14 GMT
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:3175:5196:e3fd:8c1d , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
b236dccee1a0d5280842bdff52b4005e2b0c9ee5d74a15db3e939c53306576d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getseniorbenefits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 22:40:14 GMT
content-encoding
gzip
etag
"yoD6mq4JTyPdtDBolW+GUg=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Wed, 23 Feb 2022 22:40:14 GMT
localstore.js
script.4dex.io/ 		483 B
936 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getseniorbenefits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 22:40:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
263512
x-amz-request-id
tx8a9eacc7b532418f8d353-00620977f5
x-amz-id-2
tx8a9eacc7b532418f8d353-00620977f5
last-modified
Sun, 13 Feb 2022 21:27:35 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Necn6AHD2s8XS64WBCluAQsQqeGmVwEJTR5Agn4ofIXEQsQGBv0OGyIX8YeC00VkP4a27k8fRFnErdb3NGSQatYdNWfKuuLZNr1EmPk4f4tp7GkLRTp8pfpajnhm122Bw7af9lntYmvPug6G"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
x-amz-version-id
1644787655409471
cf-ray
6dea46cb5a6591f0-FRA
adagio.js
script.4dex.io/ 		72 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd01ea3cd56c3f77b2d294910bbe09a139ee76ffe85a9d00f7d512606987d865

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getseniorbenefits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 22:40:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
44765
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx7cb77c5d33534ffb9a636-00620981f0
x-amz-id-2
tx7cb77c5d33534ffb9a636-00620981f0
last-modified
Sun, 13 Feb 2022 21:27:34 GMT
server
cloudflare
etag
W/"30fd6d2dd89cb7d26d6396caca2f6c6e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0UOYbTjBESmgFfoexGf0FsPjcX3G6ZTgABpk8c1tObqC98H4%2FD64nqNfvUZ4Sxy1IixWl1jzb3Cew3FcVlF16XbUQiYzg7UVbl7IVaGTqs6%2Bc6LHQ60i8cMGgXYsCf%2FVv0yi7I30VoIBTz4o"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1644787654356307
cf-ray
6dea46cbbdd29140-FRA
access-control-allow-headers
Authorization
rules-p-mEzuYq24VEJ-3.js
rules.quantcount.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-mEzuYq24VEJ-3.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:b800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8838c15a093042dda8446ae18d93db16218d1c8810dae5cfa21e0e889dc0ec68

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getseniorbenefits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 22:08:21 GMT
content-encoding
gzip
age
1914
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Wed, 03 Nov 2021 22:03:49 GMT
server
AmazonS3
etag
W/"ebff52074a206856b4f1993710373d93"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
1pRJVd3BMqsbcZJrHYyp-xgYczBx0Rzth461YW4Kcytlm6KKEygUAA==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		81 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
6b4f8e0237a7bb7453744e9bab1eebfe7f70c88c6243735aff0adf3e275419ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getseniorbenefits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 22:40:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27380
x-xss-protection
0
server
sffe
etag
"1134 / 407 of 1000 / last-modified: 1645013142"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 16 Feb 2022 22:40:14 GMT
usersync
usync.proper.io/v1/
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D65866db9-5972-4ea9-bc3d-4a2ee32bf35d%26uid%3D%24%7BBSW_UUID%7D?&callback=window....
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D65866db9-5972-4ea9-bc3d-4a2ee32bf35d%26uid%3D%24%7BBSW_UUID%7D?&callback=w...
  • https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=65866db9-5972-4ea9-bc3d-4a2ee32bf35d&uid=95d7b28c-19d3-4a45-9e65-5df6753161dc
183 B
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=65866db9-5972-4ea9-bc3d-4a2ee32bf35d&uid=95d7b28c-19d3-4a45-9e65-5df6753161dc
Requested by
Host: getseniorbenefits.net
URL: https://getseniorbenefits.net/unsubscribe.php
Protocol
H2
Server
35.164.52.163 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-164-52-163.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
a0f82bac5c8e6ca46126ba93adef49930b142a0dbd9659f1a528807f08230804

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getseniorbenefits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 16 Feb 2022 22:40:15 GMT
server
nginx/1.18.0
content-length
183
content-type
text/javascript

Redirect headers

Location
https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=65866db9-5972-4ea9-bc3d-4a2ee32bf35d&uid=95d7b28c-19d3-4a45-9e65-5df6753161dc
Date
Wed, 16 Feb 2022 22:40:14 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
445.json
id5-sync.com/g/v2/ 		212 B
538 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/445.json
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.195.5.38 , France, ASN16276 (OVH, FR),
Reverse DNS
p16.id5-sync.com
Software
/
Resource Hash
42e0516014e5840f5ad935ae1fe0d6c0dd41c7dc58db2c477e6be8a82aa64d24
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://getseniorbenefits.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://getseniorbenefits.net
Date
Wed, 16 Feb 2022 22:40:14 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ 		0
0
bidding
bids.proper.io/api/ 		0
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bids.proper.io/api/bidding
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.225.168.153 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-225-168-153.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://getseniorbenefits.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 16 Feb 2022 22:40:15 GMT
Connection
keep-alive
Content-Length
0
Content-Type
application/octet-stream
pixel;r=1629807913;rf=0;a=p-mEzuYq24VEJ-3;url=https%3A%2F%2Fgetseniorbenefits.net%2Funsubscribe.php;uht=2;fpan=1;fpa=P0-2016855138-1645051214729;pbc=;ns=0;ce=1;qjs=1;qv=b4915a16-20220201183321;cm=;...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1629807913;rf=0;a=p-mEzuYq24VEJ-3;url=https%3A%2F%2Fgetseniorbenefits.net%2Funsubscribe.php;uht=2;fpan=1;fpa=P0-2016855138-1645051214729;pbc=;ns=0;ce=1;qjs=1;qv=b4915a16-20220201183321;cm=;gdpr=0;ref=;d=getseniorbenefits.net;je=0;sr=1600x1200x24;dst=0;et=1645051214729;tzo=0;ogl=
Requested by
Host: getseniorbenefits.net
URL: https://getseniorbenefits.net/unsubscribe.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:d7a4:3372:2f4a:f3b0 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getseniorbenefits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 22:40:15 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
cdb
bidder.criteo.com/ 		0
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.5.0&cb=72660666295&im=1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://getseniorbenefits.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 16 Feb 2022 22:40:14 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://getseniorbenefits.net
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		199 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.151 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
fc19ddfcc6a2da257aea115c378263f6fb6289250b38cf6c2cf0a19bcc6e6c80
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://getseniorbenefits.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 22:40:14 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://getseniorbenefits.net
access-control-max-age
3600
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
75
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
199
expires
0
prebid
prebid.media.net/rtb/ 		1 KB
923 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUW4K2MG
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
5399b52b60d52b0f62889b914eebc8bb16014ecea2bbaa9621d79af3b10d2adf

Request headers

Referer
https://getseniorbenefits.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 22:40:14 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://getseniorbenefits.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
prebid
ib.adnxs.com/ut/v3/ 		141 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
df65cbc1ecbb17e304b97df521c3be058ef508d1e6b116b40345066a4e32b966
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://getseniorbenefits.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 22:40:14 GMT
X-Proxy-Origin
217.114.215.131; 217.114.215.131; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
1dda9e82-97e4-4939-a5ef-547ce63c6808
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://getseniorbenefits.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
141
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ 		45 B
718 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.5.0
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
c843f95b56ee8710994e09e6a78938e7fc5285baf0d6c7735140700209f0518c

Request headers

Referer
https://getseniorbenefits.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 16 Feb 2022 22:40:14 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://getseniorbenefits.net
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
65
arj
propermedia-d.openx.net/w/1.0/ 		73 B
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://propermedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fgetseniorbenefits.net%2Funsubscribe.php&ch=UTF-8&res=1600x1200x24&ifr=true&tws=1600x1200&aus=728x90&auid=556398053&aumfs=100&dddid=e090ffad-a3b1-4e82-995b-ff86c2324dd3&divIds=openx-6819ba22-4eef-4813-920b-ab1ae8535583&be=1&bc=hb_pb_3.0.1&nocache=1645051214770&schain=1.0%2C1!proper.io%2C31f5d1f5-4267-11ec-91ed-06ef03bc0096%2C1&_pubcid=65866db9-5972-4ea9-bc3d-4a2ee32bf35d
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
149a0c1ea1941e74c4de2c9fc4d391ce42f426517b56978caab33d2c7007b7dd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getseniorbenefits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 22:40:14 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://getseniorbenefits.net
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
hb
ssc.33across.com/api/v1/ 		87 B
354 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
aab7027ca028c483343c25896378fbaf70d42d72c444e65cc248e4375ccdc0f1

Request headers

Referer
https://getseniorbenefits.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 16 Feb 2022 22:40:14 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://getseniorbenefits.net
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
pubads_impl_2022021501.js
securepubads.g.doubleclick.net/gpt/ 		360 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021501.js?31064925
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
a442b080c731f6b7d20e4935475c6de21cd18a8826fc4348a1ae306a502e66a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getseniorbenefits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 19:03:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13004
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123417
x-xss-protection
0
last-modified
Tue, 15 Feb 2022 09:34:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 16 Feb 2023 19:03:30 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		82 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=getseniorbenefits.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
d1a7bd2626db868d8819e4945af992d7d56b1e04c2eb36e6085bd11d736bedab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getseniorbenefits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Feb 2022 22:40:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
76
x-xss-protection
0
expires
Wed, 16 Feb 2022 22:40:14 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=getseniorbenefits.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021501.js?31064925
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getseniorbenefits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Feb 2022 22:40:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=getseniorbenefits.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021501.js?31064925
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getseniorbenefits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Feb 2022 22:40:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		19 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2887999193609097&correlator=4039613010244421&eid=31061815%2C31064925%2C31060888&output=ldjh&gdfp_req=1&vrg=2022021501&ptt=17&impl=fifs&tfcd=0&sc=1&sfv=1-0-38&ecs=20220216&iu_parts=5376056%3A22536698973%2Cgetseniorbenefits_sticky_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C728x90&ppid=65866db9-5972-4ea9-bc3d-4a2ee32bf35d&prev_scp=proper_slot%3D4%26proper_sticky%3Dtrue%26proper_floor_728x90%3D1.00%26proper_floor_sticky_horizontal%3D1.00%26proper_floor%3D0.10%26refresh_count%3D0&eri=1&cust_params=post_id%3Dunknown%26member%3Dno%26split_version%3D11255%26proper_site%3Dgetseniorbenefits%26proper_page%3D1%26s_depth%3D1%26tags%3D%257C%257C%257C%257C%257C%257C%257C%257C80_desktop%252C%257C%257C%257C%257C%257C%257C%257C%257C80&cookie_enabled=1&bc=31&abxe=1&dt=1645051215089&lmt=1645051215&dlt=1645051213087&idt=1779&frm=20&biw=1600&bih=1200&oid=2&adxs=-12245933&adys=-12245933&adks=1052940106&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fgetseniorbenefits.net%2Funsubscribe.php&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=250189720.1645051214&ga_sid=1645051215&ga_hid=1018542337&ga_fc=true&fws=640&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021501.js?31064925
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
b7e30f6a84b871cea318465e479119832d640d43c4cc198cb2dc5b578a5e3833
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getseniorbenefits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 22:40:15 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8703
x-xss-protection
0
google-lineitem-id
5836876057
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138371629548
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://getseniorbenefits.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
499751f000755e79842644b73159cbde.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 79FC 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://499751f000755e79842644b73159cbde.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021501.js?31064925
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://getseniorbenefits.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Wed, 16 Feb 2022 22:40:15 GMT
expires
Thu, 16 Feb 2023 22:40:15 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame 26B4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssYPyKZtEJ6iRKFoc20BBNiEZ_3T7KwAcQmEJTP8982R6miaGKVW0Te5t3Gijy-2L5geJQFaRYKNBJ8X8McbPsm7RNccrL1mEjJastITq1b_R7GEqhir8It2OwaOWlOXYroDKvD8gsKdhPyLsKaZtgM5xy-Ia3dU5GesFWbp4meqYGEK1u1rZAGlT7iLDZ-lqRLjn4m74uZFbl3VqUBSR1gzJG5m2Q_zbbM1Bv-RNryEq0pZ_dtUJlgm9bxMue5zyfG6H-oi3M2c70gm_rsMYxVZxb3hMfOuh3Krl2M6xZYaLbEe-DVj6HqG11ECNj__iCzMhATf7BIaCnCsg&sai=AMfl-YReVqWdjzyej0CJ8_YEnK0e-rczPveCZuRUo9z5RVV5WigTslcKYbDIoSVidvBnrLrHrIVVeapz35H8pN9tkN6pae3jLQUT28J4Jor0XihX7pIz7IVHxSJJfFPz8ez8&sig=Cg0ArKJSzPjtOlwDNdWJEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: getseniorbenefits.net
URL: https://getseniorbenefits.net/unsubscribe.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getseniorbenefits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Feb 2022 22:40:15 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 16 Feb 2022 22:40:15 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 26B4 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021501.js?31064925
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getseniorbenefits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 22:40:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38723
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1645015031201889"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 16 Feb 2022 22:40:16 GMT
bidding
bids.proper.io/api/ 		0
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bids.proper.io/api/bidding
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.225.168.153 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-225-168-153.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://getseniorbenefits.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 16 Feb 2022 22:40:15 GMT
Connection
keep-alive
Content-Length
0
Content-Type
application/octet-stream
view
securepubads.g.doubleclick.net/pcs/ Frame 26B4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst-gKvJePOzN9AaVNGKAR6HtoiGhbvtkP8TI9bGM_tTvJIZ5R1vLC5-fu6rzeClZ8xeRtX_htzLUrNeax28ChXIrOjPqgAz7dc0_6t-7Vo2tFaf2SZ5F6yTR8U2rqP4LyS7J6E7cOvg2vSxKGO3bqRPuvj4XNVX_Pk2nF_JCSWR1HCtiJlgbdOqsSclHeRF1mwb13sb3JCeuN8Mba3C4W8Q9s7b1qqQP4uD1grYzu-6lG-GTbH0MBv_yzCoTpGl02qljkDA1jycW5TYbLLcT6a0VrTl1Selp1DbJ2YGn_ftJwWQqt5sQ-TZL-XuYSdT-yUKKA4MkBfoxbRuHjI8&sai=AMfl-YRa02cHZloXGUY7MpTrTNTwewf77PRkh6zHwiWCmgw-iYKSM5FIs8LImt5pihgIhBMIo-dEeJl2yJdLohDpe9MDoHI9x7W6Mvx8fI4ETEHSz84tO5GPtd_CRq2KvRAo&sig=Cg0ArKJSzIpIT7Rugl6sEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getseniorbenefits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Feb 2022 22:40:16 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 16 Feb 2022 22:40:16 GMT
hub
api.pushnami.com/scripts/v1/ Frame A1A1 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://api.pushnami.com/scripts/v1/hub
Requested by
Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/5f5bf03e705e760013ae6eb6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-63.fra60.r.cloudfront.net
Software
/
Resource Hash
2843128d287da3614565182de89a84deb0e43fd049be6a4ed4d3a682bdd186c4
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' *
X-Content-Security-Policy default-src 'unsafe-inline' *

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://getseniorbenefits.net/

Response headers

content-type
text/html; charset=utf-8
date
Wed, 16 Feb 2022 22:15:47 GMT
access-control-allow-origin
*
access-control-allow-methods
GET,PUT,POST,DELETE
access-control-allow-headers
X-Requested-With
content-security-policy
default-src 'unsafe-inline' *
x-content-security-policy
default-src 'unsafe-inline' *
x-webkit-csp
default-src 'unsafe-inline' *
cache-control
no-cache
content-encoding
gzip
vary
accept-encoding
x-cache
Hit from cloudfront
via
1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
85G3NtJHJF4MBY6rj5QFotRS-qbBtlzyRpWsoXWOIX4OCbFBlmuEBA==
age
1469
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
37945865e1380a462fc3a04954f29f25022f20bc5954ce31313e27a020571d72

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c72659bec2957fe7d11d64fd336a9a0afdcc65e7e7d6c2fab8bd0cf0f8176fd8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/getconfig/ 		12 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022021501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021501.js?31064925
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2b15c1e09a867200d82b2da93148a6584e23167b0eecb6841fa1e4f0ffcf4a36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getseniorbenefits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Feb 2022 22:40:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9604
x-xss-protection
0
psp
psp.pushnami.com/api/ 		2 B
226 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://psp.pushnami.com/api/psp
Requested by
Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/5f5bf03e705e760013ae6eb6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.0.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-0-73.compute-1.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept
application/json, text/plain, */*
Referer
https://getseniorbenefits.net/
key
5f5bf03e705e760013ae6eb6
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://getseniorbenefits.net
date
Wed, 16 Feb 2022 22:40:16 GMT
cache-control
no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
accept-encoding
content-type
text/html; charset=utf-8
psp
psp.pushnami.com/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://psp.pushnami.com/api/psp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.0.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-0-73.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
key
Origin
https://getseniorbenefits.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 16 Feb 2022 22:40:16 GMT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://getseniorbenefits.net
access-control-allow-credentials
true
access-control-expose-headers
content-type, content-length, etag
access-control-max-age
600
access-control-allow-headers
key
access-control-allow-methods
POST
cache-control
no-cache
vary
accept-encoding
content-encoding
gzip
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021501.js?31064925
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getseniorbenefits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 22:40:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 16 Feb 2022 22:40:19 GMT
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 306A 		995 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://getseniorbenefits.net/

Response headers

Connection
keep-alive
Content-Length
506
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
W/"573e714d-3e3"
Expires
Thu, 06 May 2021 05:24:22 GMT
Cache-Control
max-age=31536000
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Wed, 16 Feb 2022 22:40:18 GMT
Age
24772552
X-Served-By
cache-lga21980-LGA, cache-hhn4069-HHN
X-Cache
HIT, HIT
X-Cache-Hits
194520, 183881
X-Timer
S1645051218.438266,VS0,VE0
Vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 72FC 		0
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://getseniorbenefits.net/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.1.0
date
Wed, 16 Feb 2022 22:40:18 GMT
content-type
text/html
content-length
20
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
v2
de.tynt.com/deb/ Frame 04A5 		75 B
289 B 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?m=xch&rt=html&id=bqN4XOtgmr7kDFrkHcnlxd&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip32.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://getseniorbenefits.net/

Response headers

cache-control
max-age=86400
expires
Thu, 17 Feb 2022 22:40:18 GMT
referrer-policy
unsafe-url
content-type
text/html
content-length
75
date
Wed, 16 Feb 2022 22:40:17 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
async_usersync
secure.adnxs.com/ Frame 306A 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/async_usersync?cbfn=AN_async_load
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Feb 2022 22:40:18 GMT
X-Proxy-Origin
217.114.215.131; 217.114.215.131; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
c87dd2ce-0add-47ed-9314-4cfdd1220ff4
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A65D 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://getseniorbenefits.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 16 Feb 2022 22:38:45 GMT
expires
Thu, 16 Feb 2023 22:38:45 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
94
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame DC1D 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 -, , ASN (),
Reverse DNS
Software
GSE /
Resource Hash
cf55520b443518380ae33c52a5f2259474c8688c60f6fc1977d419afb0d85cb8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-QBTgeNxcbTReCPNbFQo2xg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://getseniorbenefits.net/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Wed, 16 Feb 2022 22:40:19 GMT
date
Wed, 16 Feb 2022 22:40:19 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-QBTgeNxcbTReCPNbFQo2xg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
511
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
amNa6lhdd-Oid2bHU1unpRJ57vx5QG5_ysqcoHUTmoo.js
pagead2.googlesyndication.com/bg/ Frame A65D 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/amNa6lhdd-Oid2bHU1unpRJ57vx5QG5_ysqcoHUTmoo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a635aea585d77e3a27766c7535ba7a51279eefc79406e7fcaca9ca075139a8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 01:49:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
161444
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13572
x-xss-protection
0
last-modified
Mon, 14 Feb 2022 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Feb 2023 01:49:35 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame DC1D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022021501&jk=2887999193609097&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame A65D 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?UvNaUg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 22:40:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022021501&jk=2887999193609097&bg=!_f6l_rrNAAbf-5Dq3_s7ACkAdvg8Wi5nTI-SfMgaDTiBDJuEDB5JjnfHWHpJLZNOLi_y2CN5VfETtAIAAABNUgAAAAJoAQcKANwSQRJjFNkelKh0xmzuTYb5NW0Ss2ej3_gImPSiZedxrqzLu3KRSByKarmcYdudPr90b6ttLTBd_NZZHC5Fo0m32fZAKDe0jSTMYXGRTIdagTAYlsTzDnrpjlVqp02k2xiqMHoDDNsl7tH2a3_fsTrPWIh5uIN0DLkv4nQF2k9Tdnjjg_71Rzd9F2_Z40OyZh2353jkH8d_ybI9h6mxB_Fg0FL61Hilf5tTZhrEQlyhUbt4YLPvsvGg507SbWdOHCpO-4ICavPftPJ26PyYBhCg5zoV4PhOPfe3-2WHmQK5w3F2bLLvYubo2hiVz10a_iBcgVujdGd6I-MkM3fl4hGcE6LI5mwS6I3dTUUMmx_DmisGPv8wDkaAVWQWkgIzZXBUaM7RLFWDEgDPVytuckvBoCyzFnNO9RUtkEka7Ne6_hcigggwpX7ZE88NJXKG8QFmJzauX4-i-SEonlNUxl0KN2eMUIoGv0ep7R1_eNVNlfMgyLXktVe-HIZ_0b6bbN9sYIE5nrhNp5RKEpp4o-A_-U-NUNH1EcUihZ8jyIenzf97wnC-EVDaX10cdxN5zUKtmNjisPZVAFsDcL4eGBNpQke-bGNYpp7P8SC8OSs8VW0FxDaexBHLsy-qSSc1KHxGjkG1DieNxTP46jiENi9vJAvjk9p6rdmBMDCvOYmXhfmQIJt1wvfHMc29fVcRK72wFPil0yqLWbK9BY2e6eakQakCGWo6Vd9sgZzOLW755D_YLGJpUrpQZ9g2jDpCRFJgjhWT7qGG_l7CwbFJ5DCSdwhgQMvdYwWL7nbrioFzCBuW5n2Nxbacu2KTMB5cmF3SkaT6T5h7xYjZOgl3JVX-5BnxbatClWH4MgVbxCymXFuh3hxAvR7glpjoHflkRKZ4mGeBg1OHdpZImmq_SF6TNSLqBFNttslHV73O-j7TkC8UALLLmv1UEZ9TjURyEKZOCE4MWovH7fi3QTg6gJshy6FNqi1krsTW7uSZpdwdp_-32CF3xuOy14SsNDOJST3HUrzbJnSgHVyiFFFZOTcpiXyBy0u-1rTXD6D0WMovpKMN3b-dXuOpsk6dvcRCev11RkHSvI5WiMZ2b7mGvFjkFQrWsvPRe3oQ8-9UhY3pFYDJ8zzkKjftUVHXyzirT9n7g5eu9yF_TBflEogfxFhUrsbCE1-ZQdVo8M-n6XkmUa2cf9JoerHINOuSvucIkFZBdyk-XuOJPg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getseniorbenefits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 22:40:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=72

Verdicts & Comments Add Verdict or Comment

96 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 function| structuredClone function| $ function| jQuery function| Popper object| bootstrap object| Tipped function| getUrlVars function| openOffer function| gtag object| dataLayer object| properSpecialOps object| propertag object| google_tag_manager object| google_tag_data object| gaGlobal function| onYouTubeIframeAPIReady object| DISQUSWIDGETS undefined| disqus_domain undefined| disqus_shortname object| pushWrap function| showFbChkOptIn object| mailnamiPromptModule boolean| isOSXSafari undefined| safariScript undefined| o object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| bowser object| mailnami object| Pushnami boolean| payload_loaded object| _0x1ac4 function| _0x2ad4 function| _0x32639f object| ProperMedia object| googletag object| _qevents function| proper_log function| proper_debug_console function| proper_debug_overlay function| proper_display function| proper_render function| disableSlotRefresh function| logMatchingResponse function| properSpaNewPage function| properInfNewPage function| properBuildSlots function| properDeleteSlot function| properDestroyDfpSlot function| proper_remnant function| runATS function| publisherAudiencesOptOut function| refreshAuctionAndSlotsByName object| TraceKit function| UAParser string| PBJS_USER_ID_OPTOUT_NAME object| device object| ADAGIO string| SYNC_ENDPOINT string| NON_MEASURABLE number| accountId function| quantserve function| __qc object| ezt object| _qoptions function| qtrack string| proper_ad_page_uuid function| proper_51016b14_3bd472fc_1 number| proper_rps string| proper_ad_session_uuid object| sas object| apntag object| _ADAGIO string| x object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing object| response object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id function| CrossStorageClient object| pushnamiStorage function| uuid object| GoogleGcLKhOms object| ebData

19 Cookies

Domain/Path Name / Value
getseniorbenefits.net/ Name: PHPSESSID
Value: 60ae0e0ae9c320317dcb9669d7742848
.getseniorbenefits.net/ Name: _ga
Value: GA1.1.250189720.1645051214
.proper.io/ Name: __cf_bm
Value: wVtVpTH.mPAyaznruAvJ_CvZTaACiVdr6VMBxzDl2Zg-1645051214-0-Ac5VkI5E0Xwv0mxbUXUojH1sTFwX0t1/9m970r+LSp6yWGondebbDq6fMwOcoFG2fovPjvDuR/ber3TV9Bg9KWBggmFlaBP8Lxat4XbhU9IL
getseniorbenefits.net/ Name: sharedid
Value: 65866db9-5972-4ea9-bc3d-4a2ee32bf35d
getseniorbenefits.net/ Name: sharedid_last
Value: Wed%2C%2016%20Feb%202022%2022%3A40%3A14%20GMT
getseniorbenefits.net/ Name: _lr_retry_request
Value: true
getseniorbenefits.net/ Name: _lr_env_src_ats
Value: false
.bidswitch.net/ Name: tuuid
Value: 95d7b28c-19d3-4a45-9e65-5df6753161dc
.bidswitch.net/ Name: c
Value: 1645051214
.bidswitch.net/ Name: tuuid_lu
Value: 1645051214
.adnxs.com/ Name: icu
Value: ChgImtt8EAoYASABKAEwzvq1kAY4AUABSAEQzvq1kAYYAA..
.adnxs.com/ Name: uuid2
Value: 8499377298521382255
.getseniorbenefits.net/ Name: properSessionData
Value: eyJ1dWlkIjoiZjMzMmE1NDgtM2Y2MS00YTNhLWJjMDQtNDlmMmIwNmYzMmUwIiwiZGVwdGgiOjEsInJlZmVycmVyIjoiIiwiZ2NsaWQiOiIiLCJmYmNsaWQiOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV90ZXJtIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJ1dG1fdGVtcGxhdGUiOiIiLCJ1dG1fcmVmZXJyZXIiOiIiLCJ1dG1fYWRzZXQiOiIiLCJ1dG1fc3ViaWQiOiIiLCJyZXZlbnVlIjowLCJiaWRfYXZnIjp7fSwibm9fYmlkX2NudCI6eyJvcGVueCI6MSwic292cm4iOjEsImNyaXRlbyI6MSwiYXBwbmV4dXMiOjEsIm1lZGlhbmV0IjoxLCJhZHlvdWxpa2UiOjEsInNoYXJldGhyb3VnaCI6MSwidGhpcnR5dGhyZWVhY3Jvc3MiOjF9LCJsYXN0X3RocmVzaG9sZCI6MH0=
.quantserve.com/ Name: mc
Value: 620d7d4f-08a54-700f6-b9121
.getseniorbenefits.net/ Name: __qca
Value: P0-2016855138-1645051214729
.getseniorbenefits.net/ Name: __gads
Value: ID=983df362e586ae07-221f853e45cd00c6:T=1645051215:S=ALNI_MYKxbGeHo9CBhHbwQQd3rPn1egZFA
.proper.io/ Name: mediagrid
Value: 95d7b28c-19d3-4a45-9e65-5df6753161dc
.doubleclick.net/ Name: IDE
Value: AHWqTUm6saFRXWIHKbRr0wJrptgv_maUSmcN0OHN4932oDphGklWk8noUQcooSDxFAg
.getseniorbenefits.net/ Name: _ga_92W45KXXG9
Value: GS1.1.1645051213.1.0.1645051216.0

3 Console Messages

Source Level URL
Text
network error
Message:
The script has an unsupported MIME type ('text/html').
javascript error URL: https://getseniorbenefits.net/unsubscribe.php
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=72' from origin 'https://getseniorbenefits.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=72
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

499751f000755e79842644b73159cbde.safeframe.googlesyndication.com
abcheck.proper.io
acdn.adnxs.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
ap.lijit.com
api.pushnami.com
api.rlcdn.com
benefitsdepot-net.disqus.com
bidder.criteo.com
bids.proper.io
cdn.pushnami.com
cdnjs.cloudflare.com
de.tynt.com
fonts.googleapis.com
fonts.gstatic.com
freeshippi.com
getseniorbenefits.net
global.proper.io
hb-api.omnitagjs.com
ib.adnxs.com
id5-sync.com
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
pixel.quantserve.com
prebid.media.net
propermedia-d.openx.net
psp.pushnami.com
rules.quantcount.com
script.4dex.io
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
ssc.33across.com
tinyurl.com
tpc.googlesyndication.com
trc.pushnami.com
u.openx.net
use.fontawesome.com
usync.proper.io
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
api.rlcdn.com
13.32.99.63
142.250.184.226
151.101.129.108
178.250.0.165
18.66.122.74
185.255.84.151
199.232.192.134
209.212.148.5
216.52.2.19
23.251.116.202
2600:9000:223c:b800:6:44e3:f8c0:93a1
2606:4700:10::6814:8b41
2606:4700:20::681a:9a9
2606:4700::6810:135e
2606:4700::6811:4e22
2606:4700::6812:bcf
2620:116:800b:21:d7a4:3372:2f4a:f3b0
2620:116:800d:21:3175:5196:e3fd:8c1d
2a00:1450:4001:802::2002
2a00:1450:4001:808::2001
2a00:1450:4001:808::200e
2a00:1450:4001:810::2003
2a00:1450:4001:811::200a
2a00:1450:4001:827::200a
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:831::2002
2a00:1450:4001:831::2004
2a00:1450:4001:831::2008
2a06:98c1:3121::7
3.127.167.251
34.107.148.139
34.149.20.76
34.98.64.218
35.164.52.163
37.252.173.22
37.252.173.38
44.225.168.153
51.195.5.38
52.207.0.73
54.205.4.151
67.202.105.32
0771b9ce9ebe65eedab9637c85d0d9878e8fb06a171ba4c32b8260e24ac2b8bd
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
12be7a6326a2b3ebbbc2adcdd809f891d6573c90f0cafabb3eb88126c80ed3b0
149a0c1ea1941e74c4de2c9fc4d391ce42f426517b56978caab33d2c7007b7dd
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
2843128d287da3614565182de89a84deb0e43fd049be6a4ed4d3a682bdd186c4
2b15c1e09a867200d82b2da93148a6584e23167b0eecb6841fa1e4f0ffcf4a36
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
37945865e1380a462fc3a04954f29f25022f20bc5954ce31313e27a020571d72
42e0516014e5840f5ad935ae1fe0d6c0dd41c7dc58db2c477e6be8a82aa64d24
48d611c460406f0653185a1447f5bf797eec3afa7c080b74205f4a8ea2729f3c
5399b52b60d52b0f62889b914eebc8bb16014ecea2bbaa9621d79af3b10d2adf
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5750a5c2ad619382415993c256f43e230a8b06d031308a10a0a8725dc69b4c9f
5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
6a635aea585d77e3a27766c7535ba7a51279eefc79406e7fcaca9ca075139a8a
6b4f8e0237a7bb7453744e9bab1eebfe7f70c88c6243735aff0adf3e275419ac
7b0fc94d83150b73dc566b933bc5c823621e210de6d45621d1101207202d0a15
7f929891d0a97b16967fd33d0851ff7ca883982bd4370b0da15c11f37c7a70d2
81766c9c79f418d5e6e2977215c72bb7ecf76bc2cef645f97f7218c7277bf83f
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39
8838c15a093042dda8446ae18d93db16218d1c8810dae5cfa21e0e889dc0ec68
94c7fcd7c8b4cfe7aad8bd1c32e6546d8ba73c3d85ebf6485d9fcf3a2a1ec1c3
9b7df866734c580f74a9300a3e2c336380147078d4f808c2c24570c92b9709da
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0f82bac5c8e6ca46126ba93adef49930b142a0dbd9659f1a528807f08230804
a442b080c731f6b7d20e4935475c6de21cd18a8826fc4348a1ae306a502e66a1
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a924ffe48a38fc776ca825b858a913f742deffdf0341ca599eb6003a5087bb62
aa892a3e8ae2d858596e031c41aa9c5368d94d5da554a4dd4cf10ae942df4377
aab7027ca028c483343c25896378fbaf70d42d72c444e65cc248e4375ccdc0f1
afdc6bf2de981ffd7d370b76f44e7580572f197efbe214b9cfa4005d189d8eae
b236dccee1a0d5280842bdff52b4005e2b0c9ee5d74a15db3e939c53306576d3
b7e30f6a84b871cea318465e479119832d640d43c4cc198cb2dc5b578a5e3833
ba39eec3b0111155a52f5e86dd93375d39b69650116dbda5b7a382c4fbe800da
c72659bec2957fe7d11d64fd336a9a0afdcc65e7e7d6c2fab8bd0cf0f8176fd8
c843f95b56ee8710994e09e6a78938e7fc5285baf0d6c7735140700209f0518c
cc0c4f5c3d6acef428e5aa92fada14b3238a6f318b6a6fc9b0c5a4c1397611ae
cd01ea3cd56c3f77b2d294910bbe09a139ee76ffe85a9d00f7d512606987d865
cf55520b443518380ae33c52a5f2259474c8688c60f6fc1977d419afb0d85cb8
d1a7bd2626db868d8819e4945af992d7d56b1e04c2eb36e6085bd11d736bedab
d57dfb757bb2463a8203fb4b79cab322642b6e75cb8d34140256c04186d04f35
df65cbc1ecbb17e304b97df521c3be058ef508d1e6b116b40345066a4e32b966
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442
e3321d66acdf38eb3d7f9ce4915767f1d48fbba5e4e60fad9c1ae192aedda8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
f403a4df9b8dc9dfe07d8a4551afbacc0e14443f399e50d335644b356d16b997
fc19ddfcc6a2da257aea115c378263f6fb6289250b38cf6c2cf0a19bcc6e6c80